CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54742 matches found

CNNVD•added 2026/01/21 12:0 a.m.•5 views

Everest-Core: Input validation vulnerability

Everest-core is a major component of the open-source electric vehicle charging software stack developed by EVerest. Versions of everest-core prior to 2025.10.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the use of the assert function to handle...

7.4CVSS5.8AI score0.00156EPSS

Exploits0References2

CNNVD•added 2026/01/21 12:0 a.m.•4 views

TP-LINK Archer C20 security vulnerabilities

The TP-LINK Archer C20 is a router produced by the TP-LINK company. Versions of the TP-LINK Archer C20 prior to v6.0 version number: 6251031 and the TP-Link Archer AX53 prior to version 1.0 version number: 1251215 contained security vulnerabilities. These vulnerabilities were due to logical flaws...

8.8CVSS5.9AI score0.00401EPSS

Exploits0References4

CNNVD•added 2026/01/21 12:0 a.m.•6 views

Everest-core code issues and vulnerabilities

Everest-core is a major component of the open-source electric vehicle charging software stack developed by EVerest. Versions of everest-core prior to 2025.10.0 contained code vulnerabilities. These vulnerabilities stemmed from out-of-bound vector access during the deserialization of DCChargeLoopR...

7.4CVSS5.9AI score0.00248EPSS

Exploits1References2

Positive Technologies•added 2026/01/21 12:0 a.m.•4 views

PT-2026-3845

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2025.10.0 Description The software may experience crashes due to the frequent use of the assert function for error handling. This can lead to a denial of service, as the manager terminates all modules and exits upon...

7.4CVSS5.3AI score0.00156EPSS

Exploits0References2

CNNVD•added 2026/01/21 12:0 a.m.•8 views

vLLM code injection vulnerability

vLLM is an open-source LLM-based inference and service engine that features high throughput and efficient memory usage. Versions of vLLM from 0.10.1 to 0.14.0 contained a code injection vulnerability. This vulnerability stemmed from the loading of the Hugging Face automap dynamic module during...

9.8CVSS7.4AI score0.00542EPSS

Exploits1References4

RubySec•added 2026/01/21 12:0 a.m.•9 views

AlchemyCMS - Authenticated Remote Code Execution (RCE) via eval injection in ResourcesHelper

Summary A vulnerability was discovered during a manual security audit of the AlchemyCMS source code. The application uses the Ruby eval function to dynamically execute a string provided by the resourcehandler.enginename attribute in Alchemy::ResourcesHelperresourceurlproxy. Details The...

9.9CVSS6.2AI score0.00426EPSS

Exploits0References1Affected Software1

Tenable Nessus•added 2026/01/21 12:0 a.m.•3 views

Oracle Linux 10 : kernel (ELSA-2026-0786)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0786 advisory. 6.12.0-124.28.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux...

5.5AI score0.00173EPSS

Exploits0References2

NVD•added 2026/01/20 10:15 p.m.•5 views

CVE-2026-21941

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS0.00337EPSS

Exploits0References1