CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

OSV•added 2026/06/12 12:25 p.m.•5 views

OESA-2026-2634 libsolv security update

A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: Security Fixes: A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when...

6.5CVSS5.9AI score0.0035EPSS

Exploits0References4

Amazon•added 2026/06/08 12:0 a.m.•6 views

Important: libsolv

Issue Overview: A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable...

7.8CVSS5.9AI score0.0035EPSS

Exploits1

Amazon•added 2026/06/08 12:0 a.m.•8 views

Important: libsolv

Issue Overview: A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI...

7.8CVSS5.9AI score0.0035EPSS

Exploits1

Microsoft CVE•added 2026/05/27 8:18 a.m.•7 views

Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file

...

6.5CVSS5.8AI score0.00274EPSS

Exploits0

Vulnrichment•added 2026/05/26 4:16 p.m.•6 views

CVE-2026-48864 Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...

7.8CVSS5.9AI score0.00158EPSS

Exploits1References3

CVE•added 2026/05/26 4:16 p.m.•52 views

CVE-2026-48864

CVE-2026-48864 affects libsolv. The issue is a heap buffer overflow during decompression of attacker-controlled data in .solv files, caused by insufficient input validation in repopagestore. This can lead to out-of-bounds memory access with potential information disclosure, alteration of program ...

7.8CVSS5.9AI score0.00158EPSS

Exploits1References3Affected Software6

Tenable Nessus•added 2026/05/22 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-9149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size valu...

6.5CVSS5.8AI score0.00274EPSS

Exploits0References4

SUSE CVE•added 2026/05/21 1:12 p.m.•10 views

SUSE CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

6.5CVSS5.9AI score0.00274EPSS

Exploits0References5