CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27297 matches found

RedHat Linux•added 2026/05/13 2:8 a.m.•7 views

jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

6.9CVSS5.8AI score0.00314EPSS

Exploits1References6

Positive Technologies•added 2026/05/13 12:0 a.m.•10 views

PT-2026-40561

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'permission message' parameter in all versions up to, and including, 6.2.1 due to insufficient input sanitization and output escapin...

6.4CVSS6AI score0.00201EPSS

Exploits0References6

CNNVD•added 2026/05/13 12:0 a.m.•7 views

WordPress plugin Fluent Forms 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00201EPSS

Exploits0References1

CNNVD•added 2026/05/13 12:0 a.m.•5 views

Flight 安全漏洞

Flight is a PHP microframework developed by Mike Cao. Versions of Flight prior to 3.18.1 contained a security vulnerability. This vulnerability stemmed from the default error handling mechanism Engine::error, which wrote the entire exception message into the HTTP 500 response. Without debugging...

7.5CVSS5.8AI score0.00335EPSS

Exploits0References2

CNNVD•added 2026/05/13 12:0 a.m.•6 views

protobuf.js 安全漏洞

protobuf.js is a pure JavaScript implementation of the protobuf.js project, open source. It provides a protocol buffer implementation that supports Node.js and browsers with TypeScript. It’s easy to use, extremely fast, and can be used out of the box through.proto files. Versions prior to 7.5.6 a...

5.3CVSS5.9AI score0.002EPSS

Exploits0References1

Positive Technologies•added 2026/05/13 12:0 a.m.•11 views

PT-2026-40628

Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP MSP::loop, AP MSP, AP MSP.cpp components...

5.8AI score0.00102EPSS

Exploits0References2

Positive Technologies•added 2026/05/13 12:0 a.m.•7 views

PT-2026-40614

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2026.1.21 and 2026.2.5 Microsoft Message Queuing versions prior to Windows Server 2025 Description Devolutions Server contains improper access control in PAM account discovery, which allows an authenticated user to...

4.3CVSS6.5AI score0.00162EPSS

Exploits0References6

Tenable Nessus•added 2026/05/13 12:0 a.m.•6 views

AlmaLinux 10 : corosync (ALSA-2026:13644)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13644 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer...

8.2CVSS5.9AI score0.00994EPSS

Exploits2References4

CNNVD•added 2026/05/13 12:0 a.m.•10 views

libcurl 代码问题漏洞

libcurl is an open-source, free, and easy-to-use client URL transfer library for cURL. There are code vulnerabilities in libcurl, stemming from errors in connection reuse logic. These vulnerabilities may cause SMB transfers to incorrectly reuse existing connections to different shares, resulting ...

7.5CVSS5.9AI score0.00443EPSS

Exploits1References1

EUVD•added 2026/05/12 6:30 p.m.•29 views

EUVD-2026-29669

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00243EPSS

Exploits0References2

EUVD•added 2026/05/12 6:30 p.m.•6 views

EUVD-2026-29584

Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00398EPSS

Exploits0References2

EUVD•added 2026/05/12 6:30 p.m.•6 views

EUVD-2026-29588

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network...

8.8CVSS6.1AI score0.00439EPSS

Exploits0References2

NVD•added 2026/05/12 6:17 p.m.•9 views

CVE-2026-34329

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network...

8.8CVSS0.00439EPSS

Exploits0References1

NVD•added 2026/05/12 6:17 p.m.•6 views

CVE-2026-33838

Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00398EPSS

Exploits0References1

CVE•added 2026/05/12 4:59 p.m.•51 views

CVE-2026-33838

Technical details about CVE-2026-33838 are not publicly available in the provided documents. Monitor for updates from vendors and advisories before assessing impact or remediation.

7.8CVSS7.1AI score0.00398EPSS

Exploits0References1Affected Software14

Vulnrichment•added 2026/05/12 4:59 p.m.•7 views

CVE-2026-33838 Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

...

7.8CVSS7.1AI score0.00398EPSS

Exploits0References1

Cvelist•added 2026/05/12 4:59 p.m.•27 views

CVE-2026-33838 Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

...

7.8CVSS0.00398EPSS

Exploits0References1

CVE•added 2026/05/12 4:58 p.m.•33 views

CVE-2026-40410

Technical details (affected component, root cause, affected versions, exploit vectors or fixes) are not publicly provided in the supplied documents; monitor for updates from official advisories.

7CVSS5.8AI score0.00243EPSS

Exploits0References1Affected Software14