CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 4 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-56411

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. CVE-2026-56411 Note that Nessus relies on the presence of th...

6.9CVSS5.9AI score0.0011EPSS

Tenable Nessus•added 5 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-56132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there i...

6.9CVSS6.2AI score0.00088EPSS

Tenable Nessus•added 5 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-56131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 lacks handler call depth tracking for calls to XMLResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free...

5.9CVSS5.9AI score0.00218EPSS

Tenable Nessus•added 5 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-55203

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as...

9CVSS6.1AI score0.00294EPSS

Tenable Nessus•added 5 days ago•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-50195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-50195 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...

Tenable Nessus•added 2026/06/18 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-47178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - libheif - None Ubuntu Linux - Unknown description CVE-2026-47178 Note that Nessus relies on the presence of the package as reported by the vendor...

5.9AI score0.00025EPSS

NVD•added 2026/06/17 6:18 p.m.•12 views

CVE-2026-48591

Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':makeatt1/2 in lib/earmark/transform.ex splices attribute values verbatim between two literal " bytes: ...

4.8CVSS0.00133EPSS

Cvelist•added 2026/06/17 4:42 p.m.•14 views

CVE-2026-48591 Stored XSS via unescaped HTML attribute values in earmark

4.8CVSS0.00133EPSS

Tenable Nessus•added 2026/06/17 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-12449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-level privilege escalation via a malicio...

7.8CVSS5.9AI score0.00109EPSS

Tenable Nessus•added 2026/06/17 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - upstream upgrade with security fixes: - CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount - CVE-2026-53613 - libmount: SUID bypa...

Linux Distros Unpatched Vulnerability : CVE-2026-53614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via LIBMOUNTFORCEMOUNT2 Environment Variable - nosuid/noexec Bypass in SUID mount8...

Tenable Nessus•added 2026/06/17 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-12457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Extensions. CVE-2026-12457 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900...

4.2CVSS5.9AI score0.00136EPSS

Tenable Nessus•added 2026/06/17 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-12466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page...

8.8CVSS6.6AI score0.00426EPSS

Tenable Nessus•added 2026/06/17 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via TOCTOU in mount8 hookowner.c chmod/chown CVE-2026-53612 Note that Nessus relies o...

Tenable Nessus•added 2026/06/17 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-12467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform ...

8.3CVSS6AI score0.00222EPSS

8.8CVSS6AI score0.00255EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-12448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a...

Tenable Nessus•added 2026/06/17 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Browser in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a...

8.3CVSS6AI score0.00222EPSS

8.8CVSS6.3AI score0.00601EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-12443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page...

5.3CVSS5.9AI score0.00252EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-12301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. CVE-2026-12301 Note that Nessus relies on the presence ...