CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 5 days ago•4 views

UBUNTU-CVE-2026-53223

7.1CVSS5.8AI score0.00131EPSS

Exploits0References11

OSV•added 5 days ago•2 views

UBUNTU-CVE-2026-53134

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftfib: fix stale stack leak via the OIFNAME register For NFTFIBRESULTOIFNAME the destination register is declared with len = IFNAMSIZ four 32-bit registers, but on the lookup-fail, RTNLOCAL and oif-mismatch paths...

4.8CVSS5.8AI score0.00176EPSS

Exploits0References11

CVE•added 5 days ago•6 views

CVE-2026-53223

CVE-2026-53223 (Linux kernel) : A networking timestamping bug in net: guard timestamp cmsgs to real error queue skbs where skb_is_err_queue() incorrectly treated PACKET_OUTGOING as the sole marker for sk_error_queue. This misclassification affects AF_PACKET sockets, allowing timestamp-related con...

7.1CVSS5.8AI score0.00131EPSS

NVD•added 6 days ago•6 views

CVE-2026-52929

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

7.5CVSS0.00394EPSS

EUVD•added 6 days ago•9 views

EUVD-2026-38699

5.7AI score0.00394EPSS

CVE•added 6 days ago•8 views

CVE-2026-52929

The CVE affects the Linux kernel SCTP stream handling. When ADD_OUT_STREAMS is denied, the rollback only shrinks queued chunks and lowers outcnt, leaving removed stream metadata behind. A subsequent re-add can reuse a stale ext and trigger a null-pointer dereference in the scheduler get path, pot...

7.5CVSS5.7AI score0.00394EPSS

Cvelist•added 6 days ago•40 views

CVE-2026-52929 sctp: stream: fully roll back denied add-stream state

7.5CVSS0.00394EPSS

NVD•added 2026/06/12 9:16 p.m.•9 views

CVE-2026-44784

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, group owners who are not necessarily admins or moderators can view a group's outgoing email/SMTP credentials in plaintext...

6.5CVSS0.00231EPSS

NVD•added 2026/06/11 2:16 p.m.•12 views

CVE-2026-53723

Guzzle Services provides an implementation of the Guzzle Command library that uses Guzzle service descriptions to describe web services, serialize requests, and parse responses into easy to use model structures. Versions prior ro 1.5.4 do not safely serialize scalar XML element values containing...

5.8CVSS0.00219EPSS

OSV•added 2026/06/11 1:5 p.m.•6 views

GHSA-Q8R6-5HFW-5JFF guzzlehttp/guzzle-services' XML Request Serialization Vulnerable to XML Injection via CDATA Terminator

Impact guzzlehttp/guzzle-services does not safely serialize scalar XML element values containing the CDATA terminator . The XML request serializer writes values containing , or & with XMLWriter::writeCData$value. If attacker-controlled input contains , the CDATA section closes early and the...

CVE•added 2026/06/11 12:42 p.m.•35 views

Exploits0References3

CVE-2026-53723

Guzzle Services (guzzlehttp/guzzle-services) contains an XML request serialization flaw in versions before 1.5.4 where scalar XML element values may include the CDATA terminator ]]>, causing the CDATA to end early and injecting XML markup into outgoing requests. This is an outgoing request‑bod...

Vulnrichment•added 2026/06/11 12:42 p.m.•9 views

CVE-2026-53723 guzzlehttp/guzzle-services' XML Request Serialization Vulnerable to XML Injection via CDATA Terminator

Positive Technologies•added 2026/06/11 12:0 a.m.•13 views

PT-2026-48666

RedHat Linux•added 2026/06/10 3:39 p.m.•6 views

Exploits0References2

axios: Axios: Arbitrary HTTP header injection via prototype pollution

A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to...

7.4CVSS7.7AI score0.00394EPSS

Exploits1References5

RedhatCVE•added 2026/06/05 7:13 p.m.•8 views

CVE-2026-40569

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a mass assignment vulnerability in the mailbox connection settings endpoints of FreeScout connectionIncomingSave at app/Http/Controllers/MailboxesController.php:468 and connectionOutgoingSave at line 398...

9CVSS5.6AI score0.00296EPSS

OSV•added 2026/05/28 10:16 a.m.•6 views

UBUNTU-CVE-2026-46238

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

8.8CVSS5.7AI score0.00262EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•12 views

CVE-2026-4915

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to filter nil elements from outgoing webhook attachment payloads before processing, which allows an authenticated user to cause a denial of service server process termination via a crafted webhook...

6.5CVSS5.8AI score0.00277EPSS

Snyk•added 2026/05/25 10:59 a.m.•6 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the outgoing webhook process. An attacker can cause the server to terminate unexpectedly by sending a crafted webhook callback response containing a null attachment entry...

7.1CVSS5.8AI score0.00277EPSS

Exploits0References2

Cvelist•added 2026/05/25 7:10 a.m.•36 views

CVE-2026-4915 Server panic via outgoing webhook responses

6.5CVSS0.00277EPSS