CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в qt4-x11, qtbase-opensource-src

A issue was discovered in Qt before version 5.15.15, in versions 6.x before 6.2.9, and in versions 6.3.x through 6.5.x before 6.5.1. When an SVG file containing an image is rendered, a QTextLayout buffer overflow can occur...

7.5CVSS7.3AI score0.00085EPSS

Exploits0References2

Tenable Nessus•added 2026/05/18 12:0 a.m.•5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-021488)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021488 advisory. In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.setcookie were not checked for...

7.2CVSS5.8AI score0.00018EPSS

RedhatCVE•added 2026/05/13 2:20 a.m.•8 views

CVE-2026-28957

An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to capture a user's screen...

3.3CVSS5.8AI score0.00011EPSS

RedhatCVE•added 2026/05/12 8:22 p.m.•7 views

CVE-2026-43658

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4:...

8.8CVSS5.8AI score0.00049EPSS

RedhatCVE•added 2026/05/12 8:21 p.m.•7 views

CVE-2026-28963

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26.5 and iPadOS 26.5. An attacker with physical access may be able to use Visual Intelligence to access sensitive user data during iPhone Mirroring...

4.6CVSS5.8AI score0.0002EPSS

RedhatCVE•added 2026/05/12 8:21 p.m.•11 views

CVE-2026-28991

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service...

7.5CVSS5.8AI score0.00062EPSS

Microsoft Security Update•added 2026/05/12 5:0 p.m.•11 views

2026-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 (KB5087065)

2026-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 KB5087065...

5.8AI score

Exploits0

RedHat Linux•added 2026/05/12 3:15 p.m.•3 views

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.5.1

Logging for Red Hat OpenShift - 6.5.1 Red Hat OpenShift Logging 6.5.1 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs...

8.2CVSS5.8AI score0.00015EPSS

Exploits0References2

EUVD•added 2026/05/11 9:31 p.m.•9 views

EUVD-2026-29256

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to gain root privileges...

5.8AI score0.00011EPSS

EUVD•added 2026/05/11 9:31 p.m.•7 views

EUVD-2026-29249

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing a maliciously crafted image may corrupt process memory...

5.8AI score0.00046EPSS

Exploits0References7

EUVD•added 2026/05/11 9:31 p.m.•9 views

EUVD-2026-29262

5.8AI score0.00011EPSS

NVD•added 2026/05/11 9:18 p.m.•7 views

CVE-2026-28995

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A malicious app may be able to break out of its sandbox...

8.8CVSS0.00011EPSS

NVD•added 2026/05/11 9:18 p.m.•8 views

CVE-2026-28915

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to gain root privileges...

7.8CVSS0.00018EPSS

Exploits0References3

NVD•added 2026/05/11 9:18 p.m.•5 views

CVE-2026-28903

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.00042EPSS

Exploits0References7

Vulnrichment•added 2026/05/11 8:8 p.m.•6 views

CVE-2026-28995

5.8AI score0.00011EPSS

CVE•added 2026/05/11 8:8 p.m.•8 views

CVE-2026-28901

This CVE (CVE-2026-28901) is tied to Apple platforms and affects memory handling in the processing of web content, causing an unexpected process crash. According to connected advisories, Apple has addressed this with updates across multiple OS lines (iOS/iPadOS, macOS Tahoe, tvOS, visionOS, watch...

4.3CVSS5.8AI score0.00045EPSS

Exploits0References6Affected Software6

Cvelist•added 2026/05/11 8:8 p.m.•28 views

CVE-2026-28901

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

0.00045EPSS

Cvelist•added 2026/05/11 8:8 p.m.•26 views

CVE-2026-28988

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5, watchOS 26.5. An app may be able to bypass certain Privacy preferences...

0.00009EPSS