CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added yesterday•6 views

CVE-2026-49440

Summary: CVE-2026-49440 affects Deno’s crypto.primality tests when using default options (checks=0) for checkPrime/checkPrimeSync, causing some composites to be reported as prime due to zero Miller-Rabin rounds. This occurs in the node:crypto path and related op_node_check_prime implementations; ...

7.4CVSS5.8AI score0.00017EPSS

Nuclei•added yesterday•10 views

BrightSign Digital Signage 8.2.26 - Server-Side Request Forgery

Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the BrightSign digital signage media player affecting the Diagnostic Web Server DWS. The application parses user supplied data in the 'url' GET parameter to construct a diagnostics request to the Download Speed Test service...

6.9CVSS5.9AI score0.0083EPSS

Exploits0References3

Nuclei•added 2 days ago•6 views

LiteLLM - Command Injection

A critical unauthenticated remote code execution vulnerability exists in LiteLLM due to improper input handling in the MCP stdio test endpoint. An attacker can send a specially crafted request to the /mcp-rest/test/connection endpoint with controlled parameters, resulting in arbitrary command...

8.8CVSS7AI score0.74993EPSS

Exploits3References4

NVD•added 3 days ago•10 views

CVE-2026-12787

A vulnerability was found in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This affects an unknown part of the component testConnection Endpoint. The manipulation of the argument jdbcUrl results in deserialization. The attack may be performed from remote. The exploit has...

6.5CVSS0.00242EPSS

Exploits0References5

EUVD•added 3 days ago•8 views

EUVD-2026-38151

6.5CVSS6AI score0.00242EPSS

Exploits0References5

NVD•added 4 days ago•9 views

CVE-2026-56342

AVideo through version 27.0 contains a server-side request forgery vulnerability in plugin/Live/test.php that allows authenticated administrators to read arbitrary URLs via the statsURL parameter, which lacks isSSRFSafeURL validation and accepts requests to private IP ranges and cloud metadata...

6.8CVSS0.00236EPSS

CVE•added 4 days ago•14 views

CVE-2026-56342

AVideo

6.8CVSS6AI score0.00236EPSS

Cvelist•added 4 days ago•13 views

CVE-2026-56342 AVideo - Server-Side Request Forgery in Live/test.php via statsURL Parameter

6.8CVSS0.00236EPSS

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-test: Add a NULL check for DMA channels before releasing them. The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after EPF initialization. Therefore, it is prudent to check that...

5.6AI score0.00178EPSS

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fixed the error of dividing by zero when the “wsum” is zero. When the weighted sum is zero, calculating the limit causes a division by zero error. This issue has been fixed by proceeding to the next level of processin...

5.6AI score0.00166EPSS

5.5CVSS5.5AI score0.0019EPSS

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: The incorrect check in updateparentsubpartscpumask has been fixed. It was discovered that the check to determine whether a partition can use all the CPUs from the parent cpuset in updateparentsubpartscpumask was...

AstraLinux•added 5 days ago•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the fraglist used for reassembly is not shared with other packets. This prevents incorrect reassembly when packets are cloned, and avoids a memory leak caused by circular...

5.5CVSS6AI score0.00162EPSS

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c / IRQs 2, 3, 5, 6, 7, 10, 11, 15 are valid for “enhanced” mode / if 1 options1 & 0x8cec However, it-optionsi is ...

7.1CVSS6AI score0.00153EPSS

AstraLinux•added 5 days ago•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: fixed a memory leak in bnxtnvmtest Free the kzalloc’ed buffer before returning on the success path...

5.3AI score0.00189EPSS

AstraLinux•added 5 days ago•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fixed an out-of-bounds read in cifssanitizeprepath. When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., /, the current logic attempts to check cursor2 - 1 before...

8.8CVSS6.1AI score0.00302EPSS

7.1CVSS6.1AI score0.0026EPSS

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ath9khtc: fixed potential out-of-bounds access due to an invalid rxstatus-rskeyix parameter. The rxstatus-rskeyix parameter is eventually passed to testbit, so we need to ensure that it is within the allowed range of the bitmap...

7.8CVSS5.2AI score0.00182EPSS

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: A overflow issue was identified in IOMMUTESTOPADDRESERVED. syzkaller discovered that this could lead to an overflow in the test infrastructure and cause a WARN message by corrupting the reserved interval tree...

AstraLinux•added 5 days ago•2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Added a NULL check in BE reparenting. A NULL check was also added to the dpcmbereparent API, to handle kernel NULL pointer dereferencing errors. This issue occurred during fuzzing tests...

5.5CVSS5.5AI score0.00235EPSS

7.8CVSS6.2AI score0.00273EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: Fixed the skmemuncharge logic in tcpbpfsendmsg. The current sk memory accounting logic in SKREDIRECT involves pre-charging bytes to be sent, where the value is either msg-sg.size or a smaller value, applybytes. Potential...