CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/21 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2021-47952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSO...

9.8CVSS6.6AI score0.00628EPSS

Tenable Nessus•added 2026/05/21 12:0 a.m.•15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig: % sandbox %% include % skips checkSecurity on cached templates incomplete fix for CVE-2024-45411 CVE-2026-46638 Note that Nessus relies on the presence of...

8.6CVSS7.3AI score0.00826EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-27851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be...

9.1CVSS5.9AI score0.00304EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-5950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cau...

5.3CVSS6AI score0.00551EPSS

Exploits1References4

Tenable Nessus•added 2026/05/20 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-3593

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.2...

9.8CVSS5.8AI score0.01644EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix a few more NULL pointer dereference in device cleanup I found a few more paths...

5.5CVSS5.7AI score0.00121EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-42002

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Concurrency and locking defects in GSS-TSIG CVE-2026-42002 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900...

7.5CVSS5.8AI score0.00264EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: Fix a hmmrangefault livelock / starvation problem If hmmrangefault fails a foliotrylock in doswappage, trying to acquire the lock of a device-private folio...

5.5CVSS5.8AI score0.00093EPSS

NVD•added 2026/05/19 5:16 p.m.•14 views

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS0.00482EPSS

Vulnrichment•added 2026/05/19 3:53 p.m.•8 views

CVE-2026-47357

9.2CVSS5.8AI score0.00482EPSS

EUVD•added 2026/05/19 3:53 p.m.•9 views

EUVD-2026-30957

9.2CVSS5.8AI score0.00482EPSS

Cvelist•added 2026/05/19 3:53 p.m.•39 views

CVE-2026-47356

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the webhookurl parameter in the file scan endpoint POST /v1/iac/iacVersion/cloud/local/file/scan when running in server mode. An unauthenticated remote attacker can supply an arbitrary URL as the webhookurl multipa...

8.7CVSS0.00499EPSS

Tenable Nessus•added 2026/05/19 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-41054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the...

7.8CVSS5.9AI score0.00185EPSS

Positive Technologies•added 2026/05/19 12:0 a.m.•13 views

PT-2026-41952

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the webhook url parameter in the file scan endpoint POST /v1/iac/iacVersion/cloud/local/file/scan when running in server mode. An unauthenticated remote attacker can supply an arbitrary URL as the webhook url...

8.7CVSS6AI score0.00499EPSS

Tenable Nessus•added 2026/05/19 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-8970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS5.9AI score0.00307EPSS

Tenable Nessus•added 2026/05/19 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-8957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird...

8.8CVSS5.9AI score0.00386EPSS

Tenable Nessus•added 2026/05/17 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-41051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories. CVE-2026-41051 Note...

5.1CVSS5.5AI score0.00075EPSS

Tenable Nessus•added 2026/05/15 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.5CVSS6.1AI score0.00188EPSS

Exploits1References3

Tenable Nessus•added 2026/05/15 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6811

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances whe...

6CVSS5.6AI score0.00311EPSS