CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/26 4:16 p.m.•3 views

UBUNTU-CVE-2026-48683

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read vulnerability in the NetFlow v9 data flowset processor. In src/netflowplugin/netflowv9collector.cpp, the Data template branch lines 1695-1702 iterates over flow records without performing a per-iteration bounds check agains...

6.5CVSS5.9AI score0.00012EPSS

Exploits0References7

OSV•added 2026/05/26 4:16 p.m.•6 views

UBUNTU-CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS5.9AI score0.0004EPSS

Exploits0References7

ATTACKERKB•added 2026/05/26 4:14 p.m.•4 views

CVE-2026-45835

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

Exploits0References6Affected Software1

CVE•added 2026/05/26 4:14 p.m.•12 views

CVE-2026-45835

In the Linux kernel, the Bluetooth L2CAP subsystem was vulnerable to a null-pointer dereference in l2cap_sock_new_connection_cb(). The issue was mitigated by adding the same NULL guard already present in l2cap_sock_resume_cb() and l2cap_sock_ready_cb(), aligning the code with existing guards. Aff...

EUVD•added 2026/05/26 4:14 p.m.•8 views

Exploits0References8

EUVD-2026-31857

Cvelist•added 2026/05/26 4:14 p.m.•35 views

CVE-2026-45835 Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb()

0.00032EPSS

Exploits0References8

EUVD•added 2026/05/26 4:14 p.m.•7 views

EUVD-2026-31856

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

RedHat Linux•added 2026/05/26 2:30 p.m.•11 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00244EPSS

Exploits1References5

RedHat Linux•added 2026/05/26 2:30 p.m.•7 views

corosync: Corosync: Denial of Service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.8AI score0.00313EPSS

Exploits1References5

NVD•added 2026/05/26 2:16 p.m.•13 views

CVE-2026-48132

The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...

8.1CVSS0.00072EPSS

RedhatCVE•added 2026/05/26 2:13 p.m.•12 views

CVE-2026-9395

A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...

5.1CVSS5.5AI score0.00023EPSS

Debian CVE•added 2026/05/26 2:8 p.m.•5 views

CVE-2026-40033

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...

8.8CVSS6.4AI score0.00068EPSS

Exploits1

OSV•added 2026/05/26 1:28 p.m.•4 views

MAL-2026-4805 Malicious code in metricflow-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9a1c269ce5e462d7e555ce1ca34b7f2e54e3d34ea094d35a67aa7c61d1fe34e The package's exported Metricflow React component defaults serverUrl to http://51.38.65.105:21531 and, when rendered, appends a tag to document.head ...

5.9AI score

RedHat Linux•added 2026/05/26 12:59 p.m.•16 views

Apache Tomcat: Apache Tomcat: HTTP Request/Response Smuggling via invalid chunk extension

A flaw was found in Apache Tomcat. A remote attacker could exploit an inconsistent interpretation of HTTP requests, known as HTTP Request/Response Smuggling, by sending a specially crafted request with an invalid chunk extension. This vulnerability allows an attacker to manipulate the way HTTP...

7.5CVSS5.8AI score0.00176EPSS

EUVD•added 2026/05/26 12:57 p.m.•11 views

EUVD-2026-31822

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS5.8AI score0.00081EPSS