CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

118 matches found

OSV•added 2026/05/26 1:0 a.m.•7 views

MAL-2026-4545 Malicious code in cwao-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 821b56cf14d7125df010804baf204325703e58d8f238fc0f219bf82652d99f31 package.json declares "preinstall": "./scripts/postbuild", and scripts/postbuild is a 976,568-byte stripped Linux x86 ELF sha256 36abd242…. The packa...

6.3AI score

Exploits0References1

Positive Technologies•added 2026/05/01 12:0 a.m.•2 views

PT-2026-36528

Name of the Vulnerable Software and Affected Versions dtrace affected versions not specified Description An unprivileged attacker can cause the dtrace process to crash by using a malicious ELF binary. This occurs due to an integer Divide-by-Zero error within the Pbuild file symtab function...

3.3CVSS5.8AI score0.00018EPSS

Exploits0References6

CNNVD•added 2026/05/01 12:0 a.m.•3 views

Oracle Linux 数字错误漏洞

Oracle Linux is an open and complete operating environment from Oracle Corporation USA that provides virtualization, management and cloud-native computing tools, and operating systems. Oracle Linux suffers from a numeric error vulnerability that stems from integer division by zero in...

5.5CVSS5.8AI score0.00018EPSS

Exploits0References1

EUVD•added 2026/04/04 3:30 p.m.•2 views

EUVD-2016-10871

sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can insert a malicious executable in the unquoted path and trigger service restart or system reboot to...

8.5CVSS6.1AI score0.00016EPSS

Exploits0References5

Microsoft Secure•added 2026/03/25 12:3 a.m.•4 views

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

In this article 1. Analyzing the Trivy supply chain compromise 2. Detection and investigation 3. Mitigation and protection guidance 4. Advanced hunting queries 5. References 6. Learn more On March 19, 2026, Trivy, Aqua Security’s widely used open-source vulnerability scanner, was reported to have...

6.2AI score

Exploits0

CVE•added 2026/03/19 10:6 p.m.•4 views

CVE-2026-32009

OpenClaw prior to 2026.2.24 contains a policy bypass in the safeBins allowlist evaluation that trusts static default directories, including writable paths like /opt/homebrew/bin and /usr/local/bin. An attacker with write access to these trusted directories can place a malicious binary with the sa...

7.8CVSS6.1AI score0.00016EPSS

Exploits0References3Affected Software1

Snyk•added 2026/03/03 9:34 p.m.•4 views

Unsafe Dependency Resolution

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the safeBins process. An attacker can execute arbitrary commands in the application runtime context by placing a malicious binary with the same name as a...

8.5CVSS6AI score0.00016EPSS

Exploits0References3

Snyk•added 2026/02/11 8:56 p.m.•1 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the command execution functionality. An attacker can execute a malicious binary through the application, which will run with the privileges of the service owner. Remediation There is no fixed version for...

9.8CVSS5.9AI score0.00021EPSS

Exploits1References2

RedhatCVE•added 2026/02/11 1:33 a.m.•2 views

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

7.8CVSS6.3AI score0.00021EPSS

Exploits1References1

NVD•added 2026/02/09 10:16 p.m.•3 views

CVE-2026-25880

7.8CVSS0.00021EPSS

Exploits1References1

ATTACKERKB•added 2026/02/09 9:10 p.m.•3 views

CVE-2026-25880

7.8CVSS6.3AI score0.00021EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2026/02/09 12:0 a.m.•1 views

PT-2026-7164

Name of the Vulnerable Software and Affected Versions SumatraPDF versions prior to 3.5.3 Description SumatraPDF, a multi-format reader for Windows, allows execution of a malicious binary, specifically explorer.exe, located in the same directory as an opened PDF file. This occurs when a user click...

7.8CVSS6.2AI score0.00021EPSS

Exploits1References6

Positive Technologies•added 2026/01/21 12:0 a.m.•2 views

PT-2026-3805

Rockstar Games Launcher 1.0.37.349 contains a privilege escalation vulnerability that allows authenticated users to modify the service executable with weak permissions. Attackers can replace the RockstarService.exe with a malicious binary to create a new administrator user and gain elevated syste...

8.8CVSS5.5AI score0.00041EPSS

Exploits0References4