CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

161 matches found

CVE-2026-10896

CVE-2026-10896 affects Chrome for iOS (Google Chrome on iOS) prior to 149.0.7827.53. The vulnerability is a use-after-free in handling crafted HTML pages, enabling a remote attacker to execute arbitrary code. The Google Chrome 149 stable release (Chrome 149.0.7827.53 for Linux/Windows/macOS; iOS ...

8.8CVSS6.2AI score

Exploits0References2

RedHat Linux•added 2026/05/12 9:26 p.m.•12 views

Important: Red Hat Security Advisory: Kiali 2.22.3 for Red Hat OpenShift Service Mesh 3.3

Kiali 2.22.3 for Red Hat OpenShift Service Mesh 3.3 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.3. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Critical. A Commo...

10CVSS7.2AI score0.00148EPSS

Exploits6References10

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в intel-microcode

The removal or modification of security-critical code in certain Intel processors may allow an authenticated user to potentially enable information disclosure through local access...

5.5CVSS6.5AI score0.00054EPSS

Exploits0References2

SUSE CVE•added 2026/04/30 2:25 a.m.•2 views

SUSE CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

6.5CVSS5.3AI score0.00034EPSS

Exploits0References3

Cvelist•added 2026/04/28 12:0 a.m.•23 views

CVE-2026-41526

6.5CVSS0.00034EPSS

Exploits0References5

Packet Storm News•added 2026/02/10 12:0 a.m.•6 views

Following Dragons: Code Review-Guided Fuzzing

Modern fuzzers scale to large, real-world software but often fail to exercise the program states developers consider most fragile or security-critical. Such states are typically deep in the execution space, gated by preconditions, or overshadowed by lower-value paths that consume limited fuzzing...

6AI score

Exploits0

NVD•added 2026/02/09 6:16 p.m.•1 views

CVE-2025-66630

Fiber is an Express inspired web framework written in Go. Before 2.52.11, on Go versions prior to 1.24, the underlying crypto/rand implementation can return an error if secure randomness cannot be obtained. Because no error is returned by the Fiber v2 UUID functions, application code may...

9.4CVSS0.0002EPSS

Exploits0References3

CNNVD•added 2026/02/09 12:0 a.m.•2 views

Fiber 安全特征问题漏洞

Fiber is Fiber open source an open source Web framework written in Go language . Fiber suffers from a security signature issue vulnerability. The vulnerability stems from an error not returned by the UUID function and can be exploited by an attacker to use predictable or low entropy identifiers i...

9.4CVSS6AI score0.0002EPSS

Exploits0References3

OSV•added 2026/01/26 8:16 p.m.•2 views

AZL-75476 CVE-2025-11065 affecting package packer 1.9.5-11

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00009EPSS

Exploits0References1

OSV•added 2026/01/26 8:16 p.m.•3 views

AZL-75527 CVE-2025-11065 affecting package moby-cli for versions less than 24.0.9-8

5.3CVSS6.6AI score0.00009EPSS

Exploits0References1

OSV•added 2026/01/26 8:16 p.m.•0 views

AZL-75500 CVE-2025-11065 affecting package kured for versions less than 1.14.2-7

5.3CVSS6.5AI score0.00009EPSS

Exploits0References1

OSV•added 2026/01/26 8:16 p.m.•0 views

AZL-75579 CVE-2025-11065 affecting package terraform for versions less than 1.3.2-29