Lucene search
K

2582 matches found

Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-54798

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt th...

7.1CVSS0.0024EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42588

Vinchin Backup & Recovery through 9.0.0.86562 contains a stack buffer overflow vulnerability in the ModuleHandShake function of the agentlinkserver service that allows unauthenticated remote attackers to overwrite the saved return address by supplying an oversized listenuuid field that is measure...

6.9CVSS6.2AI score0.00463EPSS
Exploits0References3
CVE
CVE
added 5 days ago14 views

CVE-2026-54778

CVE-2026-54778 : CoreWCF UnixDomainSocket suffers a race in POSIX peer identity resolution due to non-reentrant getpwuid/getgrgid calls, allowing identity misattribution or host process crash under contention. Affected versions are prior to 1.8.1 and 1.9.1; fixed in 1.8.1 and 1.9.1. Impact is lim...

6.2CVSS6AI score0.001EPSS
Exploits0References6
NVD
NVD
added 5 days ago9 views

CVE-2026-59892

OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx- HTTP header values with decodeURIComponent without handling decode errors, allowing an unauthenticated remote attacker to send a malformed...

7.5CVSS0.00436EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-59875 node-tar: Uncaught Exception DoS via NUL byte in PAX path/linkpath records

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.17, node-tar does not strip NUL bytes from PAX path and linkpath records in src/pax.ts, allowing a crafted archive with values to reach fs.lstat or fs.open and terminate the process with an uncaught exception. This issue is...

5.3CVSS0.00291EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added last week7 views

Coder vulnerable to denial of service via unbounded request body in AI Bridge provider endpoints

Summary AI Bridge provider handlers read request bodies with io.ReadAll without a maximum size so an authenticated user with AI Bridge access could send an arbitrarily large body and exhaust memory. Note: Exploitation requires authenticated access to the AI Bridge endpoints and the impact is...

6.5CVSS6AI score0.00552EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/06/29 8:17 p.m.9 views

CVE-2026-43742

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.0025EPSS
Exploits0References3
NVD
NVD
added 2026/06/29 8:17 p.m.9 views

CVE-2026-43704

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious web extension may be able to cause an unexpected process crash...

5.3CVSS0.00218EPSS
Exploits0References3
NVD
NVD
added 2026/06/29 8:17 p.m.8 views

CVE-2026-43707

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.00307EPSS
Exploits0References3
NVD
NVD
added 2026/06/29 8:17 p.m.8 views

CVE-2026-43699

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.0024EPSS
Exploits0References3
NVD
NVD
added 2026/06/29 8:17 p.m.6 views

CVE-2026-39872

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.00194EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:43 p.m.6 views

CVE-2026-43726

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS5.8AI score0.00189EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 7:43 p.m.25 views

CVE-2026-43707

CVE-2026-43707 is a memory corruption vulnerability in WebKit that could cause an unexpected process crash when processing maliciously crafted web content. Apple fixed it in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. The vulnerability is tied to memory handling in WebKit co...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:42 p.m.7 views

CVE-2026-43712

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00202EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 7:42 p.m.18 views

CVE-2026-43712

CVE-2026-43712 concerns a memory handling issue that could cause an unexpected process crash when processing maliciously crafted web content. According to the provided sources, Apple platforms fix this with Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. The CVE is tied to impro...

6.5CVSS5.8AI score0.00202EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:42 p.m.6 views

CVE-2026-43709

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.0024EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 7:42 p.m.17 views

CVE-2026-43709

CVE-2026-43709 affects WebKit-based components in Safari, iOS/iPadOS, and macOS Tahoe/macOS Tahoe builds. Description confirms a use-after-free vulnerability in memory handling that can cause a crash when processing malicious web content. Affected versions include Safari 26.5.2, iOS 26.5.2, iPadO...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References3Affected Software4
CVE
CVE
added 2026/06/29 7:42 p.m.21 views

CVE-2026-43699

CVE-2026-43699 is a use-after-free vulnerability in WebKit-related components that could be triggered by processing malicious web content, potentially causing an unexpected process crash. The issue is addressed with memory-management fixes and is fixed in Safari 26.5.2, iOS 26.5.2 / iPadOS 26.5.2...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References3Affected Software4
CVE
CVE
added 2026/06/29 7:42 p.m.19 views

CVE-2026-43734

CVE-2026-43734 is a use-after-free vulnerability in processing maliciously crafted web content, addressed by memory-management fixes. The accompanying disclosures indicate fixes across Apple platforms: Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. Affected components in the co...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References3Affected Software4
CVE
CVE
added 2026/06/29 7:42 p.m.15 views

CVE-2026-28979

Summary: CVE-2026-28979 describes an out-of-bounds access issue fixed by enhanced bounds checking. The vulnerability affects web content processing in Apple platforms and is addressed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. Affected components (from provided docs): Sa...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References3Affected Software4
Rows per page
Query Builder