CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OPENSUSE Linux•added 2026/06/12 12:0 a.m.•6 views

Security update for NetworkManager-libreswan (important)

openSUSE Security Update: Security update for NetworkManager-libreswan Announcement ID: openSUSE-SU-2026:0200-1 Rating: important References: 1232040 Cross-References: CVE-2024-9050 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available...

7.8CVSS5.5AI score0.00452EPSS

IBM Security Bulletins•added 2026/06/11 12:9 p.m.•4 views

Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition

Summary Multiple vulnerabilities were addressed in IBM Tivoli Network Manager IP Edition 4.2.0.24 IFix 1 Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of...

9.9CVSS6.6AI score0.00831EPSS

Exploits1Affected Software1

RedhatCVE•added 2026/06/07 12:43 a.m.•8 views

CVE-2026-44724

A flaw was found in systeminformation, a Node.js library. This vulnerability allows a local attacker on Linux to inject arbitrary commands. This occurs when an active NetworkManager connection profile name contains shell metacharacters, which are not properly sanitized before being used in shell...

7.8CVSS5.3AI score0.00483EPSS

Exploits0References4

The Hacker News•added 2026/06/06 4:19 a.m.•12 views

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245 , carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types - On-Prem Deployment Cisco SD-WA...

7.8CVSS6.3AI score0.00952EPSS

Exploits2

RedhatCVE•added 2026/06/05 7:43 p.m.•6 views

CVE-2026-8271

A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgispeed/cgidhcpdlease/cgiddns/cgisetip/cgiupnpdel/cgidhcpd/cgiupnpadd/cgiupnpedit of the file /cgi-bin/networkmgr.cgi. The manipulation leads to os command injection. The attack is possible to be carri...

7.2CVSS5.3AI score0.04637EPSS

Exploits1References1

OSV•added 2026/06/05 1:54 p.m.•4 views

OPENSUSE-SU-2026:20911-1 Security update for NetworkManager

This update for NetworkManager fixes the following issues: Security fixes: - CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Other fixes: - Accept localhost hostnames if static bsc1257366...

3.3CVSS5.2AI score0.00162EPSS

NVD•added 2026/06/04 6:16 a.m.•11 views

CVE-2026-10805

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

6.7CVSS0.00117EPSS

ATTACKERKB•added 2026/06/04 5:21 a.m.•6 views

CVE-2026-10805

EUVD•added 2026/06/04 5:21 a.m.•9 views

EUVD-2026-34207

Vulnrichment•added 2026/06/04 5:21 a.m.•6 views

CVE-2026-10805 Networkmanager: networkmanager: local privilege escalation via malformed mud urls in dhclient backend

RedhatCVE•added 2026/06/04 5:21 a.m.•9 views

CVE-2026-10805

CVE•added 2026/06/04 5:21 a.m.•29 views

CVE-2026-10805

Summary : CVE-2026-10805 concerns NetworkManager’s dhclient backend, which may misprocess malformed MUD URLs to enable local privilege escalation. What’s affected : NetworkManager (dhclient backend); only when administrator explicitly configures NetworkManager to use dhclient. Default configurati...

CNNVD•added 2026/06/04 12:0 a.m.•5 views

NetworkManager 操作系统命令注入漏洞

NetworkManager is an open-source network management daemon developed by NetworkManager. NetworkManager has a vulnerability related to operating system command injection. This vulnerability stems from the dhclient backend’s handling of format-errors in Manufacturer Usage Description URLs, leading ...

6.7CVSS5.6AI score0.00117EPSS

OSV•added 2026/05/29 4:3 p.m.•5 views

RLSA-2026:18142 Low: NetworkManager security update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

3.3CVSS5.8AI score0.00162EPSS

OSV•added 2026/05/28 3:43 p.m.•9 views

RLSA-2026:18597 Low: NetworkManager security update

3.3CVSS5.8AI score0.00162EPSS

Tenable Nessus•added 2026/05/28 12:0 a.m.•16 views

RockyLinux 9 : NetworkManager (RLSA-2026:18597)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18597 advisory. networkmanagr: NetworkManager File Access CVE-2025-9615 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Not...

3.3CVSS5.8AI score0.00162EPSS

OSV•added 2026/05/27 8:16 p.m.•6 views

DEBIAN-CVE-2026-44724

7.8CVSS5.8AI score0.00483EPSS

CVE•added 2026/05/27 7:26 p.m.•22 views

CVE-2026-44724

CVE-2026-44724 affects the node.js library systeminformation (Linux) from versions 4.17.0 through 5.31.5. The issue is a command-injection flaw in networkInterfaces() caused by unsanitized NetworkManager connection profile names being interpolated into shell commands executed via execSync(), afte...

7.8CVSS5.8AI score0.00483EPSS

Vulnrichment•added 2026/05/27 7:26 p.m.•8 views

CVE-2026-44724 systeminformation: Linux command injection in networkInterfaces() via unsanitized NetworkManager connection profile name

7.8CVSS5.8AI score0.00483EPSS