CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.5CVSS5.7AI score0.00006EPSS

CVE-2026-0043

In multiple functions of ubsanthrowingruntime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

RedhatCVE•added 3 days ago•8 views

CVE-2026-0040

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0039

In multiple functions of ubsanthrowingruntime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0052

RedhatCVE•added 3 days ago•5 views

CVE-2026-0044

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

RedhatCVE•added 3 days ago•7 views

CVE-2026-0042

In multiple functions of ubsanthrowingruntime.cpp, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.6AI score0.00006EPSS

6.5CVSS5.7AI score0.00118EPSS

CVE-2026-0051

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

RedhatCVE•added 3 days ago•7 views

CVE-2026-0080

RedhatCVE•added 3 days ago•5 views

CVE-2026-8879

Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts at runtime. This script is NOT declared in manifest.json and bypasses Chrome Web Store static security review. It runs on all URLs and immediately...

7.5CVSS5.5AI score0.0004EPSS

RedhatCVE•added 3 days ago•5 views

CVE-2026-45554

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...

5.3CVSS5.5AI score0.00182EPSS

RedhatCVE•added 3 days ago•4 views

CVE-2026-44241

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. From 4.3.0 to before 4.10.22, TimeConverterRegistrar caches DateTimeFormatter instances in an unbounded ConcurrentHashMap whose key is derived from the @Format annotation...

7.5CVSS5.6AI score0.00018EPSS

Github Security Blog•added 3 days ago•8 views

DbGate: Unauthenticated Remote Code Execution via JSON Script Runner

Summary DbGate's JSON script runner POST /runners/start allows remote code execution via code injection in the functionName parameter of JSON script assign commands. The functionName value is interpolated directly into dynamically generated JavaScript source code via string concatenation. The...

6.4AI score

Exploits1References4Affected Software1

Rockylinux•added 3 days ago•5 views

.NET 10.0 security update

An update is available for dotnet10.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

7.5CVSS5.5AI score0.00036EPSS

Exploits0

OSV•added 3 days ago•3 views

MAL-2026-5219 Malicious code in autotel-drizzle (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score

Exploits0References2

NVD•added 4 days ago•8 views

CVE-2025-71316

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

9.8CVSS0.00046EPSS

Exploits0References5

ATTACKERKB•added 4 days ago•4 views

CVE-2025-71316

9.8CVSS5.9AI score0.00046EPSS

Exploits0References5

NVD•added 4 days ago•6 views

CVE-2026-36180

A lack of runtime integrity in GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass file system read-only protections and modify system files and binaries for the duration of a boot session via a bind-mount attack...

0.00017EPSS

Exploits0References3

ICS•added 4 days ago•4 views

SQLite sqldiff remote code execution via argument injection

RISK EVALUATION An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being misinterpreted as command line options. 2. RECOMMENDED PRACTICES Fixed on 2025-12-26. 3. DESCRIPTION SQLite 'sqldiff.exe'...

9.8CVSS5.6AI score0.00046EPSS