CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/04/21 12:0 a.m.•5 views

PT-2026-34214

Name of the Vulnerable Software and Affected Versions free5GC UDR versions prior to 1.4.3 Description A fail-open request handling flaw exists in the UDR service. The POST handler for the endpoint '/nudr-dr/v2/policy-data/subs-to-notify' continues to process requests even after encountering error...

6.9CVSS5.4AI score0.09955EPSS

Exploits0References8

Tenable Nessus•added 2026/04/21 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird...

7.3CVSS5.8AI score0.00262EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-6761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

8.8CVSS5.8AI score0.00221EPSS

Tenable Nessus•added 2026/04/20 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using t...

6.5CVSS5.9AI score0.00629EPSS

Tenable Nessus•added 2026/04/20 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-54510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routin...

5.9CVSS5.8AI score0.00108EPSS

Exploits1References2

Tenable Nessus•added 2026/04/18 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-41254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. CVE-2026-41254...

7.5CVSS5.9AI score0.00365EPSS

Exploits1References2

Tenable Nessus•added 2026/04/17 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-40226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file. CVE-2026-40226 Note that Nessus relies o...

6.4CVSS5.5AI score0.00072EPSS

Tenable Nessus•added 2026/04/17 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-40228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a logger -p emerg command is executed, if...

3.3CVSS5.7AI score0.00173EPSS

Exploits1References3

Tenable Nessus•added 2026/04/16 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-40959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod. CVE-2026-40959 Note that Nessus relies on the presence of the packag...

9.3CVSS5.8AI score0.00182EPSS

Tenable Nessus•added 2026/04/16 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-6300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS6.1AI score0.00341EPSS

Tenable Nessus•added 2026/04/15 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-6358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML...

8.8CVSS5.8AI score0.00269EPSS

Tenable Nessus•added 2026/04/15 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-6310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a...

8.3CVSS5.8AI score0.00251EPSS

Tenable Nessus•added 2026/04/15 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-40919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GIMP. This vulnerability, a buffer overflow in the file-seattle-filmworks plugin, can be exploited when a user opens a specially crafted...

6.1CVSS6AI score0.00331EPSS

8.8CVSS6.1AI score0.00365EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-6307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Tenable Nessus•added 2026/04/15 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-6306

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF...

8.8CVSS6.5AI score0.00336EPSS

Tenable Nessus•added 2026/04/15 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-6360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page...

8.8CVSS5.8AI score0.00253EPSS

8.3CVSS5.8AI score0.00269EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-6314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandb...

8.8CVSS5.8AI score0.00275EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-6363

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML...

8.8CVSS6.1AI score0.00372EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-6301