CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 6 days ago•5 views

Tychon security vulnerabilities

Tychon is a terminal security analysis and management platform developed by the American company Tychon. There is a security vulnerability in Tychon, which stems from the OPENSSLDIR variable in the OpenSSL component potentially being controlled by non-privileged users. This vulnerability could...

7.4CVSS6.2AI score0.00049EPSS

CNNVD•added 6 days ago•5 views

Red Hat OpenShift Container Platform security vulnerabilities

Red Hat OpenShift Container Platform is a platform developed by Red Hat Corporation that helps enterprises develop, deploy, and manage container-based applications across physical, virtual, and public cloud infrastructures. There is a security vulnerability in Red Hat OpenShift Container Platform...

5CVSS5.8AI score0.00039EPSS

NVD•added 2026/05/22 11:16 a.m.•7 views

CVE-2026-3636

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to sanitize team member data when returned via API to users without elevated permissions which allows a user without permissions to get data about team members roles via invoking various team API...

4.3CVSS0.00026EPSS

ATTACKERKB•added 2026/05/22 10:23 a.m.•5 views

CVE-2026-3636

4.3CVSS5.8AI score0.00026EPSS

Exploits0References2Affected Software1

AstraLinux•added 2026/05/03 11:59 p.m.•8 views

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2, where its configuration file, known as grub.cfg, is created with the wrong permission set, allowing non-privileged users to read its contents. This represents a minor confidentiality issue, as those users could potentially access any encrypted passwords contained i...

3.3CVSS6.3AI score0.00024EPSS

OSV•added 2026/03/27 7:10 a.m.•2 views

BIT-DISCOURSE-2026-27936 Discourse discloses restricted post-action counts to non-privileged users

Discourse is an open-source discussion platform. Prior to versions 2026.3.0, 2026.2.1, and 2026.1.2, a restriction bypass allows restricted post action counts to be disclosed to non-privileged users through a carefully crafted request. Versions 2026.3.0, 2026.2.1, and 2026.1.2 contain a patch. No...

RedhatCVE•added 2026/03/26 3:9 p.m.•1 views

CVE-2026-27936

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, a restriction bypass allows restricted post action counts to be disclosed to non-privileged users through a carefully crafted request. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...

NVD•added 2026/03/19 10:16 p.m.•2 views

CVE-2026-27936

6.9CVSS0.00024EPSS

Cvelist•added 2026/03/19 9:42 p.m.•16 views

CVE-2026-27936 Discourse discloses restricted post-action counts to non-privileged users

6.9CVSS0.00024EPSS

CVE•added 2026/03/19 9:42 p.m.•3 views

CVE-2026-27936

Discourse before versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 include a restriction bypass that can disclose restricted post action counts to non-privileged users via a crafted request. The patch fixes are in 2026.3.0-latest.1, 2026.2.1, and 2026.1.2. Impact: potential confidentiality leaka...

6.9CVSS5.7AI score0.00024EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/03/19 9:42 p.m.•3 views

CVE-2026-27936 Discourse discloses restricted post-action counts to non-privileged users

EUVD•added 2026/03/19 9:42 p.m.•2 views

EUVD-2026-13241

6.9CVSS5.7AI score0.00024EPSS

ATTACKERKB•added 2026/03/19 9:42 p.m.•3 views

CVE-2026-27936

6.9CVSS5.7AI score0.00024EPSS

Exploits0References2Affected Software1

OSV•added 2026/03/19 9:42 p.m.•3 views

CVE-2026-27936 Discourse discloses restricted post-action counts to non-privileged users

Positive Technologies•added 2026/03/19 12:0 a.m.•2 views

Exploits0References3

PT-2026-26377

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.3.0-latest.1 Discourse versions prior to 2026.2.1 Discourse versions prior to 2026.1.2 Description Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, a...

CNNVD•added 2026/03/09 12:0 a.m.•2 views

Exploits0References6

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a GPU driver toolkit developed by the British company Imagination. There is a security vulnerability in Imagination Graphics DDK, which stems from improper handling of memory resources under user mode virtualization. This vulnerability could allow non-privileged users ...

4.4CVSS5.8AI score0.00006EPSS

CNNVD•added 2026/03/03 12:0 a.m.•1 views

Gallagher NxWitness VMS 安全漏洞

Gallagher NxWitness VMS is a video management system developed by the New Zealand-based Gallagher company. Versions of Gallagher NxWitness VMS prior to 9.10.017 and 9.10.025 contained security vulnerabilities. These vulnerabilities stemmed from the transmission of sensitive information in plainte...

5.6CVSS5.8AI score0.00023EPSS

Cvelist•added 2026/02/12 9:57 p.m.•21 views

CVE-2026-26225 Intego Personal Backup Task File Privilege Escalation

Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...

8.5CVSS0.0001EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 10:42 a.m.•6 views

CVE-2022-26237

The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

5.5CVSS6.8AI score0.00038EPSS