CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Updater in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious...

7.3CVSS5.4AI score0.00079EPSS

Tenable Nessus•added 2026/06/03 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-28958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app ma...

5.5CVSS5.4AI score0.0014EPSS

Tenable Nessus•added 2026/06/02 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-41437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

5.8AI score

Tenable Nessus•added 2026/05/29 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...

5.5CVSS5.9AI score0.00119EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•14 views

Linux Distros Unpatched Vulnerability : CVE-2026-8643

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leadin...

5.5CVSS5.4AI score0.00165EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-9966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in XML in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially...

8.3CVSS5.5AI score0.00213EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•12 views

Linux Distros Unpatched Vulnerability : CVE-2026-47734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access...

5.7CVSS5.5AI score0.00328EPSS

Exploits0References4

Tenable Nessus•added 2026/05/29 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-9884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Browser in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

8.8CVSS6.1AI score0.00383EPSS

RedhatCVE•added 2026/05/28 8:12 p.m.•9 views

CVE-2026-46366

phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted FAQ entries and read their titles via the /solutionidid.html endpoint. Attackers can sequentially...

8.7CVSS5.8AI score0.00259EPSS

CNNVD•added 2026/05/28 12:0 a.m.•9 views

Follet School Solutions Destiny 安全漏洞

Follet School Solutions Destiny is a school solution provided by Follet Corporation. Versions of Follet School Solutions Destiny prior to 22.0.1 AU1 contained security vulnerabilities. These vulnerabilities stemmed from a cross-site scripting vulnerability in the site parameter of...

5.1CVSS5.9AI score0.00333EPSS

Tenable Nessus•added 2026/05/28 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-47766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - crun - None Ubuntu Linux - Unknown description CVE-2026-47766 Note that Nessus relies on the presence of the package as reported by the vendor...

5.8AI score0.00024EPSS

CNNVD•added 2026/05/27 12:0 a.m.•7 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

6.9CVSS5.9AI score0.00281EPSS

CNNVD•added 2026/05/27 12:0 a.m.•7 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymbCONNECT24 is an internal...

6.9CVSS5.9AI score0.00281EPSS

CNNVD•added 2026/05/27 12:0 a.m.•7 views

Ella Core 安全特征问题漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.10.0 contained security feature vulnerabilities. These vulnerabilities stemmed from an unvalidated check to ensure that the UE security...

6.1CVSS5.8AI score0.00148EPSS

Tenable Nessus•added 2026/05/21 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig: Sandbox property allowlist bypass via the column filter arraycolumn on objects CVE-2026-46635 Note that Nessus relies on the presence of the package as...

5.8AI score0.00047EPSS

Tenable Nessus•added 2026/05/21 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-9124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Input in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer proce...

5.3CVSS5.8AI score0.00257EPSS

Tenable Nessus•added 2026/05/19 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-8950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird...

9.3CVSS5.9AI score0.00194EPSS

Github Security Blog•added 2026/05/15 9:31 p.m.•5 views

Duplicate Advisory: phpMyFAQ has unauthenticated FAQ permission bypass via getFaqBySolutionId fallback query

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-289f-fq7w-6q2w. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId method that lacks...

8.7CVSS5.3AI score0.00259EPSS

Exploits0References4Affected Software2

OSV•added 2026/05/15 9:31 p.m.•4 views

GHSA-CQRW-J4QC-7F9W Duplicate Advisory: phpMyFAQ has unauthenticated FAQ permission bypass via getFaqBySolutionId fallback query

8.7CVSS5.3AI score0.00259EPSS