CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fixed NULL pointer access issues. This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to complete execution before proceeding with the partner...

5.5CVSS6.4AI score0.00119EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ixgbe: corrected the incorrect map used in eee linkmode. An incorrect use of ixgbelpmap was encountered in loops intended to populate the supported and advertised EEE linkmode bitmaps, based on ixgbelsmap. This led to incorrect b...

7.1CVSS5.7AI score0.00014EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fixed a use-after-free case in tcpmregistersourcecaps. There might be a potential use-after-free case in tcpmregistersourcecaps. This could occur when: - New say, invalid source caps are advertised. - Existing...

7.8CVSS6.4AI score0.00012EPSS

Cvelist•added 2026/05/19 9:39 p.m.•25 views

CVE-2026-34358 CtrlPanel: Missing Authorization on Admin Write Endpoints Allows RBAC Bypass

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce permission checks on form display methods but omit equivalent checks on the corresponding write methods, allowing any...

8.1CVSS0.00032EPSS

ATTACKERKB•added 2026/05/19 9:39 p.m.•3 views

CVE-2026-34358

8.1CVSS5.9AI score0.00032EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/05/12 8:21 p.m.•3 views

CVE-2026-34327

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

Microsoft KB•added 2026/05/12 2:0 p.m.•5 views

Update 28.1 for Microsoft Dynamics 365 Business Central 2026 Release Wave 1 (Application Build 28.1.49886, Platform Build 28.0.49873)

Update 28.1 for Microsoft Dynamics 365 Business Central 2026 Release Wave 1 Application Build 28.1.49886, Platform Build 28.0.49873 Overview This update replaces previously released updates. You should always install the latest update.After you install this hotfix, you might have to update your...

7.8CVSS5.9AI score0.00045EPSS

Exploits0

EUVD•added 2026/05/08 12:31 a.m.•5 views

EUVD-2026-28452

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

NVD•added 2026/05/07 10:16 p.m.•8 views

CVE-2026-34327

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

8.2CVSS0.00217EPSS

CVE•added 2026/05/07 8:58 p.m.•6 views

CVE-2026-34327

Technical details about CVE-2026-34327 are not publicly available in the provided documents. Monitor for updates.

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/07 8:58 p.m.•3 views

CVE-2026-34327

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

Cvelist•added 2026/05/07 8:58 p.m.•26 views

CVE-2026-34327 Microsoft Partner Center Spoofing Vulnerability

...

8.2CVSS0.00217EPSS

Vulnrichment•added 2026/05/07 8:58 p.m.•4 views

CVE-2026-34327 Microsoft Partner Center Spoofing Vulnerability

...

Microsoft CVE•added 2026/05/07 2:0 p.m.•5 views

Microsoft Partner Center Spoofing Vulnerability

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

Kaspersky•added 2026/05/07 12:0 a.m.•8 views

Exploits0

KLA91030 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azur...

10CVSS6.8AI score0.00217EPSS

Exploits0References11

CNNVD•added 2026/05/07 12:0 a.m.•3 views

Microsoft Partner Center 安全漏洞

The Microsoft Partner Center is an online platform operated by Microsoft Corporation in the United States. There is a security vulnerability in the Microsoft Partner Center, which stems from cross-domain resource references controlled by external parties. This vulnerability could allow unauthoriz...

Positive Technologies•added 2026/05/07 12:0 a.m.•5 views

PT-2026-38581

Name of the Vulnerable Software and Affected Versions Microsoft Partner Center affected versions not specified Description An externally controlled reference to a resource in another sphere allows an unauthorized attacker to perform spoofing over a network. Recommendations At the moment, there is...