CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/04/29 12:0 a.m.•5 views

PT-2026-35891

Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description A flaw exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is performed in clear-text via IMAP,...

7.5CVSS5.2AI score0.00639EPSS

Exploits3References43

GithubExploit•added 2026/04/28 12:10 p.m.•130 views

codex-solidity

⛓️ Codex Solidity — Smart Contract & Protocol Audit Agent Imp...

5.5AI score

Fedora•added 2026/04/28 1:0 a.m.•10 views

[SECURITY] Fedora 43 Update: openssl-3.5.4-3.fc43

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

9.8CVSS7.8AI score0.00981EPSS

Fedora•added 2026/04/25 1:58 a.m.•12 views

[SECURITY] Fedora 44 Update: coturn-4.10.0-1.fc44

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

7.5CVSS5.4AI score0.01123EPSS

Fedora•added 2026/04/25 1:52 a.m.•8 views

[SECURITY] Fedora 44 Update: nginx-1.28.3-1.fc44

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

8.8CVSS8.6AI score0.07865EPSS

Fedora•added 2026/04/25 1:43 a.m.•8 views

[SECURITY] Fedora 43 Update: coturn-4.10.0-1.fc43

7.5CVSS5.4AI score0.01123EPSS

Fedora•added 2026/04/25 12:53 a.m.•8 views

[SECURITY] Fedora 42 Update: coturn-4.10.0-1.fc42

7.5CVSS5.4AI score0.01123EPSS

Cvelist•added 2026/04/24 7:15 p.m.•32 views

CVE-2026-41426 pretalx: Email injection via unescaped user-controlled placeholders in pretalx mail templates

pretalx is a conference planning tool. Prior to 2026.1.0, an unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malformed HTML or markdown link syntax in a user-controlled template placeholder such as the account displ...

6.1CVSS0.00154EPSS

Exploits0References1

CNNVD•added 2026/04/24 12:0 a.m.•8 views

SenseLive X3050 访问控制错误漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a access control vulnerability, which stems from the exposure of management protocols via the discovery function. This vulnerability could allo...

8.7CVSS5.8AI score0.00462EPSS

Exploits0References1

RedhatCVE•added 2026/04/23 6:32 a.m.•4 views

CVE-2026-35240

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7.2AI score0.00242EPSS

Exploits0References5

RedhatCVE•added 2026/04/23 6:32 a.m.•4 views

CVE-2026-35234

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Partition. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS7.2AI score0.00299EPSS

Exploits0References5

RedhatCVE•added 2026/04/23 6:26 a.m.•11 views

CVE-2026-21998

4.9CVSS7.2AI score0.00323EPSS

Exploits0References5

Fedora•added 2026/04/22 7:50 a.m.•4 views

[SECURITY] Fedora 43 Update: curl-8.15.0-6.fc43

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

7.5CVSS7.8AI score0.00715EPSS

Exploits4

CNVD•added 2026/04/22 12:0 a.m.•3 views

Oracle MySQL Server Partition Component Denial of Service Vulnerability

Oracle MySQL Server is an open source relational database management system that provides data storage, querying and management capabilities. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from the Server:Partition component failing to properly handle a...

4.9CVSS7.5AI score0.00299EPSS

CNVD•added 2026/04/22 12:0 a.m.•4 views

Oracle MySQL Server DML Component Denial of Service Vulnerability

Oracle MySQL Server is an open source relational database management system for storing, querying and managing data. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from a failure of the Server: DML component to properly handle a specific request and can b...

CNVD•added 2026/04/22 12:0 a.m.•7 views

Oracle MySQL Server InnoDB Component Denial of Service Vulnerability (CNVD-2026-18431)

Oracle MySQL Server is an open source relational database management system with an InnoDB component that provides transaction-safe storage engine functionality. A denial of service vulnerability exists in the InnoDB component of Oracle MySQL Server. The vulnerability stems from an internal...

CNVD•added 2026/04/22 12:0 a.m.•3 views

Oracle MySQL Server InnoDB Denial of Service Vulnerability (CNVD-2026-18432)

Oracle MySQL Server is an open source relational database management system with an InnoDB component that provides transaction-safe storage engine functionality. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from the InnoDB component failing to properly...

CNVD•added 2026/04/22 12:0 a.m.•6 views

Oracle MySQL Server InnoDB Component Denial of Service Vulnerability (CNVD-2026-18430)