CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Versions prior to 0.5.1 have a logic flaw in bashToolHasPermission inside src/tools/BashTool/bashPermissions.ts. When the sandbox auto-allow feature is active and no explicit deny rule is...

8.4CVSS5.8AI score0.00011EPSS

Exploits2References4

EUVD•added 2026/04/03 6:31 p.m.•1 views

EUVD-2026-18805

A vulnerability has been found in NASA cFS up to 7.0.0. The impacted element is the function pickle.load of the component Pickle Module. Such manipulation leads to deserialization. The attack needs to be performed locally. The attack requires a high level of complexity. The exploitability is...

4.5CVSS5AI score0.00024EPSS

Exploits0References6

EUVD•added 2026/04/03 6:31 p.m.•2 views

EUVD-2026-18807

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

6.3CVSS7AI score0.00021EPSS

Exploits0References6

NVD•added 2026/04/03 6:16 p.m.•2 views

CVE-2026-5475

A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...

5.5CVSS0.00038EPSS

Exploits0References5

Vulnrichment•added 2026/04/03 5:15 p.m.•2 views

CVE-2026-5475 NASA cFS CCSDS Header Size cfe_sb_priv.c CFE_SB_TransmitMsg memory corruption

5.5CVSS6AI score0.00038EPSS

Exploits0References5

RedhatCVE•added 2026/04/03 4:59 p.m.•2 views

CVE-2026-3692

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

8.8CVSS5.9AI score0.0005EPSS

Exploits0References1

UbuntuCve•added 2026/04/03 4:16 p.m.•2 views

CVE-2026-23428

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of shareconf in compound request smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks tstate == TREECONNECTED on the initial lookup path, but...

9.8CVSS5.8AI score0.00037EPSS

Exploits0References8

OSV•added 2026/04/03 4:16 p.m.•0 views

UBUNTU-CVE-2026-23450

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smctcpsynrecvsock Syzkaller reported a panic in smctcpsynrecvsock 1. smctcpsynrecvsock is called in the TCP receive path softirq via icskafops-synrecvsock on the clcsock TCP listening...

9.8CVSS5.7AI score0.00082EPSS

Exploits0References9

EUVD•added 2026/04/03 3:30 p.m.•3 views

EUVD-2026-18631

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report...

7.3CVSS5.9AI score0.00021EPSS

Exploits0References2

NVD•added 2026/04/03 1:17 p.m.•3 views

CVE-2026-27655

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report...

7.3CVSS0.00021EPSS

Exploits0References1