CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

622 matches found

CVE-2026-43917

CVE-2026-43917 (Dokploy) describes an IDOR due to a missing organization scoping check in the protectedProcedure middleware prior to 0.19.0. The middleware only validates authentication, not that the resource’s organization matches the session’s activeOrganizationId, enabling cross-organization a...

5.3CVSS5.8AI score0.00038EPSS

Exploits0References1

EUVD•added 6 days ago•3 views

EUVD-2026-33361

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.19.0 and earlier, the protectedProcedure middleware only verifies the user is authenticated - it does NOT enforce organization scoping. Each endpoint must individually verify the resource's org matches the session's...

5.3CVSS5.8AI score0.00038EPSS

Exploits0References1

Tenable Nessus•added 6 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-45891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy...

5.8AI score0.00032EPSS

Exploits0References2

Positive Technologies•added 6 days ago•5 views

PT-2026-44929

5.3CVSS5.8AI score0.00038EPSS

Exploits0References2

SUSE CVE•added last week•6 views

SUSE CVE-2026-45891

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the txspare pointer in the original ring handle is incorrectly left...

5.9AI score0.00032EPSS

Exploits0References3

EUVD•added 2026/05/27 3:33 p.m.•5 views

EUVD-2026-32357

5.9AI score0.00032EPSS

Exploits0References8

NVD•added 2026/05/27 2:17 p.m.•4 views

CVE-2026-45891

0.00032EPSS

Exploits0References7

OSV•added 2026/05/27 2:17 p.m.•1 views

UBUNTU-CVE-2026-45891

5.8AI score0.00032EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•1 views

UBUNTU-CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

5.7AI score0.00032EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:56 p.m.•29 views

CVE-2026-46040 inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

0.00032EPSS

Exploits0References8

EUVD•added 2026/05/27 12:56 p.m.•2 views

EUVD-2026-32421

5.8AI score0.00032EPSS

Exploits0References5

Cvelist•added 2026/05/27 12:17 p.m.•28 views

CVE-2026-45891 net: hns3: fix double free issue for tx spare buffer

0.00032EPSS

Exploits0References7

Positive Technologies•added 2026/05/27 12:0 a.m.•3 views

PT-2026-43758

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3 set ringparam, a temporary copy tmp rings of the ring structure is created for rollback. However, the tx spare pointer in the original ring handle is incorrectly left...

5.9AI score0.00032EPSS

Exploits0References8

SUSE CVE•added 2026/05/22 2:20 a.m.•2 views

SUSE CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References4

GithubExploit•added 2026/05/21 7:16 p.m.•72 views

Exploit for Link Following in Microsoft

🛡️ CVE-2026-41091 - RedSun Microsoft Defender Elevation...

7.8CVSS6.9AI score0.08013EPSS

Exploits4

RedhatCVE•added 2026/05/21 3:29 p.m.•6 views

CVE-2026-43499

A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References4

UbuntuCve•added 2026/05/21 1:16 p.m.•6 views

CVE-2026-43499

7.8CVSS5.8AI score0.00013EPSS

Exploits0References7

CVE•added 2026/05/21 12:17 p.m.•10 views

CVE-2026-43499

The CVE-2026-43499 issue concerns the Linux kernel rtmutex path where remove_waiter() operated on current during dequeue in rt_mutex_start_proxy_lock() via futex_requeue(). This caused: (1) rbtree dequeue without waiter::task::pi_lock, (2) waiter task pi_blocked_on not cleared (dangling pointer, ...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References6

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed a memory leak during rehash. The rehash delayed work involves migrating filters from one region to another. This is done by iterating over all chunks all filters with the same priority in the region,...

6.4CVSS6.2AI score0.00188EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winchhandlers before registering the winchIRQ. Registering a winchIRQ can lead to a race condition; an interrupt may occur before the winch is added to the winchhandlers list. If this happens, registerwinchirq wi...

5.5CVSS6.2AI score0.00028EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by