CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

246 matches found

CVE-2026-50225

The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database...

8.8CVSS5.8AI score

Exploits0References1

Nuclei•added 6 hours ago•6 views

Registrations for The Events Calendar < 2.7.5 - Authenticated Reflected Cross-Site Scripting

The Registrations for the Events Calendar WordPress plugin before 2.7.5 does not escape the v parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting id: CVE-2021-24876 info: name: Registrations for The Events Calendar 2.7.5 - Authenticated Reflected...

6.1CVSS6.4AI score0.00246EPSS

Exploits2References2

Nuclei•added 2 days ago•225 views

Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting

Keycloak 10.0.0 to 18.0.0 contains a cross-site scripting vulnerability via the client-registrations endpoint. On a POST request, the application does not sanitize an unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response i...

6.1CVSS6.5AI score0.70265EPSS

Exploits3References6

Positive Technologies•added 2026/05/27 12:0 a.m.•3 views

PT-2026-43870

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

5.8AI score0.00024EPSS

Exploits0References6

CNNVD•added 2026/05/27 12:0 a.m.•3 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the qtrr server does not limit the number of nodes. This could allow malicious...

5.8AI score0.00024EPSS

Exploits0References5

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cfg80211: Fixing management registration locking issues The issue with management registration locking was addressed. The list was locked for each wdev, but the cfg80211mgmtregistrationsupdate function iterated over it without...

5.5CVSS5.8AI score0.00025EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fix for duplicate devices in netdev hooks When handling NETDEVREGISTER notifications, duplicate device registrations must be avoided, as the device might have been added by nftnetdevhookalloc during the...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References1

SUSE CVE•added 2026/05/20 2:28 a.m.•4 views

SUSE CVE-2026-43491

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added per node. A malicious client can flood NEWSERVER messages and exhaust memory. Fix this issue by...

5.8AI score0.00024EPSS

Exploits0References3

NVD•added 2026/05/19 12:16 p.m.•4 views

CVE-2026-43491

0.00024EPSS

Exploits0References5

UbuntuCve•added 2026/05/19 12:16 p.m.•5 views

CVE-2026-43491

5.8AI score0.00024EPSS

Exploits0References7

OSV•added 2026/05/19 12:16 p.m.•3 views

UBUNTU-CVE-2026-43491

5.7AI score0.00024EPSS

Exploits0References8

EUVD•added 2026/05/19 10:44 a.m.•7 views

EUVD-2026-30880

5.8AI score0.00024EPSS

Exploits0References5

Cvelist•added 2026/05/19 10:44 a.m.•33 views

CVE-2026-43491 net: qrtr: ns: Limit the maximum server registration per node

0.00024EPSS

Exploits0References5

ATTACKERKB•added 2026/05/19 10:44 a.m.•3 views

CVE-2026-43491

5.8AI score0.00024EPSS

Exploits0References6Affected Software1

CVE•added 2026/05/19 10:44 a.m.•12 views

CVE-2026-43491

The CVE-2026-43491 entry concerns the Linux kernel’s net: qrtr: ns component, where there was no bound on the number of server registrations per node. A malicious client could flood NEW_SERVER messages, exhausting memory. The published fix limits maximum server registrations to 256 per node; if a...

5.8AI score0.00024EPSS

Exploits0References5

Positive Technologies•added 2026/05/19 12:0 a.m.•5 views

PT-2026-41873

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The net: qrtr: ns component lacks bound checking on the number of servers added per node. A malicious client can exhaust memory by flooding the system with NEW SERVER messages. The issue...

5.8AI score0.00032EPSS

Exploits0References17

CNNVD•added 2026/05/15 12:0 a.m.•5 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.1.124 contained security vulnerabilities. These vulnerabilities stemmed from APIs that did not properly verify whether the user had the authorized user role. When...

7.3CVSS5.8AI score0.00098EPSS

Exploits1References2

ATTACKERKB•added 2026/05/04 10:0 p.m.•0 views

CVE-2026-7780

A weakness has been identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function udmstateoperational of the file /src/udm/udm-sm.c of the component smf-registrations Endpoint. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The...

5.3CVSS5.5AI score0.00044EPSS

Exploits0References5