CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Hacker News•added 2026/04/24 7:24 a.m.•10 views

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving large language models LLMs, has come under active exploitation in the wild less than 13 hours after its public disclosure. The vulnerability, tracked as CVE-2026-33626 CVSS score: 7.5, relate...

9.8CVSS8.6AI score0.54254EPSS

Exploits16

OSV•added 2026/04/24 3:16 a.m.•3 views

DEBIAN-CVE-2026-41316

ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to prevent code execution when an ERB object is reconstructed via Marshal.load deserialization. However, three other public methods th...

8.1CVSS6.1AI score0.00508EPSS

NVD•added 2026/04/24 3:16 a.m.•2 views

CVE-2026-41316

8.1CVSS0.00508EPSS

ATTACKERKB•added 2026/04/24 2:35 a.m.•1 views

CVE-2026-41316

8.1CVSS6.2AI score0.00508EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/04/24 2:35 a.m.•2 views

CVE-2026-41316

8.1CVSS6.1AI score0.00508EPSS

Exploits0

5.5CVSS5.8AI score0.00125EPSS

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of restrictions on reportsize in the s32ton module. This vulnerability may lead to...

CNNVD•added 2026/04/24 12:0 a.m.•7 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the release of memory after device registration in the media as102 module. This could lead to...

7.8CVSS5.8AI score0.00128EPSS

CNNVD•added 2026/04/24 12:0 a.m.•8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the decoding order of the NV12 plane in the drm/i915 module. This error may lead to damage ...

5.5CVSS5.8AI score0.00121EPSS

7.8CVSS5.8AI score0.00119EPSS

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from premature device reference release in the xfrm module, potentially leading to race conditions...

7.8CVSS5.8AI score0.00128EPSS

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of memory after the em28xxv4l2open function in the media em28xx module. This could lead...

CNNVD•added 2026/04/24 12:0 a.m.•8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an array overflow in the skbfrags structure within the cdc Phonet module, due to the lack of limits on...

5.5CVSS5.9AI score0.00125EPSS

5.5CVSS5.8AI score0.00125EPSS

Linux kernel 安全漏洞

Packet Storm News•added 2026/04/24 12:0 a.m.•3 views

MetInfo CMS 8.1 WeChat Module Vulnerability Detection Scanner

This Metasploit auxiliary module is a non-exploit vulnerability detection scanner designed to assess potential security weaknesses in the MetInfo CMS WeChat module, specifically related to weixinreply.class.php handling logic...

9.8CVSS5.2AI score0.39688EPSS

Exploits4

9.3CVSS6AI score0.00311EPSS

uuid 缓冲区错误漏洞

uuid is a JavaScript module developed by UUID, which allows for the generation of RFC-compliant UUIDs in JavaScript. Versions of uuid prior to 14.0.0 contained a buffer error vulnerability. This vulnerability stems from functions v3, v5, and v6 accepting external output buffers without rejecting...

Exploits1References1

Packet Storm•added 2026/04/24 12:0 a.m.•93 views

📄 MetInfo CMS 8.1 PHP Code Injection

This Python script is a full remote code execution exploit suite targeting a vulnerability in MetInfo CMS versions 8.1 and below. The flaw resides in the weixin module handling logic, where improperly sanitized input allows PHP code injection via crafted XML and HTTP parameters/headers...

9.8CVSS6.5AI score0.39688EPSS

Exploits4

Packet Storm•added 2026/04/24 12:0 a.m.•60 views

📄 MISP 2.5.27 Workflow Engine Cross Site Scripting

This Metasploit auxiliary module targets a potential stored cross site scripting vulnerability in the MISP Workflow Engine. It is designed to interact with the MISP API, create workflows, and inject malicious payloads into workflow data fields...

5AI score

Exploits0

CNNVD•added 2026/04/24 12:0 a.m.•5 views

ERB 安全漏洞

ERB is an open-source embedded Ruby template processing tool developed by The Ruby Programming Language. There is a security vulnerability in ERB, which stems from the lack of protection for @src in methods like ERBdefmethod, ERBdefmodule, and ERBdefmodule. This vulnerability could allow attacker...

8.1CVSS6.2AI score0.00508EPSS