CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/06/02 12:0 a.m.•10 views

openSUSE 16 Security Update : putty (openSUSE-SU-2026:20851-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20851-1 advisory. Changes in putty: - Update to release 0.84 Fixed a remotely triggerable double-free in RSA key exchange. Fixed a remotely triggerable crash assertion...

5.9AI score

Exploits0

Tenable Nessus•added 2026/06/02 12:0 a.m.•13 views

Linux Distros Unpatched Vulnerability : CVE-2026-10532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albe...

6.3CVSS6.3AI score0.00113EPSS

Exploits0References3

NVD•added 2026/06/01 10:16 p.m.•9 views

CVE-2026-0078

In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00009EPSS

CVE•added 2026/06/01 9:14 p.m.•17 views

CVE-2026-0078

CVE-2026-0078 affects Android’s DevicePolicyManagerService (setGlobalProxy). The issue is a desync in persistence caused by improper input validation, enabling local privilege escalation with no extra execution privileges required. Exploitation is described as local and does not require user inte...

7.8CVSS5.9AI score0.00009EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/06/01 9:2 p.m.•9 views

CVE-2026-40964

Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and platform component via minting a JWT that the cf-auth-proxy accepts as a valid logs.admin token...

7.5CVSS5.8AI score0.00069EPSS

CVE•added 2026/06/01 9:2 p.m.•17 views

CVE-2026-40964

Cloud Foundry Foundation reports an Authentication Bypass in cf-auth-proxy that permits an unauthenticated remote attacker to read all logs and metrics for all apps and platform components by minting a JWT accepted as a valid logs.admin token. Affected: log-cache_release up to v3.2.6 (inclusive);...

7.5CVSS5.8AI score0.00069EPSS

ATTACKERKB•added 2026/06/01 9:2 p.m.•5 views

CVE-2026-40964

7.5CVSS5.8AI score0.00069EPSS

Cvelist•added 2026/06/01 9:2 p.m.•25 views

CVE-2026-40964

7.5CVSS0.00069EPSS

Malicious Package

Overview abuden217 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

Malicious Package

Overview abuden214 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

Snyk•added 2026/06/01 9:0 p.m.•6 views

Malicious Package

Overview abuden211 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

Snyk•added 2026/06/01 9:0 p.m.•4 views

Malicious Package

Overview abuden29 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

Snyk•added 2026/06/01 9:0 p.m.•5 views

Malicious Package

Overview abuden218 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

Snyk•added 2026/06/01 9:0 p.m.•6 views

Malicious Package

Overview nottuff26 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

Malicious Package

Overview nottuff22 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

Snyk•added 2026/06/01 9:0 p.m.•9 views

Malicious Package

Overview abuden25 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

Malicious Package

Overview nottuff13 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

Snyk•added 2026/06/01 9:0 p.m.•6 views

Malicious Package

Overview abuden212 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...