CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Ubuntu•added 2 days ago•2 views

USN-8365-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly treated some variable expansion pipelines as safe in authentication filters. An attacker could possibly use this issue to perform SQL or LDAP injection attacks. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-27851 It was discovered...

9.1CVSS5.9AI score0.00016EPSS

Exploits0

RedHat Linux•added 3 days ago•10 views

Important: Red Hat Security Advisory: postgresql-jdbc security update

An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

OPENSUSE Linux•added 3 days ago•6 views

Security update for postgresql-jdbc (important)

openSUSE security update: security update for postgresql-jdbc ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20847-1 Rating: important References: bsc1264174 Cross-References: CVE-2026-42198 CVSS scores: CVE-2026-42198 SUSE : 7.5...

OSV•added 6 days ago•2 views

Exploits0References1

OPENSUSE-SU-2026:20847-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication bsc1264174...

7.5CVSS7.1AI score0.00043EPSS

OSV•added 6 days ago•3 views

OESA-2026-2501 postgresql-jdbc security update

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is an open...

7.5CVSS5.7AI score0.00043EPSS

RedhatCVE•added last week•3 views

CVE-2026-6478

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.7AI score0.00076EPSS

Tenable Nessus•added 2026/05/26 12:0 a.m.•6 views

SUSE SLES15 Security Update : postgresql-jdbc (SUSE-SU-2026:2028-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2028-1 advisory. This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256...

7.5CVSS5.9AI score0.00043EPSS

OSV•added 2026/05/25 8:23 a.m.•3 views

CLSA-2026-1779697425 postgresql: Fix of CVE-2026-6478

CVE-2026-6478: backport upstream prerequisite that introduces the timingsafebcmp constant-time memory comparison helper, then apply it to SCRAM and MD5 authentication paths that previously used memcmp or strcmp on password hashes, computed keys, and SCRAM nonces, to prevent timing-side-channel...

6.5CVSS5.8AI score0.00076EPSS

Exploits0References1

OSV•added 2026/05/22 1:22 p.m.•1 views

OESA-2026-2446 postgresql-jdbc security update

7.5CVSS5.7AI score0.00043EPSS

OSV•added 2026/05/22 1:22 p.m.•1 views

OESA-2026-2445 postgresql-jdbc security update

7.5CVSS7AI score0.00043EPSS

OSV•added 2026/05/22 1:22 p.m.•2 views

OESA-2026-2444 postgresql-jdbc security update

7.5CVSS7AI score0.00043EPSS

OSV•added 2026/05/22 1:22 p.m.•2 views

OESA-2026-2443 postgresql-jdbc security update

7.5CVSS7AI score0.00043EPSS

RedHat Linux•added 2026/05/20 12:47 p.m.•5 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.27.3.SP2 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

SUSE Linux•added 2026/05/20 9:8 a.m.•3 views

Exploits0References5

Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256 authentication bsc1264174. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

OSV•added 2026/05/20 9:8 a.m.•1 views

SUSE-SU-2026:2028-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256 authentication bsc1264174...

Tenable Nessus•added 2026/05/20 12:0 a.m.•5 views

Exploits0References3

Linux Distros Unpatched Vulnerability : CVE-2026-42256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0...

6.5CVSS5.8AI score0.00046EPSS