CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12546 matches found

EUVD•added 2026/05/26 12:57 p.m.•11 views

EUVD-2026-31822

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS5.8AI score0.02607EPSS

Exploits0References1

CNNVD•added 2026/05/26 12:0 a.m.•6 views

IBM Watsonx.data 安全漏洞

IBM Watsonx.data is an open data lake platform developed by IBM. There are security vulnerabilities in the version 2.2 to 2.3.1 of IBM Watsonx.data. These vulnerabilities stem from improper restrictions on inbound and outbound connections, allowing attackers to transfer or modify files without...

5.4CVSS5.8AI score0.00166EPSS

Exploits0References1

Positive Technologies•added 2026/05/26 12:0 a.m.•12 views

PT-2026-43239

Name of the Vulnerable Software and Affected Versions Check Point affected versions not specified Description A Check Point HTTP-based service incorrectly handles malformed HTTP requests due to issues in HTTP request parsing and validation. Recommendations At the moment, there is no information...

5.3CVSS5.8AI score0.02607EPSS

Exploits0References3

Amazon•added 2026/05/26 12:0 a.m.•13 views

Important: containerd

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00577EPSS

Exploits0

OSV•added 2026/05/25 11:10 p.m.•5 views

MAL-2026-4496 Malicious code in bandkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 687dcebaf30461a2325de226851b84abfb6db6359a12c9392ece9c5ff02a620d bandkit ships a React component BandPanel that, when rendered without an explicit strategyWalletAddress prop — the configuration shown in the package...

5.3AI score

Exploits0References6

Positive Technologies•added 2026/05/25 12:0 a.m.•14 views

PT-2026-42998

A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

7.5CVSS6.3AI score0.00309EPSS

Exploits0References6

Oracle linux•added 2026/05/25 12:0 a.m.•20 views

Unbreakable Enterprise kernel security update: Fragnesia

5.4.17-2136.355.3.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420568 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420568...

7.8CVSS6AI score0.01582EPSS

Exploits8

Oracle linux•added 2026/05/25 12:0 a.m.•12 views

Unbreakable Enterprise kernel security update: Fragnesia

6.12.0-202.76.4.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420559 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420559...

7.8CVSS6AI score0.01582EPSS

Exploits8

Tenable Nessus•added 2026/05/25 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43503

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the...

8.8CVSS5AI score0.00153EPSS

Exploits0References3

OSSF Malicious Packages•added 2026/05/24 3:52 p.m.•8 views

Malicious code in power-platform-playwright-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57967d58233d74f2fc4f9b0dee7c050370eb388050df8d63f29e719f83468d73 On npm install, the package's postinstall script postinstall.js collects host identifiers and CI context — whoami, os.hostname, os.platform, cwd, CI,...

5.8AI score

Exploits0References2

OSV•added 2026/05/23 5:41 p.m.•4 views

MAL-2026-4637 Malicious code in pewter-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9f898fe8ed95b1d549bfff91d7c0dda0f75ada1c32a58af144940cf28b23c5 On npm install, a preinstall hook in callback.js collects os.hostname, os.userInfo.username, process.cwd, the configured npm registry...

5.8AI score

Exploits0References1

NVD•added 2026/05/23 12:17 p.m.•18 views

CVE-2026-46300

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skbtrycoalesce can attach paged frags from @from to @to. If @from has SKBFLSHAREDFRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backe...

7.8CVSS0.01582EPSS

Exploits8References12

UbuntuCve•added 2026/05/23 12:17 p.m.•6 views

CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

8.8CVSS5.7AI score0.00153EPSS

Exploits0References10

OSV•added 2026/05/23 12:17 p.m.•2 views

UBUNTU-CVE-2026-43503

8.8CVSS5.7AI score0.00153EPSS

Exploits0References20

EUVD•added 2026/05/23 11:44 a.m.•8 views

EUVD-2026-31535

6AI score0.01582EPSS

Exploits8References7

CVE•added 2026/05/23 11:44 a.m.•254 views

CVE-2026-46300

The CVE-2026-46300 issue affects the Linux kernel's net: skbuff code: skb_try_coalesce() can transfer paged frags from one skb to another while losing the SKBFL_SHARED_FRAG marker, breaking the invariant relied on by ESP decryption logic. This can allow an in-place decrypt path to operate on page...

7.8CVSS6AI score0.01582EPSS

Exploits8References12Affected Software1