Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

241472 matches found

Wolfi
Wolfiadded 2026/05/12 7:48 p.m.11 views

GHSA-G36M-9G3M-2VMP vulnerabilities

Vulnerabilities for packages: wildfly...

5.8AI score
Exploits0
Wolfi
Wolfiadded 2026/05/12 7:48 p.m.10 views

GHSA-659W-93R5-9J6M vulnerabilities

Vulnerabilities for packages: thingsboard...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2026/05/12 7:30 p.m.9 views

Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)

Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...

7.8CVSS6AI score0.02678EPSS
Exploits227Affected Software1
Cvelist
Cvelistadded 2026/05/12 7:23 p.m.30 views

CVE-2026-44215 NanaZip: Heap out-of-bounds write in NanaZip UFS directory parser

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of th...

4.4CVSS0.00027EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 7:23 p.m.5 views

CVE-2026-44215

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of th...

4.4CVSS5.8AI score0.00027EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/12 7:22 p.m.4 views

CVE-2026-42445 NanaZip: Uncontrolled recursion in NanaZip UFS directory traversal causes stack exhaustion

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS...

3.3CVSS5.8AI score0.00014EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/12 7:22 p.m.7 views

EUVD-2026-29790

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS...

3.3CVSS5.8AI score0.00014EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 7:21 p.m.6 views

CVE-2026-42443

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an integer divide-by-zero exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the superblock field fsipg inodes per cylinder group is set to...

3.3CVSS5.8AI score0.00014EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/05/12 7:21 p.m.10 views

CVE-2026-42443

NanaZip (open source archiver) contains a local-denial bug in its UFS/UFS2 filesystem image parser. From versions 5.0.1252.0 up to before 6.0.1698.0, an integer divide-by-zero occurs when opening a crafted UFS image where the superblock field fs_ipg (inodes per cylinder group) is zero. The parser...

5.5CVSS5.8AI score0.00014EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/12 7:21 p.m.8 views

CVE-2026-42443 NanaZip: Integer divide-by-zero in NanaZip UFS inode offset calculation

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an integer divide-by-zero exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the superblock field fsipg inodes per cylinder group is set to...

3.3CVSS5.8AI score0.00014EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/12 7:21 p.m.7 views

EUVD-2026-29787

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a null-pointer dereference exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the root inode inode 2 is set to IFLNK symlink instead of IFDIR...

3.3CVSS5.9AI score0.00014EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/12 7:21 p.m.5 views

CVE-2026-42442 NanaZip: Null-pointer dereference in NanaZip UFS parser when root inode is a symlink

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a null-pointer dereference exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the root inode inode 2 is set to IFLNK symlink instead of IFDIR...

3.3CVSS5.9AI score0.00014EPSS
Exploits0References1
CVE
CVEadded 2026/05/12 7:19 p.m.7 views

CVE-2026-44873

The CVE-2026-44873 entry describes a session-management vulnerability in the AOS-8 Operating System. Affected software: AOS-8. Vulnerable condition: existing authenticated sessions are not invalidated when credentials are revoked or accounts are administratively disabled, allowing continued netwo...

5.4CVSS5.7AI score0.00035EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/05/12 7:19 p.m.14 views

CVE-2026-44874

The CVE 2026-44874 affects the web-based management interface of an AOS-10 Gateway. It enables an authenticated remote attacker to access sensitive files on the underlying operating system, leading to disclosure of confidential information and potentially enabling further attacks on the affected ...

4.9CVSS5.8AI score0.00043EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/12 7:18 p.m.6 views

CVE-2026-44872 Authenticated Arbitrary File Upload via Command Injection in AOS-8 AND AOS-10 Web-Based Management Interface

A command injection vulnerability exists in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to place arbitrary files on the underlying filesystem of the affected device...

7.2CVSS6AI score0.00306EPSS
Exploits0References1
Chainguard
Chainguardadded 2026/05/12 7:18 p.m.3 views

GHSA-G36M-9G3M-2VMP vulnerabilities

Vulnerabilities for packages: wildfly...

5.8AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2026/05/12 7:15 p.m.6 views

CVE-2026-44869 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS6.1AI score0.00193EPSS
Exploits0References1
CVE
CVEadded 2026/05/12 7:15 p.m.10 views

CVE-2026-44868

CVE-2026-44868 affects the web-based management interfaces of AOS-8 and AOS-10. Description: authenticated remote command injection could allow execution of arbitrary OS commands. CVSS v3.1 base score 7.2 (HIGH) with network attack vector, low access complexity, and privileges required as HIGH. I...

8.8CVSS6.1AI score0.00193EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/05/12 7:15 p.m.30 views

CVE-2026-44868 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS0.00193EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 7:13 p.m.5 views

CVE-2026-44867

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS6.1AI score0.00193EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder