CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/20 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-43404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: Fix a hmmrangefault livelock / starvation problem If hmmrangefault fails a foliotrylock in doswappage, trying to acquire the lock of a device-private folio...

5.5CVSS5.8AI score0.00093EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-5950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cau...

5.3CVSS5.5AI score0.00504EPSS

Exploits1References4

NVD•added 2026/05/19 5:16 p.m.•12 views

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS0.00482EPSS

EUVD•added 2026/05/19 3:53 p.m.•8 views

EUVD-2026-30957

9.2CVSS5.8AI score0.00482EPSS

Vulnrichment•added 2026/05/19 3:53 p.m.•7 views

CVE-2026-47357

9.2CVSS5.8AI score0.00482EPSS

Cvelist•added 2026/05/19 3:53 p.m.•38 views

CVE-2026-47356

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the webhookurl parameter in the file scan endpoint POST /v1/iac/iacVersion/cloud/local/file/scan when running in server mode. An unauthenticated remote attacker can supply an arbitrary URL as the webhookurl multipa...

8.7CVSS0.00499EPSS

Positive Technologies•added 2026/05/19 12:0 a.m.•10 views

PT-2026-41952

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the webhook url parameter in the file scan endpoint POST /v1/iac/iacVersion/cloud/local/file/scan when running in server mode. An unauthenticated remote attacker can supply an arbitrary URL as the webhook url...

8.7CVSS6AI score0.00499EPSS

Tenable Nessus•added 2026/05/19 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-8957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird...

8.8CVSS5.9AI score0.00386EPSS

Tenable Nessus•added 2026/05/19 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-8970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS5.9AI score0.00307EPSS

Tenable Nessus•added 2026/05/19 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-41054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the...

7.8CVSS5.9AI score0.00185EPSS

Tenable Nessus•added 2026/05/17 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-41051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories. CVE-2026-41051 Note...

5.1CVSS5.5AI score0.00075EPSS

Tenable Nessus•added 2026/05/15 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.5CVSS6.1AI score0.00188EPSS

Exploits1References3

Tenable Nessus•added 2026/05/15 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-6811

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances whe...

6CVSS5.6AI score0.00311EPSS

Tenable Nessus•added 2026/05/14 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-44051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary...

8.1CVSS5.7AI score0.00477EPSS

Tenable Nessus•added 2026/05/14 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-8401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

9.8CVSS5.9AI score0.00309EPSS

Tenable Nessus•added 2026/05/14 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-8567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted...

4.3CVSS5.9AI score0.00183EPSS

Tenable Nessus•added 2026/05/14 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-8514

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a...

8.3CVSS5.9AI score0.00207EPSS

Tenable Nessus•added 2026/05/14 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxaudiocaps function does not...

9.1CVSS5.8AI score0.00208EPSS

Tenable Nessus•added 2026/05/14 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-8538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to...

5.3CVSS5.9AI score0.00195EPSS