CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

241 matches found

OSV•added 2026/05/11 5:44 a.m.•5 views

BIT-GOLANG-2026-42501 Malicious module proxy can bypass checksum database in cmd/go

A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy GOMODPROXY or checksum database GOSUMDB. A malicious module proxy can serve altered versions o...

7.5CVSS5.8AI score0.00008EPSS

Exploits0References5

SUSE CVE•added 2026/05/09 2:42 a.m.•8 views

SUSE CVE-2026-42501

7.5CVSS5.8AI score0.00008EPSS

Exploits0References3

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в tidy-html5

A vulnerability in HTACG HTML Tidy v5.7.28 allows attackers to execute arbitrary code through the -g option of the CleanNode function in gdoc.c...

9.8CVSS7.7AI score0.0043EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: exec: Do not issue warnings for the racy pathnoexec check Both the imode and noexec checks, wrapped within WARNON, originate from an artifact of the previous implementation. They were originally used to properly check the...

4.7CVSS6.6AI score0.00011EPSS

Exploits0References2

CNNVD•added 2026/04/24 12:0 a.m.•4 views

CodeChecker 安全漏洞

CodeChecker is an open-source analysis tool developed by Ericsson, which includes Clang Static Analyzer and Clang Tidy. It also provides a database of defects and extensions for viewers. Versions of CodeChecker prior to 6.27.3 contained security vulnerabilities. These vulnerabilities stemmed from...

10CVSS5.9AI score0.00028EPSS

Exploits0References1

Positive Technologies•added 2026/04/24 12:0 a.m.•2 views

PT-2026-34878

Name of the Vulnerable Software and Affected Versions CodeChecker versions prior to 6.27.4 Description An authentication bypass exists in CodeChecker, an analyzer tooling, defect database, and viewer extension for the Clang Static Analyzer and Clang Tidy. The issue occurs when the URL ends with...

10CVSS5.8AI score0.00028EPSS

Exploits0References5

OSV•added 2026/03/05 2:28 p.m.•0 views

SUSE-SU-2026:20685-1 Security update for helm

This update for helm fixes the following issues: - Update to version 3.19.1: CVE-2025-47911: golang.org/x/net/html: Fixed various algorithms with quadratic complexity when parsing HTML documents bsc1251442 CVE-2025-58190: golang.org/x/net/html: Fixed xcessive memory consumption by...

5.3CVSS5.8AI score0.00017EPSS

Exploits1References5

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 8 : llvm-toolset:rhel8 (AXSA:2022-2984:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2984:01 advisory. Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced ...

8.3CVSS5.6AI score0.24988EPSS

Exploits4References2

OSV•added 2026/01/09 12:15 a.m.•0 views

CVE-2026-22712

Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...

4.3CVSS5.8AI score

Exploits0References2

CVE•added 2026/01/09 12:6 a.m.•6 views

CVE-2026-22712

The CVE-2026-22712 issue affects the MediaWiki extension ApprovedRevs. A flaw in ParserAfterTidy causes improper encoding/escaping of output due to magic word replacement, enabling input data manipulation. Affected versions are 1.39 through 1.45. The reported impact is limited to data handling vi...

4.3CVSS6.5AI score0.00018EPSS

Exploits1References2Affected Software1

Cvelist•added 2026/01/09 12:6 a.m.•21 views

CVE-2026-22712 ApprovedRevs allows bypassing the inline CSS sanitizer

2.3CVSS0.00018EPSS

Exploits1References2

Vulnrichment•added 2026/01/09 12:6 a.m.•3 views

CVE-2026-22712 ApprovedRevs allows bypassing the inline CSS sanitizer

2.3CVSS6.5AI score0.00018EPSS

Exploits1References2

RedhatCVE•added 2026/01/07 9:18 a.m.•14 views

CVE-2025-1300

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassin...

7.4CVSS6.9AI score0.01395EPSS

Exploits0References1