CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/04 2:48 p.m.•8 views

CVE-2026-29169

7.5CVSS5.8AI score0.00594EPSS

Exploits0References2

CVE•added 2026/05/04 2:48 p.m.•61 views

CVE-2026-29169

CVE-2026-29169 : A NULL pointer dereference in mod_dav_lock of Apache HTTP Server 2.4.66 and earlier can crash the server when handling a malicious request. mod_dav_lock is not used internally by mod_dav or mod_dav_fs; the only known use-case was with mod_dav_svn from Apache Subversion (earlier t...

7.5CVSS5.8AI score0.00594EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/04 2:41 p.m.•84 views

CVE-2026-33007 Apache HTTP Server: mod_authn_socache crash

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

0.00514EPSS

Debian CVE•added 2026/05/04 2:41 p.m.•5 views

CVE-2026-33007

EUVD•added 2026/05/04 2:41 p.m.•7 views

Exploits0

EUVD-2026-26963

Vulnrichment•added 2026/05/04 2:41 p.m.•4 views

CVE-2026-33007 Apache HTTP Server: mod_authn_socache crash

5.8AI score0.00514EPSS

ATTACKERKB•added 2026/05/04 2:41 p.m.•6 views

CVE-2026-33007

Exploits0References2Affected Software1

CVE•added 2026/05/04 2:41 p.m.•145 views

CVE-2026-33007

CVE-2026-33007 affects the Apache HTTP Server mod_authn_socache, where a NULL pointer dereference in 2.4.66 and earlier allows an unauthenticated remote user to crash a child process within a caching forward proxy configuration. The issue is resolved by upgrading to version 2.4.67. Unclear if in-...

Exploits0References2Affected Software1

OSV•added 2026/05/04 1:35 p.m.•4 views

JLSEC-2026-440

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to tria...

7.5CVSS5.8AI score0.00952EPSS

Exploits0References4

OSV•added 2026/05/04 1:12 p.m.•6 views

JLSEC-2026-439 When doing a second SMB request to the same host again, curl would wrongly use a data pointer...

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS7.1AI score0.00715EPSS

Exploits2References6

NVD•added 2026/05/04 7:16 a.m.•18 views

CVE-2026-43864

mutt before 2.3.2 has a showsigsummary NULL pointer dereference...

2.5CVSS0.00096EPSS

UbuntuCve•added 2026/05/04 7:16 a.m.•3 views

CVE-2026-43864

mutt before 2.3.2 has a showsigsummary NULL pointer dereference...

OSV•added 2026/05/04 7:16 a.m.•5 views

UBUNTU-CVE-2026-43864

mutt before 2.3.2 has a showsigsummary NULL pointer dereference...

OSV•added 2026/05/04 7:5 a.m.•4 views

Exploits0References2

CLSA-2026-1777878328 libxml2: Fix of 2 CVEs

CVE-2018-14404: fix NULL pointer dereference in xmlXPathCompOpEval when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case - CVE-2019-19956: fix memory leak in xmlParseBalancedChunkMemoryRecover related to newDoc-oldNs...

7.5CVSS6.8AI score0.05515EPSS

CVE•added 2026/05/04 6:10 a.m.•18 views

CVE-2026-43864

Affected product: mutt. Vulnerability: show_sig_summary NULL pointer dereference in mutt before 2.3.2. Root cause: NULL pointer dereference in show_sig_summary. Impact: low (CVSS: LOW, LOCAL, user interaction required). References indicate a fix in the project history (commit linked). Remediation...

ATTACKERKB•added 2026/05/04 6:10 a.m.•3 views

CVE-2026-43864

mutt before 2.3.2 has a showsigsummary NULL pointer dereference...

Debian CVE•added 2026/05/04 6:10 a.m.•8 views

Exploits0References2

CVE-2026-43864

mutt before 2.3.2 has a showsigsummary NULL pointer dereference...