Lucene search
+L

659 matches found

CVE
CVE
added yesterday10 views

CVE-2026-14890

SGLang is vulnerable to unauthenticated remote code execution via its expert-parallel backup subsystem. The issue centers on a ZeroMQ PULL socket exposed on a routable network interface with no authentication or deserialization safeguards, allowing an attacker to send a malicious pickle payload t...

9.1CVSS6.5AI score
Exploits0References3
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-43534

OpenClaw versions 2026.5.20 before 2026.6.9 contain a privilege escalation vulnerability in plugin install commands that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can exploit misconfigured input paths or enabled features to escalate...

8.8CVSS6.2AI score0.00251EPSS
Exploits0References3
NVD
NVD
added 2026/07/09 11:16 a.m.8 views

CVE-2026-58307

Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c...

6.1CVSS0.00107EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/09 10:33 a.m.8 views

EUVD-2026-42578

Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c...

6.1CVSS5.9AI score0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/09 10:33 a.m.34 views

CVE-2026-58307

Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c...

6.1CVSS0.00107EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/09 10:33 a.m.10 views

CVE-2026-58307

Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c...

6.1CVSS5.9AI score0.00107EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55524

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions 1.26.0 and later Description The backend /services/request-service RPC accepts a URL controlled by an attacker from any client connected to the standard /services messaging endpoint. The server performs the HTTP request...

8.5CVSS6.1AI score0.00297EPSS
Exploits0References7
NVD
NVD
added 2026/06/25 9:16 p.m.10 views

CVE-2026-38640

A reachable unwrap in the assertfail function /assert/mod.rs of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via a crafted string...

7.5CVSS0.00446EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 4:16 p.m.11 views

CVE-2026-9718

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS0.00243EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:7 p.m.5 views

CVE-2026-9718

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS5.9AI score0.00243EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 3:7 p.m.7 views

EUVD-2026-39435

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS5.9AI score0.00243EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 3:7 p.m.28 views

CVE-2026-9718

Technical details about CVE-2026-9718 are not publicly available in the provided documents; monitor for updates from official advisories.

6.9CVSS5.9AI score0.00243EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:7 p.m.56 views

CVE-2026-9718

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS0.00243EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 12:0 a.m.5 views

CVE-2026-38640

A reachable unwrap in the assertfail function /assert/mod.rs of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via a crafted string...

5.9AI score0.00446EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52580

Name of the Vulnerable Software and Affected Versions relibc affected versions not specified Description A reachable unwrap in the assert fail function located in /assert/mod.rs allows attackers to cause a Denial of Service DoS by providing a crafted string. An unwrap is a operation that attempts...

5.8AI score0.00446EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 12:0 a.m.11 views

CVE-2026-38640

CVE-2026-38640 affects relibc. A reachable unwrap in the __assert_fail function (/assert/mod.rs) from commit 61f42d may cause a Denial of Service via a crafted string. The vulnerability is evidenced in multiple sources (NVD record, cve lists, and third-party reports) with CVSS:3.1/AV:N/AC:L/PR:N/...

7.5CVSS5.9AI score0.00446EPSS
Exploits0References4
OSV
OSV
added 2026/06/22 2:38 p.m.3 views

SUSE-SU-2026:22258-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...

6.5CVSS6.6AI score0.00252EPSS
Exploits1References5
Snyk
Snyk
added 2026/06/16 5:34 p.m.10 views

Reachable Assertion

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Reachable Assertion via the resolveobjbyqualname function. An attacker can execute arbitrary code by publishing a malicious model with a crafted...

7.5CVSS6.2AI score0.00484EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.16 views

PT-2026-49108

CVE-2026-10676 - Rejected reason: This CVE Record has been rejected CVE ID :CVE-2026-10676 Published : June 12, 2026, 12:16 a.m. | 1 hour, 14 minutes ago Description :Rejected reason: This CVE Record has been rejected by the Zephyr Project CNA. Subsequent analysis determined that the addressed...

5.1AI score
Exploits0References1
OSV
OSV
added 2026/06/08 10:16 a.m.7 views

SUSE-SU-2026:2296-1 Security update for avahi

This update for avahi fixes the following issue: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546...

5.5CVSS5.4AI score0.00203EPSS
Exploits1References3
Rows per page
Query Builder