CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/27 12:0 a.m.•11 views

PT-2026-43816

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and work struct to fix race condition Currently, hwrng fill is not cleared until the hwrng fillfn thread exits. Since hwrng unregister reads hwrng fill outside the rng mutex lock, a concurrent hwrng unregist...

5.8AI score0.00023EPSS

Exploits0References5

CNNVD•added 2026/05/27 12:0 a.m.•4 views

UFO³ 数据伪造问题漏洞

UFO³ is an open-source cross-device collaboration multi-agent task orchestration tool developed by Microsoft. Version UFO³ 3.0.1-4-ge2626659 contains a data manipulation vulnerability. This vulnerability arises from the fact that task responses are tracked using only the sessionid without verifyi...

5.9CVSS5.7AI score0.00027EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•8 views

PT-2026-44119

Name of the Vulnerable Software and Affected Versions Microsoft UFO version 3.0.1-4-ge2626659 Description The WebSocket control plane trusts client-supplied identity and role fields in task messages. An authenticated WebSocket client with a shared server token can register as a normal device and...

8.8CVSS5.8AI score0.00049EPSS

Exploits0References3

NVD•added 2026/05/26 5:16 p.m.•15 views

CVE-2026-48900

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

6.4CVSS0.00001EPSS

NVD•added 2026/05/26 5:16 p.m.•9 views

CVE-2026-48899

An improper access check allows privilege escalation through the comusers batch task...

9.8CVSS0.00002EPSS

CVE•added 2026/05/26 4:44 p.m.•15 views

CVE-2026-48899

The CVE-2026-48899 entry concerns Joomla! Core and related sample-data plugins where an improper access check allows privilege escalation via the com_users batch task. The affected surface is core components handling sample data and batch tasks; root cause is insufficient authorization checks ena...

Exploits0References1Affected Software1

Cvelist•added 2026/05/26 4:44 p.m.•33 views

CVE-2026-48899 Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins

An improper access check allows privilege escalation through the comusers batch task...

5.3CVSS0.00002EPSS

EUVD•added 2026/05/26 4:44 p.m.•9 views

EUVD-2026-31880

An improper access check allows privilege escalation through the comusers batch task...

ATTACKERKB•added 2026/05/26 4:44 p.m.•5 views

CVE-2026-48899

An improper access check allows privilege escalation through the comusers batch task...

5.3CVSS5.8AI score0.00002EPSS

Exploits0References2Affected Software1

EUVD•added 2026/05/26 4:43 p.m.•8 views

EUVD-2026-31879

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

ATTACKERKB•added 2026/05/26 4:43 p.m.•6 views

CVE-2026-48900

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/26 4:43 p.m.•8 views

CVE-2026-48900 Joomla! Core - [20260516] - Incorrect Access Control in com_scheduler

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

Cvelist•added 2026/05/26 4:43 p.m.•33 views

CVE-2026-48900 Joomla! Core - [20260516] - Incorrect Access Control in com_scheduler

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

6.4CVSS0.00001EPSS

CVE•added 2026/05/26 4:43 p.m.•10 views

CVE-2026-48900

CVE-2026-48900 affects Joomla! Core (com_scheduler). An improper access check allows low-privileged users to edit the task types of existing scheduler tasks, indicating a privilege-escalation in the scheduler component. The CVE details indicate a CVSS v4 score of 6.4 (MEDIUM) with network attack ...

Exploits0References1Affected Software1

Vulnrichment•added 2026/05/26 4:42 p.m.•4 views

CVE-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task

An improper access check allows privilege escalation through the comusers batch task...

8.2CVSS5.8AI score0.00002EPSS

EUVD•added 2026/05/26 4:42 p.m.•9 views

EUVD-2026-31873

An improper access check allows privilege escalation through the comusers batch task...

ATTACKERKB•added 2026/05/26 4:42 p.m.•4 views

CVE-2026-48898

An improper access check allows privilege escalation through the comusers batch task...

8.2CVSS5.8AI score0.00002EPSS

Exploits0References2Affected Software1

CVE•added 2026/05/26 4:42 p.m.•18 views

CVE-2026-48898

CVE-2026-48898 affects Joomla! Core via the com_users batch task. The root cause is an improper access check, enabling privilege escalation. Impact is described as high/critical in the provided metrics, with high confidentiality, integrity, and availability implications. The connected sources con...

Exploits0References1Affected Software1

CNNVD•added 2026/05/26 12:0 a.m.•8 views

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. As a result, users with low privileges can edit the task types of existing scheduling programs...