CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1561 matches found

The Hacker News•added 2026/03/10 4:21 p.m.•7 views

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

Artificial Intelligence AI is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new "back door" f...

5.9AI score

Exploits0

The Hacker News•added 2026/03/10 11:0 a.m.•9 views

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder's Head of Security digs into why this happens and how teams can manage ...

6.4AI score

Exploits0

hivepro•added 2026/03/10 5:11 a.m.•1 views

What Is Exposure Management? A Modern Guide

Attackers don't just look for a single high-severity vulnerability; they look for a path of least resistance. They connect the dots between a misconfigured cloud service, an exposed credential, and an unpatched server to reach their goal. To build a strong defense, you need to see your environmen...

5.9AI score

Exploits0

Tenable Nessus•added 2026/03/05 12:0 a.m.•3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005775)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005775 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...

5.5CVSS5.9AI score0.00146EPSS

Exploits0References4

Snyk•added 2026/03/02 9:59 p.m.•4 views

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization through an authorization mismatch in the agent. An attacker can perform privileged control-plane actions beyond their intended write scope by invoking owner-only too...

8.8CVSS6AI score0.00412EPSS

Exploits0References3

hivepro•added 2026/03/01 6:34 p.m.•4 views

5 Best Kenna Replacement Options to Consider

Attackers don't think in terms of isolated CVE scores. They look for the path of least resistance, chaining together multiple weaknesses across your entire attack surface to reach their goal. This is why the search for a Kenna replacement is so critical. It’s not just about finding a new tool to...

6AI score

Exploits0

Tenable Nessus•added 2026/03/01 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-25955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer...

9.8CVSS5.8AI score0.00498EPSS

Exploits1References4

SUSE CVE•added 2026/02/28 12:24 a.m.•4 views

SUSE CVE-2026-25955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...

4.3CVSS5.8AI score0.00498EPSS

Exploits1References3

SUSE CVE•added 2026/02/28 12:24 a.m.•1 views

SUSE CVE-2026-26955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...

8.8CVSS6.1AI score0.00348EPSS

Exploits1References13

RedhatCVE•added 2026/02/26 10:34 p.m.•4 views

CVE-2026-26955

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.5AI score0.00348EPSS

Exploits1References5

OSV•added 2026/02/26 2:16 a.m.•3 views

DEBIAN-CVE-2026-27903

minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, matchOne performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent GLOBSTAR...

7.5CVSS7.2AI score0.00499EPSS

Exploits1References1

OSV•added 2026/02/26 2:16 a.m.•2 views

UBUNTU-CVE-2026-27903

7.5CVSS5.7AI score0.00499EPSS

Exploits1References3

Debian CVE•added 2026/02/26 1:6 a.m.•5 views

CVE-2026-27903

7.5CVSS7.2AI score0.00499EPSS

Exploits1

OSV•added 2026/02/26 1:6 a.m.•5 views

CVE-2026-27903 minimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments

7.5CVSS5.6AI score0.00499EPSS

Exploits1References3

Positive Technologies•added 2026/02/26 12:0 a.m.•6 views

PT-2026-22078

Name of the Vulnerable Software and Affected Versions minimatch versions prior to 3.1.3 minimatch versions 3.1.3 through 4.2.5 minimatch versions 4.2.5 through 5.1.8 minimatch versions 5.1.8 through 6.2.2 minimatch versions 6.2.2 through 7.4.8 minimatch versions 7.4.8 through 8.0.6 minimatch...

7.5CVSS5.9AI score0.00499EPSS

Exploits1References104