CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2192 matches found

GithubExploit•added 2026/05/05 1:52 p.m.•56 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 Copy Fail Toolset This repository contains t...

7.8CVSS7.3AI score0.02194EPSS

Exploits226

NVD•added 2026/05/04 7:16 p.m.•4 views

CVE-2026-41686

Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.91.1, the BetaLocalFilesystemMemoryTool in the Anthropic TypeScript SDK created memory files and directories using the Node.js default modes...

4.8CVSS0.0001EPSS

Exploits0References1

Vulnrichment•added 2026/05/04 6:41 p.m.•4 views

CVE-2026-41686 Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool

4.8CVSS5.7AI score0.0001EPSS

Exploits0References1

ATTACKERKB•added 2026/05/04 6:41 p.m.•0 views

CVE-2026-41686

4.8CVSS5.7AI score0.0001EPSS

Exploits0References2Affected Software1

GithubExploit•added 2026/05/02 2:12 p.m.•107 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 PoC Local Privilege Escalation in the Linux...

7.8CVSS6.4AI score0.02194EPSS

Exploits226

GithubExploit•added 2026/05/02 5:52 a.m.•74 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Copy Fail Local Privilege Escalation i...

7.8CVSS6.1AI score0.02194EPSS

Exploits226

Tenable Nessus•added 2026/05/02 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-43050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in...

7CVSS5.9AI score0.0002EPSS

Exploits0References3

Tenable Nessus•added 2026/05/02 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2013-0266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the puppetlabs-cinder module, as used in PackStack. This vulnerability is due to incorrect file permissions, specifically world-readable...

5.5CVSS5.7AI score0.00035EPSS

Exploits0References2

Cvelist•added 2026/05/01 2:15 p.m.•23 views

CVE-2026-43050 atm: lec: fix use-after-free in sock_def_readable()

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

0.0002EPSS

Exploits0References8

CVE•added 2026/05/01 2:15 p.m.•12 views

CVE-2026-43050

CVE-2026-43050 describes a race in the Linux kernel’s ATM lec code. A race between lec_atm_close() clearing priv->lecd and concurrent access in send_to_lecd(), lec_handle_bridge(), and lec_atm_send() can cause a use-after-free on the lecd pointer when a socket is freed via RCU. The fix convert...

7CVSS5.8AI score0.0002EPSS

Exploits0References8Affected Software1

Debian CVE•added 2026/05/01 2:15 p.m.•3 views

CVE-2026-43050

7CVSS5.8AI score0.0002EPSS

Exploits0

CNNVD•added 2026/05/01 12:0 a.m.•7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lecatmclose function in the atm lec driver not synchronizing the clearing of the priv-lecd pointer,...

7CVSS5.8AI score0.0002EPSS

Exploits0References1

Github Security Blog•added 2026/04/29 10:28 p.m.•24 views

Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool

The BetaLocalFilesystemMemoryTool in the Anthropic TypeScript SDK created memory files and directories using the Node.js default modes 0o666 for files, 0o777 for directories, leaving them world-readable on systems with a standard umask and world-writable in environments with a permissive umask su...

4.8CVSS5.3AI score0.0001EPSS

Exploits0References3Affected Software1

Github Security Blog•added 2026/04/22 6:31 p.m.•4 views

uutils coreutils has an Incorrect Permission Assignment for Critical Resource

The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes the file to inherit umask-based permissions, typically resulting in a world-readable file 0644. In multi-user environments, this allows any user on the...

3.3CVSS5.2AI score0.00012EPSS

Exploits1References3Affected Software1

EUVD•added 2026/04/22 6:31 p.m.•3 views

EUVD-2026-25015

3.3CVSS5.8AI score0.00012EPSS

Exploits1References2

OSV•added 2026/04/22 6:31 p.m.•2 views

GHSA-5HGF-628X-MCQF uutils coreutils has an Incorrect Permission Assignment for Critical Resource

3.3CVSS5.8AI score0.00012EPSS

Exploits1References3

NVD•added 2026/04/22 5:16 p.m.•3 views

CVE-2026-35367

3.3CVSS0.00012EPSS

Exploits1References1

Cvelist•added 2026/04/22 4:8 p.m.•23 views

CVE-2026-35367 uutils coreutils nohup Information Disclosure via Insecure Default Output Permissions

3.3CVSS0.00012EPSS

Exploits1References1

CVE•added 2026/04/22 4:8 p.m.•6 views

CVE-2026-35367

The CVE concerns the nohup utility from the uutils coreutils project, where nohup.out is created without explicit restricted permissions, causing it to inherit umask-based permissions (typically 0644) and become world-readable. This differs from GNU coreutils, which creates nohup.out with owner-o...

3.3CVSS5.8AI score0.00012EPSS

Exploits1References1Affected Software1

ATTACKERKB•added 2026/04/22 4:8 p.m.•1 views

CVE-2026-35367

3.3CVSS5.8AI score0.00012EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by