CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/21 7:35 a.m.•34 views

CVE-2026-44073 seteuid failure ignored in auth modules

5CVSS0.00115EPSS

EUVD•added 2026/05/21 7:35 a.m.•6 views

EUVD-2026-31220

5CVSS5.8AI score0.00115EPSS

Vulnrichment•added 2026/05/21 7:35 a.m.•5 views

CVE-2026-44073 seteuid failure ignored in auth modules

5CVSS5.8AI score0.00115EPSS

CVE•added 2026/05/21 7:35 a.m.•14 views

CVE-2026-44073

Netatalk 1.5.0–4.4.2 contains a vulnerability where seteuid() return values were not checked in authentication modules, potentially allowing a remote authenticated attacker to retain elevated privileges under error conditions. The issue is fixed in Netatalk 4.5.0. Impact is described as elevation...

5CVSS5.8AI score0.00115EPSS

Tenable Nessus•added 2026/05/21 12:0 a.m.•5 views

Multiple Node.js Modules compromised in self-spreading npm supply chain attack (mini-Shai-Hulud) (05/11/2026)

The remote host has a version of one or more Node.js modules installed known to be compromised in the self-spreading 'mini-Shai-Hulud' npm supply chain attack reported on 05/11/2026. This wave is tracked separately from the original Shai-Hulud campaign because of distinct compromised maintainers...

9.6CVSS7.4AI score0.17051EPSS

Exploits3References4

RedHat Linux•added 2026/05/20 11:36 a.m.•5 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

RedHat Linux•added 2026/05/20 11:27 a.m.•4 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

RedHat Linux•added 2026/05/20 9:48 a.m.•4 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

GithubExploit•added 2026/05/20 8:36 a.m.•63 views

HOV4X

HOV4X HOVAX - 45 Modules Security Toolkit for Penetration Test...

9.8CVSS7AI score0.94428EPSS

Exploits99

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Tracing: Build event generation tests are now performed only as modules. The kprobes and synth event generation test modules add events and lock those event files during the module initialization function. They also unlock and...

5.5CVSS6.3AI score0.00018EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, as well as Ansible Tower in versions 3.4.5, 3.5.5, and 3.6.3. This issue occurs when using modules that decrypt vault files, such as assemble, script, unarchive, wincopy, awss...

5.5CVSS6.8AI score0.00205EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в openssl

Issue summary: A timing side-channel that could potentially allow the recovery of the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow an attacker to recover the private key. However, measuring the timing woul...

4.1CVSS6.7AI score0.00075EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в golang-1.19

The go command may generate unexpected code during build time when using cgo. This can lead to unexpected behavior when running a Go program that uses cgo. This issue may occur when running a trusted module that contains directories with newline characters in their names. Modules retrieved using...

9.8CVSS7AI score0.00125EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в apache2

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch, especially when an extremely large input buffer is used. Although no code distributed with the server can be forced to make such a call, third-party modules or Lua scripts that us...

9.1CVSS7.3AI score0.00959EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

The “Use After Free” vulnerability in the Linux kernel allows for the execution of code in a local environment on Linux, x86, and ARM bluetooth modules. This vulnerability is associated with the program file https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This...

7.8CVSS7.2AI score0.00033EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•6 views

RHEL 8 : python3 (RHSA-2026:19549)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19549 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

9.1CVSS6.4AI score0.00164EPSS

Exploits0References6

RedHat Linux•added 2026/05/19 7:1 p.m.•6 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

RedHat Linux•added 2026/05/19 6:28 p.m.•8 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules