CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2135 matches found

USN-8375-1 nginx vulnerabilities

It was discovered that the nginx ngxmailsmtpmodule module incorrectly handled certain memory operations when doing SMTP authentication. This could possibly result in sensitive information being sent to the authentication server. CVE-2025-53859 It was discovered that nginx incorrectly handled...

9.2CVSS6AI score0.00897EPSS

Exploits37References13

RedhatCVE•added 3 days ago•4 views

CVE-2026-45803

A flaw was found in GitHub CLI. A remote attacker who can influence GitHub Actions workflow log output could inject terminal escape sequences into workflow logs. When a user views these logs using gh run view --log or gh run view --log-failed, the injected sequences may be replayed by the user's...

3.5CVSS5.7AI score0.00034EPSS

Exploits1References4

PyPA•added 3 days ago•5 views

PYSEC-2026-181

A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a taskid containing .. sequences accepted by the Task SDK's KEYREGEX write-path attack, and...

6.5CVSS5.9AI score0.0007EPSS

Exploits0References3Affected Software1

RedHat Linux•added 3 days ago•11 views

pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

7.5CVSS7AI score0.00027EPSS

Exploits1References6

Rockylinux•added 6 days ago•9 views

python-markdown security update

An update is available for python-markdown. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

7.5CVSS5.8AI score0.00385EPSS

Exploits1

Rockylinux•added last week•6 views

python-markdown security update

An update is available for python-markdown. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

7.5CVSS7.3AI score0.00385EPSS

Exploits1

NVD•added 2026/05/27 3:16 p.m.•10 views

CVE-2026-44972

GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 to 2.9.0, GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-readable output without escaping terminal control characters. A malicious package can therefore inject...

5CVSS0.00013EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 2:42 p.m.•6 views

CVE-2026-44972

5CVSS5.9AI score0.00013EPSS

Exploits0References2Affected Software1

EUVD•added 2026/05/27 2:42 p.m.•6 views

EUVD-2026-32534

5CVSS5.9AI score0.00013EPSS

Exploits0References1

RedhatCVE•added 2026/05/27 2:12 p.m.•5 views

CVE-2026-3345

IBM Langflow Desktop =1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS6AI score0.00068EPSS

Exploits0References1

CNNVD•added 2026/05/27 12:0 a.m.•5 views

GuardDog 安全漏洞

GuardDog is an open-source CLI tool developed by GuardDog, which allows for the identification of malicious PyPI packages. Versions 2.6.0 to 2.9.0 of GuardDog contain security vulnerabilities. These vulnerabilities stem from the default human-readable output, which includes filenames, file...

5CVSS5.9AI score0.00013EPSS

Exploits0References1

RedHat Linux•added 2026/05/26 7:36 a.m.•7 views

python-markdown: denial of service via malformed HTML-like sequences

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive informati...

7.5CVSS7.2AI score0.00385EPSS

Exploits1References7

RedHat Linux•added 2026/05/26 7:36 a.m.•10 views

Important: Red Hat Security Advisory: python-markdown security update

An update for python-markdown is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.2AI score0.00385EPSS

Exploits1References2

RedHat Linux•added 2026/05/26 7:7 a.m.•6 views

python-markdown: denial of service via malformed HTML-like sequences

7.5CVSS7.2AI score0.00385EPSS

Exploits1References7

Tenable Nessus•added 2026/05/26 12:0 a.m.•6 views

RHEL 9 : python-markdown (RHSA-2026:20676)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:20676 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

7.5CVSS5.9AI score0.00385EPSS

Exploits1References4

RedhatCVE•added 2026/05/25 11:8 p.m.•6 views

CVE-2026-41071

A flaw was found in libheif, a library for decoding and encoding HEIF High Efficiency Image File Format and AVIF files. A remote attacker could exploit this vulnerability by providing a specially crafted HEIF sequence file. When parsing the file, if the saiz sample auxiliary information box...

8.1CVSS5.8AI score0.00042EPSS

Exploits1References2

ATTACKERKB•added 2026/05/25 2:15 p.m.•5 views

CVE-2018-25365

PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use path traversal sequences ../../../../../../../../../../../../etc/passwd to access sensitive system...

8.7CVSS5.9AI score0.00683EPSS

Exploits0References3

Cvelist•added 2026/05/22 8:49 p.m.•9 views

CVE-2026-41069 libheif allows Out-of-bounds vector access leading to invalid dereference (DoS)

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS0.00041EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в util-linux

The wall function in util-linux up to version 2.40 is often installed with setgid and tty permissions. This allows escape sequences to be sent to other users’ terminals via argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocke...

3.3CVSS6.8AI score0.10933EPSS

Exploits3References2

RedHat Linux•added 2026/05/19 10:12 p.m.•15 views

python-markdown: denial of service via malformed HTML-like sequences

7.5CVSS7.2AI score0.00385EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by