CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added yesterday•6 views

Better Auth: Device authorization approve and deny accept any authenticated session while the user code is pending

6AI score

Exploits0References4Affected Software1

Vulnrichment•added yesterday•4 views

CVE-2026-10813 LMCache KV Cache utils.py hex_hash_to_int16 weak hash

A flaw has been found in LMCache up to 0.4.6. This affects the function hexhashtoint16 of the file lmcache/integration/vllm/utils.py of the component KV Cache Handler. Executing a manipulation can lead to use of weak hash. The attack needs to be launched locally. The attack requires a high level ...

CVE•added yesterday•10 views

CVE-2026-10812

CVE-2026-10812 affects zilliztech GPTCache up to 0.1.44. The vulnerability concerns the function BufferedReader.peek in gptcache/processor/pre.py within the Cache Key Handler. By manipulating input_data["image"], a weak hash is used. Exploitation is described as local, high complexity, and public...

EUVD•added yesterday•4 views

EUVD-2026-34272

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

NVD•added yesterday•5 views

CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

3.6CVSS

Cvelist•added yesterday•12 views

CVE-2026-10802 keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption

A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attac...

5.3CVSS

Exploits0References8

EUVD•added yesterday•4 views

EUVD-2026-34244

5.3CVSS5.5AI score

Exploits0References8

Nuclei•added yesterday•8 views

Premium Addons for Elementor - Unauthenticated Information Disclosure

Premium Addons for Elementor plugin for WordPress version 4.11.53 and below contains an unauthenticated information disclosure vulnerability.The vulnerability exists due to a missing authorization check in the gettemplatecontent AJAX handler, allowing unauthenticated attackers to retrieve private...

5.3CVSS5.8AI score0.0049EPSS

SUSE CVE•added yesterday•7 views

SUSE CVE-2025-71314

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...

5.8AI score0.00018EPSS

Exploits0References3

Positive Technologies•added yesterday•7 views

PT-2026-46307

7.6CVSS6AI score

Exploits0References5

Positive Technologies•added yesterday•7 views

PT-2026-46180

A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template. save pil image of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A...

3.6CVSS4.9AI score0.00009EPSS

Exploits0References9

Positive Technologies•added yesterday•8 views

PT-2026-46235

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument input data"image" results in use of weak hash. The attac...

NVD•added 2 days ago•6 views

Exploits0References8

CVE-2026-10775

A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function datahash of the component Cache Handler. This manipulation causes denial of service. The attack is restricted to local execution. A high degree of complexity is needed for the attack...

3.6CVSS0.00013EPSS

NVD•added 2 days ago•6 views

CVE-2026-10766

A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculatedataframehash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash. The attack can only be performed from a local...

3.6CVSS0.00009EPSS

CVE•added 2 days ago•9 views

CVE-2026-10766

The vulnerability CVE-2026-10766 affects mlrun up to 1.12.0-rc3, specifically the function mlrun.utils.helpers.calculate_dataframe_hash in DataFrame Hash Handler. The issue arises from a manipulation that leads to the use of a weak hash. Exploitation is possible only from a local environment, wit...

3.6CVSS4.7AI score0.00009EPSS

NVD•added 2 days ago•6 views

CVE-2025-71314

0.00018EPSS

CVE•added 2 days ago•5 views

CVE-2025-71314

The CVE-2025-71314 entry concerns the Linux kernel driver for drm/panthor. It describes a scenario where the memory subsystem can become blocked due to panthor_gpu_flush_caches() failures, potentially causing flush operations to never complete. The mitigation path includes scheduling a reset to r...

5.8AI score0.00018EPSS

EUVD•added 2 days ago•6 views

EUVD-2025-210057

5.8AI score0.00018EPSS

Cvelist•added 2 days ago•27 views

CVE-2025-71314 drm/panthor: Recover from panthor_gpu_flush_caches() failures

0.00018EPSS