CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/03/18 1:34 a.m.•29 views

CVE-2026-22169 OpenClaw < 2026.2.22 - Allowlist Bypass via sort Configuration in safeBins

7.1CVSS0.00197EPSS

EUVD•added 2026/03/18 1:34 a.m.•4 views

EUVD-2026-12710

ATTACKERKB•added 2026/03/18 1:34 a.m.•4 views

CVE-2026-22169

Vulnrichment•added 2026/03/18 1:34 a.m.•2 views

Exploits0References4

CVE-2026-22169 OpenClaw < 2026.2.22 - Allowlist Bypass via sort Configuration in safeBins

CVE•added 2026/03/18 1:34 a.m.•16 views

CVE-2026-22169

OpenClaw before version 2026.2.22 has an allowlist bypass in safeBins. When sort is enabled in tools.exec.safeBins, the compress-program parameter can be exploited to invoke external helpers and execute unauthorized external programs. This is a LOCAL, high-severity issue with high impact on confi...

Exploits0References3Affected Software1

Qualys Blog•added 2026/03/17 3:0 p.m.•7 views

The New Era of Application Security: Reasoning-Based Agents, Runtime Reality, and Risk Intelligence

Key Takeaways AI reasoning systems improve vulnerability detection in source code, but do not address the full spectrum of application security risk. Modern application security must account for APIs, runtime environments, and externally exposed assets beyond the source repository. Continuous...

6.2AI score

Packet Storm News•added 2026/03/16 12:0 a.m.•0 views

Hunting CUDA Bugs at Scale with cuFuzz

GPUs play an increasingly important role in modern software. However, the heterogeneous host-device execution model and expanding software stacks make GPU programs prone to memory-safety and concurrency bugs that evade static analysis. While fuzz-testing, combined with dynamic error checking tool...

6AI score

Tenable Nessus•added 2026/03/16 12:0 a.m.•2 views

EulerOS 2.0 SP11 : aide (EulerOS-SA-2026-1597)

According to the versions of the aide package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An...

6.2CVSS5.9AI score0.00216EPSS

Exploits2References3

RedhatCVE•added 2026/03/13 7:48 p.m.•2 views

CVE-2026-29776

An integer underflow flaw has been discovered in FreeRDP. A uint32 field is populated from a uint16 data element. This field is later modified without proper checks and in some situations a program crash may occur. Mitigation Mitigation for this issue is either not available or the currently...

3.1CVSS5.6AI score0.00175EPSS

Exploits0References5

GithubExploit•added 2026/03/12 7:40 p.m.•110 views

Buffer-Overflow-PoC

Buffer Overflow PoC — ret2libc on x86-64 Linux Overview D...

6.1AI score

Wordfence Blog•added 2026/03/12 7:0 p.m.•8 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 2, 2026 to March 8, 2026)

Last week, there were 199 vulnerabilities disclosed in 84 WordPress Plugins and 107 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 59 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

9.9CVSS7.5AI score0.25532EPSS

Exploits7

Veeam•added 2026/03/12 12:0 a.m.•103 views

Vulnerabilities Resolved in Veeam Backup & Replication 12.3.2.4465

All vulnerabilities documented in this article were resolved in Veeam Backup & Replication 12.3.2.4465. Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operate a Vulnerability Disclosure Program...

9.9CVSS7.7AI score0.01128EPSS

Exploits0Affected Software1

Tenable Nessus•added 2026/03/12 12:0 a.m.•1 views

Docker Desktop < 4.64.0 CLI Plugin Directory Privilege Escalation (CVE-2025-15558)

The version of Docker Desktop for Windows installed on the remote host is 4.34.x 4.64.0. It is, therefore, affected by a privilege escalation vulnerability. - Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...

8CVSS7.2AI score0.0043EPSS

Exploits0References5

The Hacker News•added 2026/03/11 9:15 a.m.•5 views

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are rated Critical, and 76 are rated Important in severity. Forty-six of the patched vulnerabilities...

9.8CVSS6.4AI score0.03178EPSS

Exploits1

CVE•added 2026/03/10 6:56 p.m.•8 views

CVE-2026-3582

CVE-2026-3582 affects GitHub Enterprise Server. An Incorrect Authorization vulnerability allowed an authenticated user with a classic PAT lacking the repo scope to retrieve issues and commits from private/internal repositories via the search REST API, provided the user already had access to the r...

5.3CVSS5.8AI score0.00248EPSS

Exploits0References4Affected Software1

ICS•added 2026/03/10 7:0 a.m.•4 views

Schneider Electric Modicon Controllers M241, M251, M258, and LMC058

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

5.1CVSS6.2AI score0.00392EPSS

Exploits0References11

Packet Storm News•added 2026/03/10 12:0 a.m.•3 views

Why LLMs Fail: A Failure Analysis and Partial Success Measurement for Automated Security Patch Generation

Large Language Models LLMs show promise for Automated Program Repair APR, yet their effectiveness on security vulnerabilities remains poorly characterized. This study analyzes 319 LLM-generated security patchesacross 64 Java vulnerabilities from the Vul4J benchmark. Using tri-axis evaluation...

5.9AI score