CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.5CVSS6AI score0.00043EPSS

DEBIAN-CVE-2026-54293

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Prior to 3.10.0-rc1, nltk.data.load in NLTK is vulnerable to path traversal via URL-encoded path separators and traversal segments...

8.7CVSS5.8AI score0.00024EPSS

DEBIAN-CVE-2026-54277

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, it is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send...

OSV•added yesterday•4 views

DEBIAN-CVE-2026-54278

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. An attacker may be able to send a compressed payload in specific situations that could be...

8.7CVSS5.8AI score0.00024EPSS

7.5CVSS5.8AI score0.00276EPSS

MINI-7RX3-VHM6-3739

Bulletin has no description...

OSV•added yesterday•2 views

MINI-6Q2M-3WVG-8J23

Bulletin has no description...

7.5CVSS5.7AI score

9.1CVSS6.3AI score0.00522EPSS

RHSA-2026:27712 Red Hat Security Advisory: osbuild-composer security update

Bulletin has no description...

Exploits1References8

ECHO-8FDA-FCF5-F272

Bulletin has no description...

6.9CVSS5.8AI score

OSV•added yesterday•2 views

ECHO-9D3B-357F-1F8C

Bulletin has no description...

5.9CVSS5.8AI score

OSV•added 2 days ago•5 views

MINI-7WW7-MC44-JXMF

Bulletin has no description...

7.5CVSS5.7AI score0.00579EPSS

Exploits1

OSV•added 2 days ago•2 views

MINI-XC84-F454-G9WJ

Bulletin has no description...

7.5CVSS5.7AI score0.00378EPSS

OSV•added 2 days ago•3 views

MINI-XMRW-RFM4-2P25

Bulletin has no description...

7.5CVSS6.5AI score0.00868EPSS

OSV•added 2 days ago•2 views

DEBIAN-CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

4.9CVSS5.8AI score

OSV•added 2 days ago•7 views

ECHO-E662-10E6-6EB5

Bulletin has no description...

7.6CVSS5.8AI score0.00238EPSS

OSV•added 2 days ago•2 views

DEBIAN-CVE-2026-56408

libexpat before 2.8.2 has an integer overflow in copyString...

6.9CVSS5.9AI score