CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/25 9:0 p.m.•8 views

EUVD-2026-31741

Cvelist•added 2026/05/25 9:0 p.m.•21 views

CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference

4.8CVSS0.00014EPSS

Vulnrichment•added 2026/05/25 9:0 p.m.•8 views

CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference

ATTACKERKB•added 2026/05/25 9:0 p.m.•8 views

CVE-2026-9503

Exploits0References7Affected Software1

CVE•added 2026/05/25 9:0 p.m.•15 views

CVE-2026-9503

Summary: CVE-2026-9503 affects GNU LibreDWG up to v0.14, specifically the DWG File Handler’s dwg_next_entity function in src/decode.c. The issue is a null pointer dereference arising from the function’s handling of certain DWG entities, with exploitation requiring local access. The exploit has be...

FreeBSD•added 2026/05/25 12:0 a.m.•14 views

OpenEXR -- 3.4.12 fixes multiple vulnerabilities

Cary Phillips reports: The OpenEXR 3.4.12 release addresses the following security vulnerabilities: CVE-2026-45696 OpenEXR htundoimpl heap-buffer-overflow READ via codestream/channel width mismatch in HTJ2K decode CVE-2026-44663 Integer overflow in HTJ2K decoder htundoimpl leading to...

5.9AI score0.00024EPSS

Exploits0References1

CNNVD•added 2026/05/25 12:0 a.m.•7 views

GNU LibreDWG 代码问题漏洞

GNU LibreDWG is a C language library for working with DWG files from the US GNU community. A code issue vulnerability exists in GNU LibreDWG version 0.14 and earlier versions, which stems from a null pointer dereference in the dwgnextentity function of the src/decode.c file in the DWG File Handle...

4.8CVSS6.2AI score0.00014EPSS

Tenable Nessus•added 2026/05/25 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-48829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This...

7.5CVSS5.5AI score0.00059EPSS

Exploits0References2

NVD•added 2026/05/24 4:16 a.m.•7 views

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS0.00059EPSS

Exploits0References5

OSV•added 2026/05/24 4:16 a.m.•3 views

UBUNTU-CVE-2026-48829

UbuntuCve•added 2026/05/24 4:16 a.m.•13 views

Exploits0References6

CVE-2026-48829

Cvelist•added 2026/05/24 2:22 a.m.•13 views

CVE-2026-48829

7.5CVSS0.00059EPSS

Debian CVE•added 2026/05/24 2:22 a.m.•8 views

CVE-2026-48829

Vulnrichment•added 2026/05/24 2:22 a.m.•5 views

Exploits0

CVE-2026-48829

ATTACKERKB•added 2026/05/24 2:22 a.m.•11 views

CVE-2026-48829

EUVD•added 2026/05/24 2:22 a.m.•8 views

Exploits0References5

EUVD-2026-31562

CVE•added 2026/05/24 2:22 a.m.•56 views

CVE-2026-48829

Technical details (affected product/versions, root cause, impact, fixes) are not publicly available in the provided documents. Monitor for updates.

Positive Technologies•added 2026/05/24 12:0 a.m.•10 views

Exploits0References5

PT-2026-42903

Name of the Vulnerable Software and Affected Versions GNU SASL versions prior to 2.2.3 Description DIGEST-MD5 contains a NULL pointer dereference affecting both clients and servers. This issue occurs in the file lib/digest-md5/getsubopt.c when a known token is provided without an accompanying =...