CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/04/21 7:23 p.m.•2 views

CVE-2026-41285

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery ND option over a local network with length zero, because of an "ndoptlen 8 - 2" expression with no preceding check for whether ndoptlen is zero...

EUVD•added 2026/04/21 12:32 a.m.•2 views

Exploits0References1

EUVD-2026-23996

CNNVD•added 2026/04/21 12:0 a.m.•4 views

OpenBSD 安全漏洞

OpenBSD is a cross-platform, BSD-based UNIX-like operating system developed by the OpenBSD organization in Canada. Versions of OpenBSD 7.8 and earlier contained a security vulnerability caused by the slaacd and rad daemon entering an infinite loop when receiving a specially crafted ICMPv6 neighbo...

ATTACKERKB•added 2026/04/20 12:0 a.m.•0 views

Exploits0References2

CVE-2026-41285

Vulnrichment•added 2026/04/20 12:0 a.m.•1 views

CVE-2026-41285

Positive Technologies•added 2026/04/20 12:0 a.m.•2 views

Exploits0References3

PT-2026-33860

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery ND option over a local network with length zero, because of an "nd opt len 8 - 2" expression with no preceding check for whether nd opt len is zero...

CVE•added 2026/04/20 12:0 a.m.•6 views

CVE-2026-41285

CVE-2026-41285 affects OpenBSD up to version 7.8, specifically the slaacd and rad daemons. The issue is a missing validation for ICMPv6 Neighbor Discovery ND options: when a crafted ND option with length zero is received, an expression nd_opt_len * 8 - 2 can execute without a preceding check, cau...

Exploits0References3Affected Software1

Cvelist•added 2026/04/20 12:0 a.m.•28 views

CVE-2026-41285

4.3CVSS0.00012EPSS

Exploits0References3

EUVD•added 2026/02/25 3:31 p.m.•2 views

EUVD-2026-8655

In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering...

5.3CVSS5.4AI score0.00013EPSS

Exploits0References2

OSSF Malicious Packages•added 2025/11/12 7:18 p.m.•2 views

Malicious code in nuyar-dad-rad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e41c78a5b19a14f916db928ef423659752c3d32e3f380509ba55687850f4db1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD•added 2025/11/12 7:18 p.m.•2 views

EUVD-2025-138630

Malicious code in polymer-afahf-rad npm...

6.6AI score

EUVD•added 2025/11/12 7:18 p.m.•1 views

EUVD-2025-139100

Malicious code in nuyar-dad-rad npm...

6.6AI score

OSSF Malicious Packages•added 2025/11/12 6:9 p.m.•2 views

Malicious code in augis-pomdoi9r-rad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a2dc9b75bf4ce99be4c26309f986897c05285e1620308889000783486103368 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD•added 2025/11/12 6:9 p.m.•0 views

EUVD-2025-144547

Malicious code in augis-pomdoi9r-rad npm...

6.6AI score