CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

83 matches found

OSV•added 2026/05/27 2:16 p.m.•2 views

UBUNTU-CVE-2026-42789

Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey pubkeycert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/publickey/src/pubkeycert.erl, pubkeycert:validateextensions/7 contains two...

7CVSS5.9AI score0.00037EPSS

Exploits0References10

EUVD•added 2026/05/27 12:23 p.m.•4 views

EUVD-2026-32272

7CVSS5.9AI score0.00037EPSS

Exploits0References6

FreeBSD•added 2026/05/27 12:0 a.m.•8 views

Erlang/OTP -- OCSP responder certificate accepted after expiry in public_key

https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff reports: Erlang/OTP's publickey application fails to validate the validity period of OCSP responder certificates during response verification. An attacker possessing an expired OCSP responder's private key can forge responses...

6.3CVSS5.8AI score0.00051EPSS

Exploits0References1

RedHat Linux•added 2026/05/05 7:56 a.m.•9 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP1)

An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.3.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

9.3CVSS5.9AI score0.00025EPSS

Exploits0References13

SUSE Linux•added 2026/04/28 11:10 a.m.•1 views

Security update for bouncycastle

This update for bouncycastle fixes the following issues: Update to version 1.84. Security issues fixed: CVE-2025-14813: GOSTCTR implementation unable to process more than 255 blocks correctly bsc1262225. CVE-2026-0636: LDAP injection in LDAPStoreHelper.java leads to information disclosure...

8.8CVSS5.7AI score0.00022EPSS

Exploits0References20

Tenable Nessus•added 2026/04/16 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-5588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Cast...

6.3CVSS7.1AI score0.00013EPSS

Exploits0References4

OSV•added 2026/04/15 6:31 p.m.•0 views

GHSA-WG6Q-6289-32HP Bouncy Castle Crypto Package For Java: Use of a Broken or Risky Cryptographic Algorithm vulnerability in bcpkix modules

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules. PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84...

6.3CVSS5.8AI score0.00013EPSS

Exploits0References4

CVE•added 2026/04/15 9:6 a.m.•17 views

CVE-2026-5588

CVE-2026-5588 is a PKIX validation flaw in the Bouncy Castle libraries (BC-JAVA, BCPKIX-FIPS, BCPIX-LTS) where CompositeVerifier could accept an empty signature sequence. Affects BC-JAVA 1.67–1.83 (fixed in 1.84); BCPKIX-FIPS 2.0.6–2.0.10 (fixed in 2.0.11) and 2.1.7–2.1.10 (fixed in 2.1.11); BCPI...

6.3CVSS5.8AI score0.00013EPSS

Exploits0References2

Cvelist•added 2026/04/15 9:6 a.m.•27 views

CVE-2026-5588 PKIX draft CompositeVerifier accepts empty signature sequence as valid.

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All pkix modules, Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All pkix modules. This vulnerability...

6.3CVSS0.00013EPSS

Exploits0References2

Debian CVE•added 2026/04/15 9:6 a.m.•3 views

CVE-2026-5588

6.3CVSS5.8AI score0.00013EPSS

Exploits0

OSV•added 2026/04/07 10:16 p.m.•0 views

DEBIAN-CVE-2026-28387

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS6.2AI score0.00044EPSS

Exploits0References1

Cvelist•added 2026/04/07 12:28 p.m.•23 views

CVE-2026-32144 OCSP designated-responder authorization bypass via missing signature verification

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...

7.6CVSS0.00039EPSS

Exploits0References6

Tenable Nessus•added 2026/04/07 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-28387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may...

8.1CVSS7.6AI score0.00044EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2009-3457

Malware in sbrugna...

7.5CVSS6.1AI score0.0036EPSS

Exploits0References7

OSV•added 2025/08/13 10:15 a.m.•1 views

UBUNTU-CVE-2025-8916

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...

6.3CVSS6.7AI score0.00092EPSS

Exploits0References4