CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/04/24 10:16 p.m.•2 views

CVE-2026-42171

7.8CVSS0.00007EPSS

OSV•added 2026/04/24 10:16 p.m.•1 views

DEBIAN-CVE-2026-42171

7.8CVSS5.3AI score0.00007EPSS

UbuntuCve•added 2026/04/24 10:16 p.m.•2 views

CVE-2026-42171

7.8CVSS5.8AI score0.00007EPSS

ATTACKERKB•added 2026/04/24 9:20 p.m.•2 views

CVE-2026-42171

7.8CVSS5.2AI score0.00007EPSS

Exploits0References5Affected Software1

CVE•added 2026/04/24 9:20 p.m.•10 views

CVE-2026-42171

NSIS 3.06.1 before 3.12 is affected: it may use the Low IL temp directory when running as SYSTEM, enabling local privilege escalation if my_GetTempFileName returns 0. Root cause is in the temp file handling, with a potential path-based abuse. Impact is local elevation of privileges with HIGH conf...

7.8CVSS5.2AI score0.00007EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/04/24 9:20 p.m.•24 views

CVE-2026-42171

7.8CVSS0.00007EPSS

The Hacker News•added 2025/11/17 11:20 a.m.•4 views

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT. The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS installers...

7.1AI score

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-0949

Malware in sbrugna...

4.3CVSS6.4AI score0.01224EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-11523

Malicious code in bioql PyPI...

8.1CVSS6.3AI score0.00181EPSS

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-0997

Malicious code in bioql PyPI...

7.3CVSS7.4AI score0.00215EPSS

Exploits0References5

RedhatCVE•added 2025/04/25 6:46 p.m.•12 views

CVE-2025-43715

Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition...

8.1CVSS6.7AI score0.00181EPSS

NVD•added 2025/04/17 3:15 a.m.•15 views

CVE-2025-43715

8.1CVSS0.00181EPSS

Exploits0References2

RedhatCVE•added 2025/02/05 3:56 a.m.•3 views

CVE-2024-27303

electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the .nsh...

7.3CVSS6.7AI score0.00215EPSS

OSV•added 2024/09/05 12:0 a.m.•7 views

DLA-3874-1 nsis - security update

Bulletin has no description...

5.3CVSS5.1AI score0.00299EPSS

OpenVAS•added 2024/09/05 12:0 a.m.•6 views

Debian: Security Advisory (DLA-3874-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.1AI score0.00299EPSS

Exploits0References2

Tenable Nessus•added 2024/09/05 12:0 a.m.•9 views

Debian dla-3874 : nsis - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3874 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3874-1 [email protected] https://www.debian.org/lts/security/...

5.3CVSS5.7AI score0.00299EPSS

Debian•added 2024/09/04 10:28 p.m.•14 views

[SECURITY] [DLA 3874-1] nsis security update

Debian LTS Advisory DLA-3874-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert September 05, 2024 https://wiki.debian.org/LTS Package : nsis Version : 3.06.1-1+deb11u1 CVE ID : CVE-2023-37378 Debian Bug : 1040880 CVE-2023-37378 Nullsoft Scriptable Install System NS...

5.3CVSS6AI score0.00299EPSS

Trellix•added 2024/07/26 12:0 a.m.•9 views

Handala’s Wiper Targets Israel

Handala’s Wiper Targets Israel By Tomer Shloman · July 26, 2024 This blog was also written by Mathanraj Thangaraju and Max Kersten CrowdStrike’s Falcon agent caused downtime for millions of computers across the globe beginning July 19. This event caused panic and chaos, which threat actors quickl...

8AI score

The Hacker News•added 2024/06/10 5:29 a.m.•12 views

Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus

Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus. The phishing attacks were aimed at a pharmaceutical company, a Russian research institute dealing with microbiology and vacci...

7.2AI score