CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/19 6:16 p.m.•10 views

CVE-2026-32134

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

5.9CVSS0.00055EPSS

RedHat Linux•added 2026/05/19 6:12 p.m.•5 views

firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript: WebAssembly component...

6.3CVSS5.7AI score0.00044EPSS

Exploits0References6

Vulnrichment•added 2026/05/19 5:22 p.m.•12 views

CVE-2026-32134 NanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session Restore

Cvelist•added 2026/05/19 5:22 p.m.•35 views

CVE-2026-32134 NanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session Restore

5.9CVSS0.00055EPSS

CVE•added 2026/05/19 5:22 p.m.•10 views

CVE-2026-32134

CVE-2026-32134 affects NanoMQ subinfol is freed/NULL’d before restoration, and the transport iterates it without NULL checks. It is fixed in version 0.24.11; upgrade to that release or later to mitigate. No exploitation details are provided in the available documents.

EUVD•added 2026/05/19 5:22 p.m.•10 views

EUVD-2026-30965

ATTACKERKB•added 2026/05/19 5:22 p.m.•5 views

CVE-2026-32134

Exploits0References5Affected Software2

RedHat Linux•added 2026/05/19 4:22 p.m.•5 views

freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This double free vulnerability occurs during the cleanup process when a remote desktop session disconnects. Specifically, if a title allocation fails, a pointer to an application window is freed but not removed fro...

7.5CVSS5.8AI score0.00158EPSS

Exploits1References12

RedHat Linux•added 2026/05/19 4:14 p.m.•5 views

firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript: WebAssembly component...

6.3CVSS5.7AI score0.00044EPSS

Exploits0References6

OSV•added 2026/05/19 3:15 p.m.•4 views

CLSA-2026-1779203719 php: Fix of 6 CVEs

CVE-2026-6722: fix stale SOAPGLOBAL refmap pointer with Apache Map GHSA-85c2-q967-79q5 - CVE-2026-7262: fix broken Apache map value NULL check in soap encoder GHSA-hmxp-6pc4-f3vv - CVE-2026-7568: fix signed integer overflow of char array offset in metaphone GHSA-96wq-48vp-hh57 - CVE-2026-7261:...

9.8CVSS5.9AI score0.00369EPSS

Exploits0References1

OSV•added 2026/05/19 2:44 p.m.•1 views

OPENSUSE-SU-2026:20769-1 Security update for mozjs115

This update for mozjs115 fixes the following issues: Changes in mozjs115: - CVE-2026-32776: Fixed a NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728 - CVE-2026-32777: Fixed a denial of service due to infinite loop in DTD...

5.5CVSS7.1AI score0.00006EPSS

Exploits1References6

NVD•added 2026/05/19 2:16 p.m.•12 views

CVE-2026-8968

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

7.5CVSS0.00062EPSS

UbuntuCve•added 2026/05/19 2:16 p.m.•5 views

CVE-2026-8968

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

7.5CVSS5.8AI score0.00062EPSS

Exploits0References9

OSV•added 2026/05/19 2:16 p.m.•3 views

UBUNTU-CVE-2026-8968

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

7.5CVSS5.8AI score0.00062EPSS

Exploits0References10

Rosalinux•added 2026/05/19 1:32 p.m.•7 views

Advisory ROSA-SA-2026-3272

software: harfbuzz 7.0.1 OS: ROSA-CHROME unaffected versions = harfbuzz-7.0.1-3 affected versions harfbuzz-7.0.1-3 CVE-ID: CVE-2026-22693 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A null pointer dereferencing vulnerability in HarfBuzz is related to a lack of validation of the hbmalloc return value...

5.3CVSS5.7AI score0.00046EPSS

Exploits1

RedHat Linux•added 2026/05/19 1:31 p.m.•11 views

kernel: bpf: Do not include stack ptr register in precision backtracking bookkeeping

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...

7.8CVSS6.3AI score0.00053EPSS

RedHat Linux•added 2026/05/19 1:31 p.m.•6 views

kernel: dm: fix NULL pointer dereference in __dm_suspend()

In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in dmsuspend There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes: BUG...

5.8AI score0.00065EPSS

RedHat Linux•added 2026/05/19 1:31 p.m.•6 views

kernel: wifi: mac80211_hwsim: fix typo in frequency notification

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...

5.8AI score0.00035EPSS