CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/03 12:0 a.m.•8 views

Sumi Interactive GRID Organiser 安全漏洞

Sumi Interactive GRID Organizer is an activity planning and management application developed by Sumi Interactive in China. Versions of Sumi Interactive GRID Organizer prior to 1.0.5 contained security vulnerabilities, which were caused by the use of hardcoded encryption keys for the Parameter...

4.8CVSS5.8AI score0.00141EPSS

CNNVD•added 2026/04/03 12:0 a.m.•5 views

Noelse Individuals & Pro App 安全漏洞

Noelse Individuals & Pro App is a financial services app developed by the French company Noelse, designed for individual and professional users to manage online accounts, handle payments, and access financial tools. The Noelse Individuals & Pro App versions 2.1.7 and earlier contain security...

4.8CVSS5.8AI score0.00144EPSS

CNNVD•added 2026/04/03 12:0 a.m.•5 views

Wahoo Fitness SYSTM App 安全漏洞

The Wahoo Fitness SYSTM App is a comprehensive structured training app developed by Wahoo Fitness in the United States. The Wahoo Fitness SYSTM App versions 7.2.1 and earlier contained security vulnerabilities, which stemmed from the use of hardcoded encryption keys for the SEGMENTWRITEKEY...

4.8CVSS5.8AI score0.00156EPSS

Positive Technologies•added 2026/04/03 12:0 a.m.•4 views

PT-2026-29993

A weakness has been identified in Noelse Individuals & Pro App up to 2.1.7 on Android. This impacts an unknown function of the file com/reactnative/antelop/BuildConfig.java of the component com.afone.noelse. This manipulation of the argument SEGMENT WRITE KEY causes use of hard-coded cryptographi...

4.8CVSS5.4AI score0.00144EPSS

Exploits0References5

CNNVD•added 2026/04/03 12:0 a.m.•13 views

PropertyGuru AgentNet Singapore App 安全漏洞

The PropertyGuru AgentNet Singapore App is a mobile application used by PropertyGuru in Singapore as an real estate agency. The PropertyGuru AgentNet Singapore App versions prior to 23.7.10 contained a security vulnerability, which was caused by the use of hardcoded encryption keys for parameters...

4.8CVSS5.8AI score0.00144EPSS

NVD•added 2026/04/02 6:16 p.m.•2 views

CVE-2026-34119

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...

7.1CVSS0.00228EPSS

CNNVD•added 2026/04/02 12:0 a.m.•4 views

Lean Crypto Library 安全漏洞

Lean Crypto Library is a lightweight quantum-resistant cryptographic algorithm library developed by smuellerDD as an individual project. Versions of Lean Crypto Library prior to 1.7.1 contained security vulnerabilities. These vulnerabilities stemmed from integer overflows that occurred when the...

5.9CVSS5.8AI score0.00162EPSS

OSV•added 2026/03/27 8:4 p.m.•1 views

GHSA-37CH-88JC-XWX2 path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters

Impact A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period .. For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in [email protected] only prevents ambiguity for two parameter...

7.5CVSS5.9AI score0.00496EPSS

Exploits0References7

NVD•added 2026/03/26 5:16 p.m.•17 views

CVE-2026-4867

Impact: A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period .. For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in [email protected] only prevents ambiguity for two...

7.5CVSS0.00496EPSS

OSV•added 2026/03/26 5:16 p.m.•2 views

DEBIAN-CVE-2026-4867

7.5CVSS5.4AI score0.00496EPSS

UbuntuCve•added 2026/03/26 5:16 p.m.•1 views

CVE-2026-4867

7.5CVSS5.9AI score0.00496EPSS

Exploits0References5

ATTACKERKB•added 2026/03/26 4:16 p.m.•1 views

CVE-2026-4867

7.5CVSS5.9AI score0.00496EPSS

Cvelist•added 2026/03/26 4:16 p.m.•23 views

CVE-2026-4867 path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters

7.5CVSS0.00496EPSS

RedhatCVE•added 2026/03/26 3:15 p.m.•2 views

CVE-2026-4242

A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babychakra/Configuration.java of the component app.babychakra.babychakra. Performing a manipulation of the argument SEGMENTWRITEKE...

2.5CVSS4.8AI score0.00099EPSS

RedhatCVE•added 2026/03/26 3:6 p.m.•5 views

CVE-2026-26933

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

5.7CVSS5.8AI score0.00239EPSS

UbuntuCve•added 2026/03/26 11:16 a.m.•5 views

CVE-2026-23397

In the Linux kernel, the following vulnerability has been resolved: nfnetlinkosf: validate individual option lengths in fingerprints nfnlosfaddcallback validates optnum bounds and string NUL-termination but does not check individual option length fields. A zero-length option causes nfosfmatchone ...

7.1CVSS5.8AI score0.00117EPSS

Exploits0References8

OSV•added 2026/03/26 11:16 a.m.•0 views

UBUNTU-CVE-2026-23397

7.1CVSS5.8AI score0.00117EPSS

Exploits0References9

OSV•added 2026/03/25 12:20 a.m.•5 views

OSV-2026-455 UNKNOWN READ in mkv::matroska_segment_c::TrackInit

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=495498906 Crash type: UNKNOWN READ Crash state: mkv::matroskasegmentc::TrackInit mkv::matroskasegmentc::TrackInit mkv::matroskasegmentc::ParseTrackEntry...

5.8AI score