CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2 days ago•6 views

CVE-2026-49356

Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is...

3.2CVSS0.00013EPSS

CVE•added 2 days ago•18 views

CVE-2026-49356

CVE-2026-49356 affects @babel/core (Babel) prior to versions 8.0.0-rc.6 and 7.29.6. The issue allows an arbitrary file read via a sourceMappingURL comment in the input code, enabling reading of source maps from the system running Babel when the attacker controls the input source code and knows th...

3.2CVSS6AI score0.00013EPSS

Cvelist•added 2 days ago•28 views

CVE-2026-49356 Babel: Arbitrary File Read via sourceMappingURL Comment in @babel/core

3.2CVSS0.00013EPSS

CVE•added 3 days ago•11 views

CVE-2026-56242

Technical details beyond the provided description are not publicly available in the supplied documents. Monitor for updates for vulnerability specifics, affected versions, impact, and remediations.

8.7CVSS5.9AI score

EUVD•added 3 days ago•6 views

EUVD-2026-38167

Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...

8.7CVSS5.9AI score

7.8CVSS5.3AI score0.0012EPSS

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mshv: Fixed a use-after-free in the mshvmapusermemory error path. In the error path of mshvmapusermemory, calling vfree directly on the region causes the MMU notifier to remain registered. When the user space later unmaps the...

AstraLinux•added 5 days ago•1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden the getcpuforacpiid function to prevent errors when a missing CPU entry is used. During a review discussion of the changes to support vCPU hotplug, it was noted that a check was added to ensure the GICC Global...

5.5CVSS6.1AI score0.00243EPSS

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat the remaining value being equal to 0 as an error in findandmapuserpages. Currently, if findandmapuserpages receives a DMA transfer request from the user with a length field set to 0, or in a rare case, when the...

5.6AI score0.00162EPSS

AstraLinux•added 5 days ago•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Properly handles channel mapping lists. Currently, each channel is added as a list to the dai channel list. However, there is a risk of adding the same channel to multiple dai channel lists, which could lea...

5.5CVSS5.7AI score0.00236EPSS

5.5CVSS6.3AI score0.00221EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap and is not reassigned. The...

AstraLinux•added 5 days ago•8 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fixed an issue where the CMA heap fault handler made a mistake in calculating the boundary. Until the VMDONTEXPAND flag was added in commit 1c1914d6e8c6 “dma-buf: heaps: Don’t track CMA dma-buf pages under RssFile...

7.8CVSS6.9AI score0.00215EPSS

AstraLinux•added 5 days ago•1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: Fixed page mapping issues when vmareaallocpages uses high-order allocation modes with an order of 0 as the default. The vmappagesrangenoflush function assumes that the pages argument contains pages with the same page...

5.5CVSS6.1AI score0.0022EPSS

AstraLinux•added 5 days ago•1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: device-dax: The pgoff alignment in daxsetmapping should use ALIGNDOWN instead of ALIGN. Otherwise, vmf-address, which is not aligned with faultsize, will be aligned to the next alignment, which can lead to memory failures due ...

5.5CVSS6.7AI score0.00267EPSS

5.5CVSS6.7AI score0.00346EPSS

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel versions 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur during batch hypercalls, where multiple operations are performed in a single hypercall. The success or failure of each operation is reported to the backend driver, and the...

AstraLinux•added 5 days ago•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Correctly decodes TTLM with the default link map. The TID-to-link mapping TTLM elements do not contain any link mapping presence indicators when a default mapping is used, and parsing is skipped. It should be not...

5.5CVSS5.2AI score0.001EPSS