CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 5 days ago•9 views

EUVD-2026-33717

ATTACKERKB•added 5 days ago•4 views

CVE-2026-49121

CVE•added 5 days ago•10 views

CVE-2026-49121

CVE-2026-49121 affects AI Tensor Engine for ROCm (AITER) up to version 0.1.14. The vulnerability exists in the MessageQueue.recv() function in shm_broadcast.py, where an unauthenticated remote attacker can deliver a crafted pickle payload to a ZMQ SUB socket (no authentication, no HMAC, no format...

Positive Technologies•added 5 days ago•6 views

PT-2026-45381

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.7 Apache ActiveMQ versions 6.0.0 through 6.2.5 Description Incorrect default permissions in Jolokia authorization settings allow authenticated low-privilege web-login accounts to access operations intende...

8.8CVSS5.9AI score0.0006EPSS

Exploits0References8

Positive Technologies•added 5 days ago•10 views

PT-2026-45540

AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shm broadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...

Packet Storm News•added 6 days ago•7 views

Needles at Scale: LLM-Assisted Target Selection for Windows Vulnerability Research

The attack surface of a modern operating system is a haystack: thousands of signed binaries and millions of functions, almost none relevant to any given vulnerability. A human analyst or an LLM agent must pick the function worth reading before analyzing it. At whole-OS scope, this target selectio...

5.8AI score

Exploits0

RedhatCVE•added 2026/05/29 8:13 p.m.•9 views

CVE-2026-2607

IBM MQ Operator SC2: v3.2.0 through 3.2.23CD: v3.3.0, v3.4.0, v3.4.1, v3.5.0, v3.5.1 - v3.5.3, v3.6.0 - v3.6.4, v3.7.0 - v3.7.2, v3.8.0, v3.8.1, v3.9.0, v3.9.1LTS: v2.0.0 - 2.0.29 and IBM supplied MQ Advanced container images SC2: 9.4.0.6 through r1, 9.4.0.6-r2, 9.4.0.7-r1, 9.4.0.10-r1,...

5.1CVSS5.8AI score0.00015EPSS

Exploits0References1

CVE•added 2026/05/29 8:38 a.m.•19 views

CVE-2026-49199

The CVE-2026-49199 entry describes a root‑level RCE via crafted MQTT messages, enabling command injection on the target device. Connected records identify Predator Connect W6x as affected (CVE-2026-49199 CVE Record). The core issue is a vulnerability in handling MQTT payloads that allows arbitrar...

10CVSS6.2AI score0.00218EPSS

Exploits0References1Affected Software1

SUSE CVE•added 2026/05/29 1:17 a.m.•8 views

SUSE CVE-2026-46112

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hnsroceqpremove Sashiko points out that hnsroceqpremove requires the caller to hold locks. The error flow in hnsrocecreateqpcommon doesn't hold those locks for the error unwind so it risks corruptin...

5.3CVSS5.8AI score0.00013EPSS

SUSE CVE•added 2026/05/29 1:16 a.m.•9 views

SUSE CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS5.8AI score0.00013EPSS

SUSE CVE•added 2026/05/29 1:16 a.m.•16 views

SUSE CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

9.8CVSS5.8AI score0.00074EPSS

SUSE CVE•added 2026/05/29 1:16 a.m.•8 views

SUSE CVE-2026-46144

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

5.8AI score0.00024EPSS

SUSE CVE•added 2026/05/29 1:15 a.m.•11 views

SUSE CVE-2026-46178

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix resource leak on error in mlx4ibcreatesrq Sashiko points out that mlx4srqalloc was not undone during error unwind, add the missing call to mlx4srqfree...

7.8CVSS5.8AI score0.00013EPSS

SUSE CVE•added 2026/05/29 1:14 a.m.•5 views

SUSE CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

5.8AI score0.00032EPSS

Exploits0References2

Tenable Nessus•added 2026/05/29 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-45910

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix race condition in QP timer handlers I encontered the following warning: WARNING: drivers/infiniband/sw/rxe/rxetask.c:249 at...

7.8CVSS5.5AI score0.00014EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If...

5.8AI score0.00032EPSS