Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4571 matches found

CVE
CVEadded 2026/05/01 1:45 p.m.13 views

CVE-2026-7582

CVE-2026-7582 affects AcademySoftwareFoundation OpenImageIO prior to 3.2.0.1-dev in the DDS Image Handler, specifically the file src/dds.imageio/ddsinput.cpp. The issue is an out-of-bounds write in the DDS input handling. Exploitation is described as local, with a public exploit available. A patc...

5.3CVSS5.4AI score0.00112EPSS
Exploits0References7
Cvelist
Cvelistadded 2026/05/01 1:45 p.m.32 views

CVE-2026-7582 AcademySoftwareFoundation OpenImageIO DDS Image ddsinput.cpp out-of-bounds write

A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS Image Handler. The manipulation results in out-of-bounds write. The attack needs to be approached locally...

5.3CVSS0.00112EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/05/01 1:45 p.m.3 views

CVE-2026-7582

A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS Image Handler. The manipulation results in out-of-bounds write. The attack needs to be approached locally...

5.3CVSS5.6AI score0.00112EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/05/01 12:0 a.m.6 views

PT-2026-36354

Name of the Vulnerable Software and Affected Versions AcademySoftwareFoundation OpenImageIO versions prior to 3.2.0.1-dev Description An out-of-bounds write issue exists within the DDS Image Handler component, specifically affecting the src/dds.imageio/ddsinput.cpp file. This flaw requires local...

5.3CVSS6AI score0.00112EPSS
Exploits0References15
VulnCheck KEV
VulnCheck KEVadded 2026/05/01 12:0 a.m.16 views

VulnCheck KEV: CVE-2025-60021

Remote command injection vulnerability in heap profiler builtin service in Apache bRPC all versions 1.15.0 on all platforms allows attacker to inject remote command. Root Cause: The bRPC heap profiler built-in service /pprof/heap does not validate the user-provided extraoptions parameter and...

9.8CVSS7.6AI score0.26163EPSS
In wildExploits3References2
OSV
OSVadded 2026/04/30 6:20 p.m.4 views

GHSA-W24R-5266-9C3C Clerk has an authorization bypass when combining organization, billing, or reverification checks

Summary has, auth.protect, and related authorization predicates in @clerk/shared, @clerk/nextjs, @clerk/backend, and other framework SDKs can return true for certain combined authorization checks when the result should be false, allowing a gated action to proceed for a user who does not satisfy t...

8.1CVSS5.8AI score0.00246EPSS
Exploits0References3
Packet Storm
Packet Stormadded 2026/04/30 12:0 a.m.138 views

📄 EfficientLab Controlio DLL Hijacking

EfficientLab Controlio versions prior to 1.3.95 suffer from dll hijacking vulnerabilities. SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: DLL Hijacking product: EfficientLab Controlio cloud-based employee monitoring...

5.1CVSS5.3AI score0.00163EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-7376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CVE-2026-7376 Note that Nessus relies on the presence of the package as reported by...

7.5CVSS5.8AI score0.00193EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-6535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CVE-2026-6535 Note that Nessus relies on the...

5.5CVSS5.8AI score0.00141EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-40685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header,...

9.8CVSS6AI score0.00321EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-40684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. Th...

7.5CVSS6AI score0.00362EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-33846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming...

7.5CVSS6.1AI score0.01185EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-42013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back ...

8.2CVSS5.8AI score0.00354EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-42009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator...

7.5CVSS5.8AI score0.01194EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.25 views

Linux Distros Unpatched Vulnerability : CVE-2026-42014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This...

6.6CVSS5.9AI score0.00144EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-41606

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, whic...

5.3CVSS5.8AI score0.00585EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/29 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-7320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1,...

7.5CVSS5.8AI score0.00273EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/29 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-5545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both us...

6.5CVSS5.8AI score0.00414EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2026/04/29 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-7347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromiu...

8.1CVSS6.1AI score0.0035EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/29 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23557

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References3
Rows per page
Query Builder