CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

8.8CVSS6AI score0.0008EPSS

PT-2026-46520

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox. This is achieved by convincing a user to perform specific UI gestures while interacting...

Exploits0References5

Tenable Nessus•added 5 days ago•7 views

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 RCE (7274738)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7274738 advisory. - IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrust...

9CVSS6.4AI score0.00224EPSS

Exploits0References2

Tenable Nessus•added 5 days ago•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-10532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albe...

6.3CVSS6.4AI score0.00086EPSS

Exploits0References3

PT-2026-46579

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory corruption flaw that...

9.6CVSS6.3AI score0.04468EPSS

PT-2026-46744

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the PlatformIntegration component allows a remote attacker to execute arbitrary code via a malicious file, provided they can convince a user to perfor...

PT-2026-46424

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Ozone allows a remote attacker to execute arbitrary code through a crafted HTML page. Use after free is a memory corruption flaw that occurs when an applicatio...

PT-2026-46433

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in V8, the open-source JavaScript and WebAssembly engine, allows a remote attacker to execute arbitrary code within a sandbox by enticing a user to open ...

PT-2026-46644

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Views allows a remote attacker to execute arbitrary code when a user opens a crafted HTML page. Use after free is a memory corruption flaw that occurs when an...

PT-2026-46698

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in Blink allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. An integer overflow occurs when an arithmetic...

PT-2026-46645

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which is a framework for real-time communication. This flaw allows a remote attacker to execute arbitrary code within a sandbox by utilizing a...

9.6CVSS6.3AI score0.04468EPSS

PT-2026-46657

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Media component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free occurs when ...

CERT•added 5 days ago•6 views

Collibra Agent contains improper authentication and path traversal vulnerabilities

Overview The Collibra Platform Agent contains vulnerabilities that can be chained by a remote, unauthenticated attacker to achieve remote code execution. An attacker can exploit these issues by uploading a crafted ZIP archive that writes attacker-controlled files to arbitrary locations on the...

8.2CVSS6.5AI score0.00049EPSS

Exploits0

ATTACKERKB•added 6 days ago•6 views

CVE-2026-25879

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.63.0, SQLChatAgent executes SQL produced by an LLM, which is influenceable by prompt injection. When configured with a database role that has privileges enabling code execution or filesystem access...

9.8CVSS6.3AI score0.00079EPSS

Exploits0References2Affected Software1

Vulnrichment•added 6 days ago•5 views

CVE-2026-25879 Langroid has Prompt to SQL Injection, Leading to RCE

9.8CVSS6.3AI score0.00079EPSS

Cvelist•added 6 days ago•23 views

CVE-2026-25879 Langroid has Prompt to SQL Injection, Leading to RCE

9.8CVSS0.00079EPSS

CVE•added 6 days ago•13 views

CVE-2026-25879

Langroid's CVE-2026-25879 affects the Langroid framework (SQLChatAgent) prior to v0.63.0. An attacker who can shape input to the agent can cause LLM-provided SQL to execute dialect-specific primitives such as COPY ... FROM PROGRAM, enabling Remote Code Execution on the database host when the data...

9.8CVSS6.3AI score0.00079EPSS

NVD•added 6 days ago•6 views

CVE-2026-0059

In multiple functions of sdpdiscovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8CVSS0.00009EPSS