CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Rockylinux•added 2026/05/28 3:43 p.m.•7 views

linux-sgx security update

An update is available for linux-sgx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Intel SGX SDK is a collection of APIs, libraries, documentations and...

8.8CVSS6.7AI score0.0004EPSS

Exploits5

Packet Storm News•added 2026/05/25 12:0 a.m.•5 views

Building an Adversarial Malware Dataset by Family and Type: Generation, Evasion, and Poisoning Evaluation

We present a dataset of adversarial malware samples derived from the public RawMal-TF collection of real-world malware binaries. Using a suite of adversarial malware generators, we construct two sets of adversarial PE files: 44,347 family-labelled samples and 33,596 type-labelled samples, achievi...

Rockylinux•added 2026/05/21 4:27 p.m.•10 views

new packages: libxml2

An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.0...

Rockylinux•added 2026/05/21 4:24 p.m.•5 views

cloud-init bug fix and enhancement update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

Packet Storm News•added 2026/05/12 12:0 a.m.•3 views

Do Androids Dream of Breaking the Game? Systematically Auditing AI Agent Benchmarks with BenchJack

Agent benchmarks have become the de facto measure of frontier AI competence, guiding model selection, investment, and deployment. However, reward hacking, where agents maximize a score without performing the intended task, emerges spontaneously in frontier models without overfitting. We argue tha...

Packet Storm News•added 2026/05/09 12:0 a.m.•4 views

Enhancing Adversarial Robustness in Network Intrusion Detection: A Layer-Wise Adaptive Regularization Approach

The new wave of adversarial attacks that utilize gradient-related vulnerabilities in neural network-based classifiers makes Network Intrusion Detection Systems more open to such threats. Although state-of-the-art adversarial training methods have shown promising results in producing more robust...

ATTACKERKB•added 2026/04/10 6:1 p.m.•2 views

CVE-2026-33141

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the REST API stats endpoint allows any authenticated user including low-privilege students with ROLEUSER to read any other user's learning progress, certificates, and...

6.5CVSS5.8AI score0.00023EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/04/10 6:1 p.m.•2 views

CVE-2026-33141 Chamilo LMS has an IDOR in REST API Stats Endpoint Exposes Any User's Learning Data

6.5CVSS5.8AI score0.00023EPSS

Exploits0References2

Cvelist•added 2026/04/10 6:1 p.m.•25 views

CVE-2026-33141 Chamilo LMS has an IDOR in REST API Stats Endpoint Exposes Any User's Learning Data

6.5CVSS0.00023EPSS

Exploits0References2

Positive Technologies•added 2026/04/10 12:0 a.m.•1 views

PT-2026-32012

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 2.0.0-RC.3 Description Chamilo LMS, a learning management system, contains an Insecure Direct Object Reference IDOR vulnerability in the REST API stats endpoint. This allows any authenticated user, even those with...

6.5CVSS5.8AI score0.00023EPSS

Exploits0References5

NVD•added 2026/04/08 9:16 p.m.•0 views

CVE-2026-39415

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...

5.3CVSS0.00037EPSS

CVE•added 2026/04/08 8:7 p.m.•4 views

CVE-2026-39415

CVE-2026-39415 affects Frappe LMS prior to 2.46.0, where quiz scores could be altered client-side before submission due to reliance on client-side calculated scores. Impact: data integrity of quiz results is compromised; no confidentiality breach or privilege escalation reported. Remediation: upg...

5.3CVSS5.8AI score0.00037EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/04/08 8:7 p.m.•0 views

CVE-2026-39415 Frappe Learning Management System has Client-Side Manipulation of Quiz Scores

5.3CVSS5.8AI score0.00037EPSS

Positive Technologies•added 2026/04/08 12:0 a.m.•1 views

PT-2026-31439

5.3CVSS5.8AI score0.00037EPSS

Exploits0References2

RedhatCVE•added 2026/02/27 7:44 p.m.•3 views

CVE-2026-26077

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook endpoints SendGrid, Mailjet, Mandrill, Postmark, SparkPost in the WebhooksController accepted requests without a valid authentication token when no token was configured. This...

6.5CVSS5.9AI score0.00166EPSS

NVD•added 2026/02/26 3:17 p.m.•5 views

CVE-2026-26077

6.5CVSS0.00166EPSS

EUVD•added 2026/02/26 2:58 p.m.•3 views

EUVD-2026-8854

6.5CVSS5.3AI score0.00166EPSS