CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A flaw was found in the Linux kernel's thermal management module. A reference leak occurs in the thermalofcmlookup function because a device node trnp obtained through ofparsephandle is not properly released. This issue can lead to resource exhaustion over time, potentially impacting system...

5.5CVSS5.8AI score0.002EPSS

Exploits0References4

IBM Security Bulletins•added 2026/05/28 12:49 a.m.•12 views

Security Bulletin: Due to the use of IBM Tivoli Monitoring and IBM Db2, IBM Cloud Pak System is affected by multiple vulnerabilities

Summary IBM Tivoli Monitoring code execution and IBM Db2 vulnerabilities have been found in IBM Tivoli Monitoring shipped with IBM Cloud Pak System IBM Tivoli MonitoringITM patternType itm pType, and IBM Cloud Pak System DB2 pattern type db2 pType shipped with Cloud Pak System. Vulnerabilities we...

10CVSS7.7AI score0.37804EPSS

Exploits9Affected Software1

RedhatCVE•added 2026/05/28 12:37 a.m.•12 views

CVE-2026-45934

A flaw was found in the Linux kernel's btrfs filesystem. This issue occurs due to non-consecutive gaps in chunk allocation, leading to overlapping chunk maps. A local attacker could exploit this by triggering specific chunk allocation scenarios, potentially causing filesystem operations to abort...

7CVSS5.8AI score0.00166EPSS

Exploits0References4

OSSF Malicious Packages•added 2026/05/28 12:0 a.m.•10 views

Malicious code in @car-loans/application-aff (npm)

Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/28 12:0 a.m.•8 views

Malicious code in @cloudplatform-single-spa/aifactory-notebooks (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/28 12:0 a.m.•15 views

Malicious code in @cloudplatform-single-spa/virtual-ip (npm)

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/28 12:0 a.m.•10 views

Malicious code in @cloudplatform-single-spa/marketplace-apps (npm)

5.8AI score

Exploits0References1

CNNVD•added 2026/05/28 12:0 a.m.•5 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from out-of-bounds read accesses and infinite loops in the hcilecreatebigcompleteevt function. This...

8.1CVSS5.8AI score0.0028EPSS

Exploits0References5

OSSF Malicious Packages•added 2026/05/28 12:0 a.m.•12 views

Malicious code in @cloudplatform-single-spa/event-bus (npm)

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/28 12:0 a.m.•8 views

Malicious code in @cloudplatform-single-spa/clickhouse (npm)

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/28 12:0 a.m.•14 views

Malicious code in @cloudplatform-single-spa/svp-managed-kubernetes (npm)