CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

102 matches found

SUSE CVE•added 2026/05/07 2:17 a.m.•3 views

SUSE CVE-2026-43179

In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits for invalid metabox-enabled images Crafted EROFS images with metadata compression enabled can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system...

5.8AI score0.00013EPSS

Exploits0References3

EUVD•added 2026/05/06 12:30 p.m.•0 views

EUVD-2026-27741

5.8AI score0.00013EPSS

Exploits0References4

NVD•added 2026/05/06 12:16 p.m.•0 views

CVE-2026-43179

5.5CVSS0.00013EPSS

Exploits0References3

Debian CVE•added 2026/05/06 11:27 a.m.•1 views

CVE-2026-43179

5.5CVSS5.7AI score0.00013EPSS

Exploits0

Cvelist•added 2026/05/06 11:27 a.m.•19 views

CVE-2026-43179 erofs: fix incorrect early exits for invalid metabox-enabled images

0.00013EPSS

Exploits0References3

CVE•added 2026/05/06 11:27 a.m.•5 views

CVE-2026-43179

Summary: CVE-2026-43179 affects the Linux kernel’s EROFS filesystem. The issue stems from incorrect early exits for invalid metabox-enabled images with metadata compression, which can trigger folio reference leaks. The problem does not apparently cause system crashes or other severe issues accord...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/05/06 12:0 a.m.•3 views

PT-2026-37519

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Crafted EROFS images with metadata compression enabled can trigger incorrect early returns, which leads to folio reference leaks. Folio reference leaks occur when the system fails to...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References5

RedhatCVE•added 2026/01/13 10:53 p.m.•2 views

CVE-2025-13897

The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'afttestimonialmetaname' custom field in the Client Information metabox in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user-supplied...

6.4CVSS5AI score0.00016EPSS

Exploits0References1

Cvelist•added 2026/01/09 11:15 a.m.•25 views

CVE-2025-13897 Client Testimonial Slider <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aft_testimonial_meta_name' Metabox Field

6.4CVSS0.00016EPSS

Exploits0References3

RedhatCVE•added 2025/12/04 3:36 p.m.•3 views

CVE-2025-13401

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attributes in the "createimgpreloadtag" function...

6.4CVSS5AI score0.00034EPSS

Exploits0References1

OSV•added 2025/12/03 2:15 p.m.•3 views

CVE-2025-13359

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to time-based SQL Injection via the "getTermsForAjax" function in all versions up to, and including, 3.40.1. This is due to insufficient escaping on the user supplied parameters and lack of...

6.5CVSS6.5AI score

Exploits0References2

EUVD•added 2025/12/03 1:52 p.m.•3 views

EUVD-2025-200973

6.4CVSS4.6AI score0.00034EPSS

Exploits0References3

Positive Technologies•added 2025/12/03 12:0 a.m.•4 views

PT-2025-48808

Name of the Vulnerable Software and Affected Versions Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress versions through 3.40.1 Description The software is susceptible to a time-based SQL Injection issue via the getTermsForAjax function. This is a result of...

6.5CVSS7.2AI score0.00028EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-49909