CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

730905 matches found

Linux Distros Unpatched Vulnerability : CVE-2026-56378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-15 and 6.x before 6.9.13-40 contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a...

8.2CVSS5.9AI score0.00189EPSS

Exploits0References3

Tenable Nessus•added 5 days ago•6 views

Photon OS 5.0: Frr PHSA-2026-5.0-0884

An update of the frr package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid32183...

6.5CVSS5.7AI score0.00279EPSS

Exploits0References3

Tenable Nessus•added 5 days ago•5 views

Debian dla-4637 : libconfig-inifiles-perl - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dla-4637 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4637-1 [email protected]...

8.6CVSS6.2AI score0.00618EPSS

Exploits0References5

Tenable Nessus•added 5 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-56404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in addBinding. CVE-2026-56404 Note that Nessus relies on the presence of the package as reported by the vendor...

6.9CVSS5.9AI score0.00102EPSS

Exploits0References3

Tenable Nessus•added 5 days ago•7 views

Debian dsa-6355 : ata-modules-6.12.90+deb13-armmp-di - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6355 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6355-1 [email protected] https://www.debian.org/securit...

9.8CVSS6.6AI score0.00441EPSS

Exploits3References108

Tenable Nessus•added 5 days ago•9 views

RHEL 8 : kernel-rt (RHSA-2026:27354)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27354 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

9.8CVSS6.6AI score0.00353EPSS

Exploits1References18

Tenable Nessus•added 5 days ago•8 views

RHEL 10 : kernel (RHSA-2026:27288)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27288 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix tx.buf...

9.8CVSS6.2AI score0.004EPSS

Exploits1References32

Tenable Nessus•added 5 days ago•9 views

RHEL 8 : kernel (RHSA-2026:27355)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27355 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: actpedit: extend the writab...

6AI score0.00291EPSS

Exploits1References4

Tenable Nessus•added 5 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-49346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit...

7.1CVSS5.9AI score0.00184EPSS

Exploits1References3

Tenable Nessus•added 5 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-49295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds array write in...

7.1CVSS5.9AI score0.00184EPSS

Exploits1References3

Spring Security Advisories•added 5 days ago•9 views

MongoDB-backed Spring Batch jobs and more in Spring Boot 4.1

Spring Batch was introduced many years before MongoDB existed, and its design assumed the presence of a SQL database in which to store the state of Spring Batch jobs. But that was decades ago, and a common question for anyone new to Spring Batch was, "Why does this thing need to talk to a SQL...

6.1AI score

Exploits0

Tenable Nessus•added 5 days ago•5 views

Debian dsa-6356 : imagemagick - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6356 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6356-1 [email protected] https://www.debian.org/securit...

7.5CVSS6.5AI score0.00269EPSS

Exploits0References20

OSSF Malicious Packages•added 6 days ago•9 views

Malicious code in d0rk3r-telemetry (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da4542d225ef144ecc5df2f578104ffc12659196c57b2214ecb54f60620601c6 On import d0rk3rtelemetry, the package spawns a background thread that reads installer-owned secrets and POSTs them to an attacker-controlled endpoin...

6AI score

Exploits0References3

OSV•added 6 days ago•5 views

MAL-2026-6244 Malicious code in d0rk3r-telemetry (PyPI)

6AI score

Exploits0References3

OSSF Malicious Packages•added 6 days ago•10 views

Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score

Exploits0References23

OSV•added 6 days ago•3 views

MAL-2026-6260 Malicious code in free-anthropic-claude (npm)

5.8AI score

Exploits0References23

GithubExploit•added 6 days ago•69 views

explotability_analysis_ebpf

eBPF Verifier Exploit Research — s344024 Romano Simone Resear...

8.2CVSS5.9AI score0.00516EPSS

Exploits1

NVD•added 6 days ago•9 views

CVE-2026-56317

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

6.1CVSS0.00209EPSS

Exploits0References4

NVD•added 6 days ago•7 views

CVE-2025-71331

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

6.1CVSS0.00222EPSS

Exploits1References2

EUVD•added 6 days ago•6 views

EUVD-2025-210289

6.1CVSS5.7AI score0.00222EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by