CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2026/06/15 4:23 p.m.•7 views

CVE-2026-8357

LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element pa...

6.9CVSS5.6AI score0.0012EPSS

Exploits0

Positive Technologies•added 2026/06/15 12:0 a.m.•8 views

PT-2026-49267

6.9CVSS5.6AI score0.0012EPSS

RedhatCVE•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-34696

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00166EPSS

CVE•added 2026/06/09 8:1 p.m.•31 views

CVE-2026-47926

CVE-2026-47926 affects Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier. The issue is an out-of-bounds read (CWE-125) in the application, leading to potential disclosure of sensitive memory. Exploitation requires user interaction —a victim must open a malicious file. The available d...

5.5CVSS5.4AI score0.00154EPSS

Exploits0References1Affected Software2

CVE•added 2026/06/09 8:1 p.m.•19 views

CVE-2026-47921

Acrobat Reader is affected by a Use After Free (CWE-416) in versions 24.001.30365, 26.001.21651 and earlier, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Root cause is use-after-free in the aff...

7.8CVSS6.2AI score0.00168EPSS

Exploits0References1Affected Software2

EUVD•added 2026/06/09 7:24 p.m.•8 views

EUVD-2026-35803

Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

8.6CVSS6.2AI score0.00177EPSS

CVE•added 2026/06/09 5:43 p.m.•27 views

CVE-2026-34701

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a heap-based buffer overflow that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. The CVSSv3.1 base score is 7.8 ( HIGH ) with...

7.8CVSS6.2AI score0.00175EPSS

Exploits0References1Affected Software1

EUVD•added 2026/06/09 5:43 p.m.•9 views

EUVD-2026-35783

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS

CVE•added 2026/06/05 5:49 p.m.•26 views

CVE-2026-49492

The CVE-2026-49492 entry concerns Markdown Preview Enhanced (pre-0.8.28) which opens external files/links from the preview via a shell and does not validate untrusted inputs from the markdown document (e.g., diagram filename attribute, imported file paths, latex_engine code-chunk attribute). On W...

8.8CVSS5.7AI score0.0034EPSS

ATTACKERKB•added 2026/05/27 7:55 p.m.•8 views

CVE-2026-48792

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event nodes, causing pusbhasvirtualinputdevice to return 0 no virtual devices found even when every open call failed due to...

4.4CVSS5.8AI score0.00128EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/05/12 5:49 p.m.•6 views

CVE-2026-34662 Illustrator | NULL Pointer Dereference (CWE-476)

Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...

5.5CVSS5.8AI score0.0013EPSS

SUSE CVE•added 2026/05/11 2:13 p.m.•8 views

SUSE CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

EUVD•added 2026/05/08 3:31 p.m.•7 views

Exploits0References3

EUVD-2026-28697

5.7AI score0.00121EPSS

Exploits0References3

NVD•added 2026/05/08 3:16 p.m.•6 views

CVE-2026-43391

8.8CVSS0.00121EPSS

UbuntuCve•added 2026/05/08 3:16 p.m.•7 views

CVE-2026-43391

Cvelist•added 2026/05/08 2:21 p.m.•30 views

Exploits0References4

CVE-2026-43391 nsfs: tighten permission checks for handle opening

8.8CVSS0.00121EPSS

CVE•added 2026/05/08 2:21 p.m.•19 views

CVE-2026-43391

CVE-2026-43391 affects the Linux kernel nsfs component. The issue arises from insufficient permission checks when opening handles, enabling privileged services to potentially view other privileged services’ namespaces and leak information. The fix centralizes policy via may_see_all_namespaces() a...

Exploits0References2Affected Software1

Debian CVE•added 2026/05/08 2:21 p.m.•6 views

CVE-2026-43391