CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

185 matches found

Tenable Nessus•added 2026/05/20 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-42246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middl...

7.6CVSS5.8AI score0.00016EPSS

Exploits0References3

Tenable Nessus•added 2026/05/20 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-42256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0...

6.5CVSS5.8AI score0.00046EPSS

Exploits0References4

Tenable Nessus•added 2026/05/20 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-42258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to comman...

9.8CVSS5.8AI score0.00092EPSS

Exploits0References3

Oracle linux•added 2026/05/19 12:0 a.m.•5 views

ruby:3.3 security update

ruby 3.3.10-6 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171255 3.3.10-5 - Upgrade to Ruby 3.3.10. Resolves: RHEL-127912 - Fix possible denial of service in resolv gem CVE-2025-24294 - Fix URI Credential Leakage Bypass previous fixes...

8.1CVSS6.4AI score0.00048EPSS

Exploits0

SUSE CVE•added 2026/05/16 1:12 a.m.•4 views

SUSE CVE-2026-42256

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational...

6CVSS5.7AI score0.00046EPSS

Exploits0References3

RedhatCVE•added 2026/05/15 4:8 p.m.•8 views

CVE-2026-42256

A flaw was found in Net::IMAP, a Ruby library for Internet Message Access Protocol IMAP client functionality. A hostile server can exploit this vulnerability during SCRAM-SHA1 or SCRAM-SHA256 Salted Challenge Response Authentication Mechanism - Secure Hash Algorithm 1 or 256 authentication by...

6.5CVSS5.7AI score0.00046EPSS

Exploits0References10

RedhatCVE•added 2026/05/12 10:34 a.m.•5 views

CVE-2026-42257

A flaw was found in Net::IMAP, a Ruby library for Internet Message Access Protocol IMAP client functionality. Several Net::IMAP commands accept raw string arguments that are sent to the server without proper validation or escaping. If an application uses user-controlled input for these arguments,...

9.8CVSS5.8AI score0.00016EPSS

Exploits0References7

Tenable Nessus•added 2026/05/12 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-42257

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands...

9.8CVSS5.9AI score0.00016EPSS

Exploits0References4

NVD•added 2026/05/09 8:16 p.m.•6 views

CVE-2026-42256

6.5CVSS0.00046EPSS

Exploits0References7

NVD•added 2026/05/09 8:16 p.m.•4 views

CVE-2026-42246

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. This issue has been patched in versions 0.3.10,...

7.6CVSS0.00016EPSS

Exploits0References8

OSV•added 2026/05/09 8:16 p.m.•1 views

DEBIAN-CVE-2026-42256

6.5CVSS5.7AI score0.00046EPSS

Exploits0References1

NVD•added 2026/05/09 8:16 p.m.•6 views

CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

7.5CVSS0.00086EPSS

Exploits0References7

OSV•added 2026/05/09 8:16 p.m.•3 views

UBUNTU-CVE-2026-42256

6.5CVSS5.7AI score0.00046EPSS

Exploits0References9

UbuntuCve•added 2026/05/09 8:16 p.m.•5 views

CVE-2026-42258

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched ...

9.8CVSS5.8AI score0.00092EPSS

Exploits0References5

UbuntuCve•added 2026/05/09 8:16 p.m.•2 views

CVE-2026-42257

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...

9.8CVSS5.9AI score0.00016EPSS

Exploits0References5

UbuntuCve•added 2026/05/09 8:16 p.m.•3 views

CVE-2026-42245

7.5CVSS5.7AI score0.00086EPSS

Exploits0References8

OSV•added 2026/05/09 8:16 p.m.•5 views

UBUNTU-CVE-2026-42258

9.8CVSS5.7AI score0.00092EPSS

Exploits0References6

UbuntuCve•added 2026/05/09 8:16 p.m.•3 views

CVE-2026-42246