CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

125254 matches found

MariaDBUnix•added 2026/05/18 12:0 a.m.•8 views

CVE-2026-44172

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00502EPSS

Exploits0

MariaDBUnix•added 2026/05/18 12:0 a.m.•10 views

CVE-2026-44173

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00258EPSS

Exploits0

Positive Technologies•added 2026/05/18 12:0 a.m.•8 views

PT-2026-41739

Name of the Vulnerable Software and Affected Versions AutoGPT versions 0.6.36 through 0.6.50 Description AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. The software is subject to Authenticated Session Hijacking via Insecu...

7.1CVSS6AI score0.00384EPSS

Exploits1References9

MariaDBUnix•added 2026/05/18 12:0 a.m.•10 views

CVE-2026-44169

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00269EPSS

Exploits0

MariaDBUnix•added 2026/05/18 12:0 a.m.•7 views

CVE-2026-44170

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00734EPSS

Exploits0

Packet Storm•added 2026/05/18 12:0 a.m.•51 views

📄 Bichon 1.0.2 SOCKS5 Proxy Topology Disclosure

Bichon version 1.0.2 suffers from a SOCKS5 proxy topology disclosure vulnerability via /list-proxy. Bichon 1.0.2 SOCKS5 Proxy Topology Disclosure via /list-proxy ============================================================= Vendor: rustmailer Product: Bichon - self-hosted email archiving server...

5.8AI score

Exploits0

Positive Technologies•added 2026/05/18 12:0 a.m.•9 views

PT-2026-41793

Name of the Vulnerable Software and Affected Versions Sulu versions prior to 2.6.23 Sulu versions prior to 3.0.6 Description Sulu is an open-source PHP content management system based on the Symfony framework. The generation of API keys and password reset tokens utilizes a weak cryptographical ha...

6.9CVSS5.8AI score0.00193EPSS

Exploits0References6

CNNVD•added 2026/05/18 12:0 a.m.•7 views

tinyMQTT 资源管理错误漏洞

tinyMQTT is a pre-sorted tree traversal algorithm library developed by 0x7C9A. There is a resource management vulnerability in tinyMQTT; this vulnerability stems from improper protocol handling during the parsing of CONNECT packets, which may lead to exhaustion of server resources. The following...

7.5CVSS5.8AI score0.00278EPSS

Exploits0References1

Positive Technologies•added 2026/05/18 12:0 a.m.•7 views

PT-2026-41777

JWT.decodetoken, '', true, algorithm: 'HS256' accepts an attacker-forged token. OpenSSL::HMAC.digest'SHA256', '', payload returns a valid digest under an empty key, and no raise InvalidKeyError if key.empty? precondition exists in the HMAC algorithm. JWT.decodetoken, "", true, algorithm: 'HS256' ...

7.4CVSS5.7AI score0.00018EPSS

Exploits0References5

Positive Technologies•added 2026/05/18 12:0 a.m.•11 views

PT-2026-41769

Summary The Fileeditor module enforces an extension allowlist 'css','js','html','txt','json','sql','md' on content-write operations saveFile, createFile, but two destructive endpoints — deleteFileOrFolder and renameFile — never validate the extension of the source path. A backend user with...

6.5CVSS6AI score0.00037EPSS

Exploits0References4

Packet Storm•added 2026/05/18 12:0 a.m.•62 views

📄 Bichon 1.0.2 Bearer Access Token Disclosure

Bichon version 1.0.2 accepts Bearer access tokens via GET requests which has the negative side affect of being disclosed in logs, REFERER headers, and more. Bichon 1.0.2 Bearer Access Token Accepted via Query String + Logged ===================================================================...

5.8AI score

Exploits0

MariaDBUnix•added 2026/05/18 12:0 a.m.•8 views

CVE-2026-44171

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00173EPSS

Exploits0

MariaDBUnix•added 2026/05/18 12:0 a.m.•8 views

CVE-2026-44168

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00615EPSS

Exploits0

Tenable Nessus•added 2026/05/18 12:0 a.m.•10 views

Alibaba Cloud Linux 3 : 0102: openssh (ALINUX3-SA-2026:0102)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0102 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-35385: In OpenSSH before 10.3, a...

8.1CVSS6.1AI score0.00289EPSS

Exploits0References6

Tenable Nessus•added 2026/05/18 12:0 a.m.•6 views

TencentOS Server 3: perl:5.32 (TSSA-2026:0325)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0325 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.9CVSS7.4AI score0.00368EPSS

Exploits0References2

Tenable Nessus•added 2026/05/18 12:0 a.m.•11 views

Debian dla-4589 : libnginx-mod-http-auth-pam - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4589 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4589-1 [email protected]...

9.2CVSS9.5AI score0.23018EPSS

Exploits38References24

Positive Technologies•added 2026/05/18 12:0 a.m.•12 views

PT-2026-41694

Name of the Vulnerable Software and Affected Versions Arcane versions prior to 1.19.0 Description The unauthenticated 'GET /api/app-images/logo' endpoint reflects a user-supplied color query parameter into the body of an SVG document using strings.ReplaceAll without proper escaping. This...

8.2CVSS5.8AI score0.00185EPSS

Exploits0References8