CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5479 matches found

CVE•added 2026/06/05 11:3 a.m.•15 views

CVE-2026-25657

CVE-2026-25657 affects Ericsson Packet Core Gateway (PCG) versions prior to 1.30. The issue is an Improper Handling of Syntactically Invalid Structure (CWE-228). An attacker can continuously send a specially crafted message to degrade service; impact is on availability. The description notes the ...

7.1CVSS5.4AI score0.00165EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/06/05 12:0 a.m.•11 views

PT-2026-46933

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure CWE-228 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the...

7.1CVSS5.4AI score0.00165EPSS

Exploits0References2

EUVD•added 2026/06/04 7:54 p.m.•8 views

EUVD-2026-34322

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

6.2AI score0.00218EPSS

Exploits0References1

Vulnrichment•added 2026/06/03 12:30 a.m.•7 views

CVE-2026-10703 EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

6.5CVSS6.1AI score0.00243EPSS

Exploits0References7

Positive Technologies•added 2026/06/03 12:0 a.m.•9 views

PT-2026-45897

6.5CVSS5.3AI score0.00243EPSS

Exploits0References8

Tenable Nessus•added 2026/06/03 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized...

5.5CVSS5.5AI score0.00126EPSS

Exploits0References3

Positive Technologies•added 2026/06/02 12:0 a.m.•6 views

PT-2026-48797

Уязвимость программного обеспечения Blitz Identity Provider связана с непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, проводить межсайтовые сценарные атаки XSS...

6.8CVSS5.4AI score

Exploits0References2

Cvelist•added 2026/06/01 7:54 a.m.•29 views

CVE-2026-40963 Apache Airflow: DAG authorization bypass on /ui/structure/structure_data

The structuredata endpoint in the Airflow UI returned external dependency graph nodes for linked Dags without checking whether the caller had read permission on those linked Dags. An authenticated UI/API user authorized for one Dag could enumerate linked Dag IDs and dependency metadata for other...

0.00459EPSS

Exploits0References2

ATTACKERKB•added 2026/06/01 7:54 a.m.•7 views

CVE-2026-40963

5.8AI score0.00459EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/06/01 7:54 a.m.•10 views

CVE-2026-40963 Apache Airflow: DAG authorization bypass on /ui/structure/structure_data

5.8AI score0.00459EPSS

Exploits0References2

CVE•added 2026/06/01 7:54 a.m.•20 views

CVE-2026-40963

The CVE-2026-40963 issue affects the Apache Airflow UI’s /ui/structure/structure_data endpoint. It allows an authenticated user with access to one Dag to enumerate dependency graph nodes and related metadata for other Dags for which they lack read permissions, leaking topology across teams when p...

3.1CVSS5.8AI score0.00459EPSS

Exploits0References3Affected Software1

CNNVD•added 2026/06/01 12:0 a.m.•12 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow. The...

3.1CVSS5.3AI score0.00459EPSS

Exploits0References3

Packet Storm News•added 2026/05/30 12:0 a.m.•16 views

A Lightweight Hybrid MLP-Based Framework for Real-Time Phishing URL Detection Using Structural URL Features

Phishing attacks remain a major cybersecurity threat, exploiting deceptive URLs to steal sensitive user information. Traditional blacklist and rule-based detection approaches are reactive and often fail to identify newly emerging phishing URLs. This paper proposes a lightweight hybrid framework f...

5.8AI score

Exploits0

SUSE CVE•added 2026/05/29 1:14 a.m.•10 views

SUSE CVE-2026-46236

In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...

5.5CVSS5.8AI score0.00119EPSS

Exploits0References3

Debian CVE•added 2026/05/28 6:28 p.m.•8 views

CVE-2026-47332

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent...

5.5CVSS5.8AI score0.00106EPSS

Exploits0