CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/05 7:22 p.m.•8 views

CVE-2026-34063

Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, network-libp2p discovery uses a libp2p ConnectionHandler state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer...

7.5CVSS5.6AI score0.00352EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:12 p.m.•10 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS5.5AI score0.00347EPSS

Packet Storm News•added 2026/05/30 12:0 a.m.•17 views

Framework for Discovering GPS Spoofing Attacks in Drone Swarms

Swarm robotics, particularly drone swarms, are used in various safety-critical tasks. While a lot of attention has been given to improving swarm control algorithms for improved intelligence, the security implications of various design choices in swarm control algorithms have not been studied. We...

5.8AI score

NVD•added 2026/05/28 10:16 p.m.•13 views

CVE-2026-44849

9.4CVSS0.00347EPSS

Vulnrichment•added 2026/05/28 9:6 p.m.•11 views

CVE-2026-44849 Portainer: Endpoint security bypass via Swarm service create/update

EUVD•added 2026/05/28 9:6 p.m.•9 views

EUVD-2026-33063

CVE•added 2026/05/28 9:6 p.m.•53 views

CVE-2026-44849

CVE-2026-44849 describes an endpoint security bypass in Portainer: non-admin users with Swarm endpoint access can create/update services and bypass EndpointSecuritySettings checks, allowing elevated capabilities, broken syscall confinement, and bind mounts to host paths. Affected are Portainer re...

Exploits1References1Affected Software1

ATTACKERKB•added 2026/05/28 9:6 p.m.•9 views

CVE-2026-44849

5.8AI score0.00347EPSS

Exploits1References2Affected Software1

Cvelist•added 2026/05/28 9:6 p.m.•37 views

CVE-2026-44849 Portainer: Endpoint security bypass via Swarm service create/update

9.4CVSS0.00347EPSS

CNNVD•added 2026/05/28 12:0 a.m.•12 views

Portainer 安全漏洞

Portainer is a lightweight user management interface developed by Portainer Foundation for managing Docker environments and Docker hosts. There were security vulnerabilities in versions of Portainer Community Edition from 2.33.0 to 2.33.8, as well as in versions prior to 2.39.2 and 2.41.0. These...

vulnersOsv•added 2026/05/26 2:43 p.m.•6 views

aana (>=0.2.1 <=0.2.2.2), acai-swarm (=0.1.0) +218 more potentially affected by CVE-2026-9540 via vllm (>=0.10.0 <=0.9.2)

vllm PYPI version =0.10.0, =0.2.1, =1.2.1, =0.0.0, =2.3.5, =0.0.7, =0.0.1b1, =0.1.15, =0.2.4, =1.0.0, =1.0.14 and more Source cves: CVE-2026-9540 Source advisory: SNYK:PYTHON-VLLM-16887889...

6.9CVSS5.8AI score0.00427EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в docker.io

Moby is an open-source container framework developed by Docker Inc. It is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, “dockerd”, which was developed as “moby/moby”, is commonly referred to as Docker. Swarm Mode, whi...

8.7CVSS7.2AI score0.02733EPSS

Exploits1References2

OSV•added 2026/05/14 4:33 p.m.•6 views

GHSA-5FXQ-QCF3-244W Portainer has an endpoint security bypass via Swarm service create/update

Summary Portainer enforces seven EndpointSecuritySettings restrictions that administrators configure to restrict the container configurations non-admin users can launch: privileged mode, host PID namespace, device mapping, capabilities, sysctls, security-opt Seccomp / AppArmor, and bind mounts. T...

Github Security Blog•added 2026/05/14 4:33 p.m.•9 views

Exploits1References6

Portainer has an endpoint security bypass via Swarm service create/update

Exploits1References6Affected Software1

Snyk•added 2026/05/14 4:33 p.m.•10 views

Missing Authorization

Overview github.com/portainer/portainer/api/http/proxy/factory/docker is a management UI which allows to manage different Docker environments. Affected versions of this package are vulnerable to Missing Authorization in the enforcement of endpoint security restrictions for non-admin users on Dock...

9.9CVSS5.7AI score0.00347EPSS

Exploits1References2

Packet Storm News•added 2026/05/10 12:0 a.m.•8 views

Position: AI Security Policy Should Target Systems, Not Models

We present swarm-attack, an open-source adversarial testing framework in which multiple lightweight LLM agents coordinate through shared memory, parallel exploration, and evolutionary optimization. Together, our results demonstrate that both safety bypass of frontier models and software...

5.9AI score

vulnersOsv•added 2026/04/27 6:19 p.m.•6 views

aana (>=0.2.1 <=0.2.2.2), acai-swarm (=0.1.0) +218 more potentially affected by CVE-2026-7141 via vllm (>=0.10.0 <=0.9.2)

vllm PYPI version =0.10.0, =0.2.1, =1.2.1, =0.0.0, =2.3.5, =0.0.7, =0.0.1b1, =0.1.15, =0.2.4, =1.0.0, =1.0.14 and more Source cves: CVE-2026-7141 Source advisory: SNYK:PYTHON-VLLM-16316415...

6.3CVSS6AI score0.00288EPSS