CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14829 matches found

NVD•added 2026/05/13 7:17 p.m.•6 views

CVE-2026-41132

CKAN is an open-source DMS data management system for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, the configured SMTP server may be spoofed with any certificate e.g. self-signed, leaving credentials and all emails sent open to MITM attacks. This vulnerability is fixed in...

8.7CVSS0.00009EPSS

Exploits0References1

CVE•added 2026/05/13 6:53 p.m.•12 views

CVE-2026-41132

CVE-2026-41132 affects CKAN prior to versions 2.10.10 and 2.11.5, where the SMTP connection lacks certificate validation. This allows a MITM attacker to spoof the SMTP server and potentially access credentials and email contents. The issue is mitigated by upgrading CKAN to 2.10.10 or 2.11.5 (or n...

8.7CVSS5.8AI score0.00009EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/13 6:53 p.m.•3 views

CVE-2026-41132

8.7CVSS5.8AI score0.00009EPSS

Exploits0References2Affected Software1

EUVD•added 2026/05/13 6:30 p.m.•8 views

EUVD-2026-29911

Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud SaaS version. If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd wi...

9.8CVSS6.2AI score0.00179EPSS

Exploits0References3

OSV•added 2026/05/13 4:48 p.m.•4 views

CLSA-2026-1778690918 exim: Fix of CVE-2026-40686

CVE-2026-40686: out-of-bounds read in the GETUTF8INC macro in src/expand.c when processing malformed UTF-8 in expansion operators with utf8 enabled, potentially disclosing heap data via SMTP rejection messages...

5.3CVSS6AI score0.00108EPSS

Exploits0References1

NVD•added 2026/05/13 1:1 p.m.•5 views

CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

5.9CVSS0.00014EPSS

Exploits1References4

Debian CVE•added 2026/05/13 8:27 a.m.•2 views

CVE-2026-4873

5.9CVSS5.8AI score0.00014EPSS

Exploits1

CVE•added 2026/05/13 8:27 a.m.•16 views

CVE-2026-4873

CVE-2026-4873 is a TLS-reuse issue observed in curl-related advisories. The vulnerability arises when a TLS-requiring connection reuses an existing unencrypted connection from the same pool: if the initial transfer is unencrypted (e.g., via IMAP, SMTP, or POP3), a subsequent request to the same h...

5.9CVSS5.8AI score0.00014EPSS

Exploits1References4Affected Software1

AlpineLinux•added 2026/05/13 8:27 a.m.•3 views

CVE-2026-4873

5.9CVSS5.8AI score0.00014EPSS

Exploits1References4

Cvelist•added 2026/05/13 8:27 a.m.•33 views

CVE-2026-4873 connection reuse ignores TLS requirement

0.00014EPSS

Exploits1References3

NVD•added 2026/05/13 6:16 a.m.•7 views

CVE-2026-32661

9.8CVSS0.00179EPSS

Exploits0References2

ATTACKERKB•added 2026/05/13 5:15 a.m.•5 views

CVE-2026-32661

9.8CVSS7.7AI score0.00179EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/13 5:15 a.m.•31 views

CVE-2026-32661

9.8CVSS0.00179EPSS

Exploits0References2

CVE•added 2026/05/13 5:15 a.m.•12 views

CVE-2026-32661

The affected software is GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). The vulnerability is a stack-based buffer overflow in the product’s web service that may allow remote code execution when the product is configured to run pop3wallpasswd with the grdnwww user priv...

9.8CVSS7.7AI score0.00179EPSS

In wildExploits0References2

vulnersOsv•added 2026/05/13 1:36 a.m.•6 views

aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +169 more potentially affected by CVE-2026-44681 via authlib (>=1.0.0 <=1.6.11)

authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-44681 Source advisory:...

5.8AI score0.0004EPSS

Exploits1

Positive Technologies•added 2026/05/13 12:0 a.m.•10 views

PT-2026-40577

Name of the Vulnerable Software and Affected Versions GUARDIANWALL MailSuite affected versions not specified GUARDIANWALL Mail Security Cloud SaaS version affected versions not specified Description A stack-based buffer overflow allows a remote attacker to execute arbitrary code by sending a...

9.8CVSS7.9AI score0.00179EPSS

Exploits0References6

CNNVD•added 2026/05/13 12:0 a.m.•6 views

Canon GUARDIANWALL MailSuite和Canon GUARDIANWALL Mail Security Cloud 安全漏洞

Canon GUARDIANWALL MailSuite and Canon GUARDIANWALL Mail Security Cloud are products of Canon, a Japanese company. Canon GUARDIANWALL MailSuite is an enterprise-level email security and filtering system. Canon GUARDIANWALL Mail Security Cloud is an enterprise-level cloud-based email security...

9.8CVSS7.9AI score0.00179EPSS

Exploits0References1

Tenable Nessus•added 2026/05/13 12:0 a.m.•5 views

FreeBSD : zeek -- potential DoS vulnerability (e665f0a2-fe6d-44b0-ba9e-d383f055a8a3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e665f0a2-fe6d-44b0-ba9e-d383f055a8a3 advisory. Wojtulewicz of Corelight reports: A specially-crafted series of MIME headers sent via SMTP or HTTP coul...

5.9AI score

Exploits0References2