CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Redos•added 2026/06/09 12:0 a.m.•6 views

ROS-20260609-73-0022

The vulnerability of the Telemetry component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

9.6CVSS5.4AI score0.0043EPSS

Exploits0

Redos•added 2026/06/05 12:0 a.m.•5 views

ROS-20260605-73-0051

9.6CVSS5.4AI score0.0043EPSS

Exploits0

Snyk•added 2026/05/18 1:26 p.m.•6 views

Insertion of Sensitive Information Into Sent Data

Overview n8n-mcp is an Integration between n8n workflow automation and Model Context Protocol MCP Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the telemetry sanitization process in event-validator.ts. An operator with access to the...

6.5CVSS5.7AI score0.00262EPSS

Exploits0References2

IBM Security Bulletins•added 2026/04/08 1:7 a.m.•5 views

Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access OIDC Provider

Summary Security vulnerabilities have been addressed in IBM Verify Identity Access OIDC Provider Vulnerability Details CVEID:CVE-2026-24051 DESCRIPTION: OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking...

7CVSS7.2AI score0.00157EPSS

Exploits0Affected Software1

OSV•added 2026/04/02 4:48 p.m.•12 views

MGASA-2026-0081 Updated thunderbird packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Spoofing issue in Thunderbird. CVE-2026-3889 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in...

10CVSS6.5AI score0.01279EPSS

Exploits1References4

Positive Technologies•added 2026/03/13 12:0 a.m.•6 views

PT-2026-25388

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized dev name len, causing a stack overflow in the driver and crashing the task o...

6.8CVSS5.9AI score0.00267EPSS

Exploits1References6

OSV•added 2025/10/21 8:25 p.m.•3 views

GHSA-QQJ3-G7MX-5P4W NeuVector telemetry sender is vulnerable to MITM and DoS

Impact This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server at https://upgrades.neuvector-upgrade-responder.livestock.rancher.io. In affected...

8.6CVSS6.6AI score0.00167EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-39356

Malicious code in bioql PyPI...

7.8CVSS8.1AI score0.00513EPSS

Exploits0References1

BDU FSTEC•added 2025/03/12 12:0 a.m.•5 views

The vulnerability of the Telemetry component of TP-Link Tapo P125M and Kasa KP125M software devices allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Telemetry component in the microprogramming software of TP-Link Tapo P125M and Kasa KP125M lies in the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the protected...

5CVSS5.5AI score0.00181EPSS

Exploits0References5

OSV•added 2023/07/11 6:15 p.m.•3 views

CVE-2023-35320

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability...

7.8CVSS7.3AI score0.00459EPSS

Exploits0References1