Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1224 matches found

RedhatCVE
RedhatCVEadded yesterday4 views

CVE-2026-37429

qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information PII via a crafted SQL...

6.5CVSS5.6AI score0.00041EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2026/05/29 1:17 a.m.7 views

SUSE CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

6.1CVSS5.8AI score0.00013EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/29 1:16 a.m.8 views

SUSE CVE-2026-46130

In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...

5.5CVSS5.8AI score0.00024EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/05/28 8:33 p.m.6 views

CVE-2026-46107

A flaw was found in the Linux kernel's Device Mapper dm-thin component. This vulnerability, a metadata reference count underflow, occurs in the rebalancechildren function. When an internal btree node with a single entry is shared, the system incorrectly tracks the usage of child nodes. This can...

7.8CVSS5.8AI score0.00013EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/05/28 8:13 p.m.7 views

CVE-2026-38808

SQL Injection vulnerability in uzy-ssm-mall v1.1.0 allows a remote attacker to obtain sensitive information via the ProductMapper.xml and /OrderUtil.java components...

5.3CVSS5.9AI score0.00056EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/28 7:50 p.m.7 views

CVE-2026-46130

A flaw was found in the Linux kernel's device-mapper verity forward error correction dm-verity-fec component. This vulnerability occurs because a function responsible for decoding parity data makes an incorrect assumption about how these data blocks are read. Under specific, non-default...

5.5CVSS5.8AI score0.00024EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/28 12:30 p.m.6 views

EUVD-2026-32866

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

5.8AI score0.00013EPSS
Exploits0References6
NVD
NVDadded 2026/05/28 10:16 a.m.6 views

CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

7.8CVSS0.00013EPSS
Exploits0References7
OSV
OSVadded 2026/05/28 10:16 a.m.4 views

UBUNTU-CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

7.8CVSS5.8AI score0.00013EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/28 9:35 a.m.6 views

CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

7.8CVSS5.7AI score0.00013EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.6 views

PT-2026-44230

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug exists in the rebalance children function within the dm-thin component. When an internal btree node contains a single entry, the system attempts to copy all btree entries from the...

9.8CVSS5.9AI score0.00254EPSS
Exploits12References283
RedhatCVE
RedhatCVEadded 2026/05/27 8:25 p.m.8 views

CVE-2026-46023

A flaw was found in the Linux kernel's device mapper dm mirror component. A local user could exploit an integer overflow vulnerability in the createdirtylog function by providing a specially crafted device mapper table string. This could lead to out-of-bounds reads, potentially causing system...

7CVSS5.8AI score0.00032EPSS
Exploits0References4
NVD
NVDadded 2026/05/27 2:17 p.m.9 views

CVE-2026-46023

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

0.00032EPSS
Exploits0References8
CVE
CVEadded 2026/05/27 12:56 p.m.9 views

CVE-2026-46023

The CVE describes a Linux kernel dm-mirror issue in create_dirty_log(): the arg count is computed as 2 + param_count before argc is validated, allowing an unsigned overflow when param_count approaches UINT_MAX. This can bypass the argc

5.8AI score0.00032EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2026/05/27 12:56 p.m.6 views

CVE-2026-46023

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

5.8AI score0.00032EPSS
Exploits0
EUVD
EUVDadded 2026/05/27 12:56 p.m.8 views

EUVD-2026-32404

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

5.8AI score0.00032EPSS
Exploits0References5
NVD
NVDadded 2026/05/27 4:16 a.m.10 views

CVE-2026-48962

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...

7.3CVSS0.00081EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/05/27 3:12 a.m.5 views

CVE-2026-48962

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...

6.2AI score0.00081EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/27 3:12 a.m.29 views

CVE-2026-48962 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...

0.00081EPSS
Exploits0References2
CVE
CVEadded 2026/05/27 12:0 a.m.11 views

CVE-2026-38808

CVE-2026-38808 is a SQL Injection vulnerability affecting uzy-ssm-mall v1.1.0. The issue is reachable via the ProductMapper.xml and OrderUtil.java components, enabling a remote attacker to obtain sensitive information. The CVSS 3.1 vector indicates network access, low attack complexity, no privil...

5.3CVSS5.9AI score0.00056EPSS
Exploits0References1
Rows per page
Query Builder