Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

121126 matches found

Debian
Debianadded 2026/05/28 1:18 p.m.13 views

[SECURITY] [DLA 4604-1] roundcube security update

Debian LTS Advisory DLA-4604-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 28, 2026 https://wiki.debian.org/LTS Package : roundcube Version : 1.4.15+dfsg.1-1+deb11u9 CVE ID : CVE-2026-48842 CVE-2026-48843 CVE-2026-48844 CVE-2026-48845 CVE-2026-48846...

8.1CVSS6.1AI score0.0066EPSS
Exploits1
NVD
NVDadded 2026/05/28 1:16 p.m.14 views

CVE-2026-9658

Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost:...

7.3CVSS0.00226EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/28 12:30 p.m.11 views

EUVD-2026-32862

FlowIntel up to version 3.3.0 contains a server-side request forgery SSRF vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specifi...

6.2CVSS5.8AI score0.00232EPSS
Exploits0References2
OSV
OSVadded 2026/05/28 11:40 a.m.3 views

SUSE-SU-2026:21860-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2024-14027: xattr: switch to CLASSfd bsc1259420. - CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when...

9.8CVSS6.6AI score0.01527EPSS
Exploits9References455
ATTACKERKB
ATTACKERKBadded 2026/05/28 11:36 a.m.6 views

CVE-2026-9658

Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost:...

5.8AI score0.00226EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/28 11:36 a.m.29 views

CVE-2026-9658 Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths

Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost:...

0.00226EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/28 11:36 a.m.9 views

EUVD-2026-32892

Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost:...

5.8AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/28 11:36 a.m.10 views

CVE-2026-9658 Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths

Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost:...

5.8AI score0.00226EPSS
Exploits0References1
CVE
CVEadded 2026/05/28 11:36 a.m.17 views

CVE-2026-9658

CVE-2026-9658 affects Plack::Middleware::Security::Common for Perl prior to version 0.13.1. The vulnerability arises from header-injection checks in request paths not consistently blocking crafted CRLF inputs unless double-encoded, e.g. GET /path\r\nHTTP/1.1\r\nHost: secret.example.com. The issue...

7.3CVSS5.8AI score0.00226EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/05/28 10:21 a.m.12 views

CVE-2026-42581

A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both Transfer-Encoding: chunked and Content-Length headers. While Netty correctly strips the conflicting Content-Length header for HTTP/1.1 messages, thi...

9.8CVSS6.9AI score0.004EPSS
Exploits1References4
NVD
NVDadded 2026/05/28 10:16 a.m.7 views

CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

9.8CVSS0.00463EPSS
Exploits0References4
OSV
OSVadded 2026/05/28 10:16 a.m.3 views

UBUNTU-CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

9.8CVSS5.7AI score0.00463EPSS
Exploits0References7
EUVD
EUVDadded 2026/05/28 9:40 a.m.9 views

EUVD-2026-32835

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...

5.8AI score0.00138EPSS
Exploits0References5
CVE
CVEadded 2026/05/28 9:40 a.m.16 views

CVE-2026-46208

In the Linux kernel, batman-adv has a vulnerability where tp_meter sessions are not stopped during mesh teardown in batadv_mesh_free(). This allows a running sender thread or late tp_meter packets to keep operating against a mesh instance that is shutting down, potentially causing system instabil...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References8Affected Software1
CVE
CVEadded 2026/05/28 9:36 a.m.16 views

CVE-2026-46184

CVE-2026-46184 relates to the Linux kernel sound/ua101 driver. The root cause is a missing sanity check for bNrChannels in detect_usb_format(), which can lead to a division by zero in playback_urb_complete() and capture_urb_complete() when a device reports bNrChannels = 0. The USB core does not v...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2026/05/28 9:35 a.m.30 views

CVE-2026-46135 nvmet-tcp: fix race between ICReq handling and queue teardown

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

9.8CVSS0.00463EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/28 9:35 a.m.6 views

EUVD-2026-32762

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

5.8AI score0.00463EPSS
Exploits0References4
CVE
CVEadded 2026/05/28 9:35 a.m.50 views

CVE-2026-46135

CVE-2026-46135 affects the Linux kernel nvmet-tcp (NVMe over TCP). A race between ICReq handling and target‑side queue teardown can transition queue state in a non‑serialized way, potentially allowing a second teardown path and a re‑entry after a disconnect, including a possible double free scena...

9.8CVSS5.8AI score0.00463EPSS
Exploits0References4
CVE
CVEadded 2026/05/28 9:35 a.m.20 views

CVE-2026-46119

CVE-2026-46119 affects the Linux kernel libceph component. The flaw is a slab-out-of-bounds access in auth message processing: if CEPH_MSG_AUTH_REPLY carries a positive result, it is misinterpreted as an error code and later as the size of the front segment, causing out-of-bounds reads. The fix t...

9.1CVSS6AI score0.00531EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2026/05/28 9:35 a.m.7 views

CVE-2026-46105

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...

7.8CVSS5.8AI score0.00127EPSS
Exploits0
Rows per page
Query Builder