CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3429 matches found

CVE-2026-25657

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure CWE-228 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the...

7.1CVSS5.4AI score0.00016EPSS

Exploits0References1

RedhatCVE•added 2 days ago•5 views

CVE-2025-59853

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

5.3CVSS5.5AI score0.00032EPSS

Exploits0References1

RedhatCVE•added 2 days ago•4 views

CVE-2026-1248

IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...

4.3CVSS5.4AI score0.00029EPSS

Exploits0References1

RedhatCVE•added 2 days ago•5 views

CVE-2026-40963

The structuredata endpoint in the Airflow UI returned external dependency graph nodes for linked Dags without checking whether the caller had read permission on those linked Dags. An authenticated UI/API user authorized for one Dag could enumerate linked Dag IDs and dependency metadata for other...

3.1CVSS5.5AI score0.00045EPSS

Exploits0References1

RedhatCVE•added 2 days ago•4 views

CVE-2026-47332

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent...

5.5CVSS5.4AI score0.00014EPSS

Exploits0References1

RedhatCVE•added 2 days ago•7 views

CVE-2026-5943

Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...

7.8CVSS7.2AI score0.00015EPSS

Exploits0References1

RedhatCVE•added 2 days ago•5 views

CVE-2026-42100

Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service DoS attack to be executed by sending an specially crafted SQL query. This causes the Pro Cloud Server service to terminate unexpectedly. The vendor was notified early about this vulnerability,...

7.5CVSS5.5AI score0.00047EPSS

Exploits1References1

CVE•added 2 days ago•9 views

CVE-2026-25657

CVE-2026-25657 affects Ericsson Packet Core Gateway (PCG) versions prior to 1.30. The issue is an Improper Handling of Syntactically Invalid Structure (CWE-228). An attacker can continuously send a specially crafted message to degrade service; impact is on availability. The description notes the ...

7.1CVSS5.4AI score0.00016EPSS

Exploits0References1

Cvelist•added 2 days ago•35 views

CVE-2026-25657 Ericsson Packet Core Gateway (PCG) - Improper Handling of Syntactically Invalid Structure Vulnerability

7.1CVSS0.00016EPSS

Exploits0References1

EUVD•added 2 days ago•6 views

EUVD-2026-34821

7.1CVSS5.4AI score0.00016EPSS

Exploits0References1

ATTACKERKB•added 2 days ago•5 views

CVE-2026-25657

7.1CVSS5.4AI score0.00016EPSS

Exploits0References2

Vulnrichment•added 2 days ago•5 views

CVE-2026-25657 Ericsson Packet Core Gateway (PCG) - Improper Handling of Syntactically Invalid Structure Vulnerability

7.1CVSS5.4AI score0.00016EPSS

Exploits0References1

Positive Technologies•added 2 days ago•9 views

PT-2026-46933

7.1CVSS5.4AI score0.00016EPSS

Exploits0References2

EUVD•added 3 days ago•5 views

EUVD-2026-34322

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

6.2AI score0.00063EPSS

Exploits0References1

Vulnrichment•added 4 days ago•4 views

CVE-2026-10703 EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

6.5CVSS6.1AI score0.00046EPSS

Exploits0References7

Tenable Nessus•added 4 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized...

5.8AI score0.00022EPSS

Exploits0References2

Positive Technologies•added 4 days ago•8 views

PT-2026-45897

6.5CVSS5.3AI score0.00046EPSS

Exploits0References8

CVE•added 6 days ago•12 views

CVE-2026-40963

The CVE-2026-40963 issue affects the Apache Airflow UI’s /ui/structure/structure_data endpoint. It allows an authenticated user with access to one Dag to enumerate dependency graph nodes and related metadata for other Dags for which they lack read permissions, leaking topology across teams when p...

3.1CVSS5.8AI score0.00045EPSS

Exploits0References3Affected Software1

Vulnrichment•added 6 days ago•8 views

CVE-2026-40963 Apache Airflow: DAG authorization bypass on /ui/structure/structure_data

5.8AI score0.00045EPSS

Exploits0References2

ATTACKERKB•added 6 days ago•7 views

CVE-2026-40963

5.8AI score0.00045EPSS

Exploits0References3Affected Software1

Rows per page