Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7494 matches found

OSV
OSVadded 2026/05/11 6:16 p.m.0 views

UBUNTU-CVE-2026-41256

jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by \x00 and arbitrary suffix compiles and executes as only the prefix before...

5.5CVSS5.9AI score0.00013EPSS
Exploits1References3
CVE
CVEadded 2026/05/11 5:18 p.m.12 views

CVE-2026-41256

The CVE affects jq up to version 1.8.1. Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by � and arbitrary suffix compiles and executes as only the prefix before the NUL, leading to a ...

5.5CVSS5.9AI score0.00013EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2026/05/11 5:16 p.m.8 views

CVE-2026-31253

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains an insecure deserialization vulnerability CWE-502 in its checkpoint loading mechanism. The loadcheckpoint function in checkpoint.py and the checkpoint loading code in eval.py use...

7.3CVSS0.00047EPSS
Exploits0References2
NVD
NVDadded 2026/05/11 5:16 p.m.11 views

CVE-2026-31251

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...

7.3CVSS0.00041EPSS
Exploits0References2
NVD
NVDadded 2026/05/11 5:16 p.m.6 views

CVE-2026-31250

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its averagemodel.py model averaging tool. The script loads PyTorch checkpoint files epoch.pt for model averaging using torch.load without enabling the...

7.3CVSS0.00047EPSS
Exploits0References2
NVD
NVDadded 2026/05/11 5:16 p.m.9 views

CVE-2026-31249

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its makeparquetlist.py data processing tool. The script loads PyTorch .pt files utterance embeddings, speaker embeddings, speech tokens using torch.load without...

7.3CVSS0.00047EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/05/11 2:16 p.m.4 views

SUSE CVE-2026-8261

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS5.9AI score0.00021EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/05/11 4:0 a.m.7 views

LibRaw: LibRaw: Memory Corruption via Malicious File Processing

A flaw was found in LibRaw. A remote attacker could exploit a heap-based buffer overflow vulnerability in the x3floadhuffman functionality by providing a specially crafted malicious file. This can lead to memory corruption, potentially allowing the attacker to execute arbitrary code or cause a...

9.8CVSS6.3AI score0.00078EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2026/05/11 4:0 a.m.5 views

LibRaw: LibRaw: Memory Corruption via Malicious File Processing

A flaw was found in LibRaw. A remote attacker could exploit a heap-based buffer overflow vulnerability in the x3floadhuffman functionality by providing a specially crafted malicious file. This can lead to memory corruption, potentially allowing the attacker to execute arbitrary code or cause a...

9.8CVSS6.3AI score0.00078EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2026/05/11 3:57 a.m.8 views

LibRaw: LibRaw: Memory Corruption via Malicious File Processing

A flaw was found in LibRaw. A remote attacker could exploit a heap-based buffer overflow vulnerability in the x3floadhuffman functionality by providing a specially crafted malicious file. This can lead to memory corruption, potentially allowing the attacker to execute arbitrary code or cause a...

9.8CVSS6.6AI score0.00078EPSS
Exploits1References5
EUVD
EUVDadded 2026/05/11 3:31 a.m.4 views

EUVD-2026-29017

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS5.9AI score0.00021EPSS
Exploits0References6
Snyk
Snykadded 2026/05/11 2:59 a.m.5 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the SQFunctionProto::Load function of the file squirrel/sqobject.cpp. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted input that triggers a heap-based buff...

6.1CVSS6.8AI score0.00021EPSS
Exploits0References2
NVD
NVDadded 2026/05/11 2:16 a.m.7 views

CVE-2026-8261

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS0.00021EPSS
Exploits0References5
CVE
CVEadded 2026/05/11 1:30 a.m.9 views

CVE-2026-8261

The CVE-2026-8261 entry concerns Squirrel up to version 3.2. The vulnerability resides in SQFunctionProto::Load within squirrel/sqobject.cpp, causing a heap-based buffer overflow. Attack is restricted to local execution. Public disclosure of the exploit is noted, and the project was informed via ...

5.9CVSS6.3AI score0.00021EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/11 1:30 a.m.4 views

CVE-2026-8261

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS6.3AI score0.00021EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2026/05/11 1:30 a.m.4 views

CVE-2026-8261

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS6.3AI score0.00021EPSS
Exploits0
Cvelist
Cvelistadded 2026/05/11 1:30 a.m.30 views

CVE-2026-8261 Squirrel sqobject.cpp Load heap-based overflow

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS0.00021EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/11 1:30 a.m.3 views

CVE-2026-8261 Squirrel sqobject.cpp Load heap-based overflow

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS6.3AI score0.00021EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/11 12:0 a.m.6 views

PT-2026-39636

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...

6.1AI score0.00041EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/11 12:0 a.m.9 views

PT-2026-39635

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its average model.py model averaging tool. The script loads PyTorch checkpoint files epoch .pt for model averaging using torch.load without enabling the weights...

6.1AI score0.00047EPSS
Exploits0References3
Rows per page
Query Builder