CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

176 matches found

Argamal: Malware hidden in hentai games

In April 2026, we discovered a new malware campaign targeting players of "hentai" games. Once launched, the infected games install a previously unknown malicious implant on the user's machine. After a few days, the implant downloads and executes a Trojan, resulting in full system compromise and...

5.9AI score

Exploits0

Tenable Nessus•added 2026/04/30 12:0 a.m.•2 views

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1640)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1640 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could...

7.5CVSS5.9AI score0.00019EPSS

Exploits0References4

RedhatCVE•added 2026/04/24 7:16 p.m.•3 views

CVE-2026-35365

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

6.6CVSS5.2AI score0.00016EPSS

Exploits0References2

EUVD•added 2026/04/22 6:31 p.m.•1 views

EUVD-2026-24984

The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...

4.2CVSS5.8AI score0.00018EPSS

Exploits1References2

Github Security Blog•added 2026/04/22 6:31 p.m.•3 views

uutils coreutils has a Link Following issue

6.6CVSS5.2AI score0.00016EPSS

Exploits0References5Affected Software1

EUVD•added 2026/04/22 6:31 p.m.•4 views

EUVD-2026-25012

6.6CVSS5.8AI score0.00016EPSS

Exploits0References3

Github Security Blog•added 2026/04/22 6:31 p.m.•4 views

uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit thi...

6.3CVSS5.5AI score0.00014EPSS

Exploits1References3Affected Software1

OSV•added 2026/04/22 6:31 p.m.•0 views

GHSA-M976-87WM-48FM uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

6.3CVSS5.9AI score0.00014EPSS

Exploits1References3

OSV•added 2026/04/22 6:31 p.m.•0 views

GHSA-66FX-FQV6-5WWX uutils coreutils has a Link Following issue

6.6CVSS5.8AI score0.00016EPSS

Exploits0References5

EUVD•added 2026/04/22 6:31 p.m.•2 views

EUVD-2026-25010

6.3CVSS5.9AI score0.00014EPSS

Exploits1References2

OSV•added 2026/04/22 6:31 p.m.•3 views

GHSA-957R-R8GC-VV3H uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries

4.2CVSS5.8AI score0.00018EPSS

Exploits1References3

NVD•added 2026/04/22 5:16 p.m.•3 views

CVE-2026-35365

6.6CVSS0.00016EPSS

Exploits0References2

NVD•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-35354

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...

4.7CVSS0.00013EPSS

Exploits1References1

NVD•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-35351

4.2CVSS0.00018EPSS

Exploits1References1

OSV•added 2026/04/22 5:16 p.m.•3 views

UBUNTU-CVE-2026-35365

6.6CVSS5.8AI score0.00016EPSS

Exploits0References3