CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

216 matches found

EUVD-2026-34043

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

4.6CVSS5.8AI score0.00013EPSS

Exploits0References3

NVD•added 2 days ago•3 views

CVE-2026-10718

4.6CVSS0.00013EPSS

Exploits0References2

ATTACKERKB•added 2 days ago•4 views

CVE-2026-10718

4.6CVSS5.8AI score0.00013EPSS

Exploits0References3

Vulnrichment•added 2 days ago•2 views

CVE-2026-10718 Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability

4.6CVSS5.8AI score0.00013EPSS

Exploits0References2

CVE•added 2 days ago•8 views

CVE-2026-10718

CVE-2026-10718 affects Seagate’s openSeaChest (v26.03.0) and is triggered by the Trim/Unmap operation. The root cause is an out-of-bounds write that allows writing extra memory describing a range of LBAs to deallocate, extending 16 bytes outside the allocated space across all supported platforms....

4.6CVSS5.8AI score0.00013EPSS

Exploits0References2

Cvelist•added 2 days ago•22 views

CVE-2026-10718 Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability

4.6CVSS0.00013EPSS

Exploits0References2

NVD•added 2 days ago•8 views

CVE-2026-10514

A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit...

4.8CVSS0.00042EPSS

Exploits0References9

Positive Technologies•added 2 days ago•7 views

PT-2026-45871

Name of the Vulnerable Software and Affected Versions openSeaChest version 26.03.0 Description An out of bounds write occurs during the Trim/Unmap operation in openSeaChest. This issue allows for writing 16 bytes of extra memory outside of the allocated space when describing a range of Logical...

4.6CVSS5.8AI score0.00013EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed null-ptr-deref in jfsioctrim Syzkaller Report Oops: General Protection Fault, likely for non-canonical addresses 0xdffffc0000000087: 0000 1 KASAN: null-ptr-deref in range 0x0000000000000438-0x000000000000043f CPU: 2...

5.5CVSS6.4AI score0.0007EPSS

Exploits0References2

OSV•added 2026/05/19 8:53 a.m.•4 views

BIT-MONGODB-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators

Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...

6.5CVSS5.8AI score0.0004EPSS

Exploits0References2

Tenable Nessus•added 2026/05/14 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-8202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with...

6.5CVSS5.8AI score0.0004EPSS

Exploits0References2

EUVD•added 2026/05/13 6:30 p.m.•4 views

EUVD-2026-29894

5.3CVSS5.8AI score0.0004EPSS

Exploits0References2

NVD•added 2026/05/13 4:17 a.m.•4 views

CVE-2026-8202

6.5CVSS0.0004EPSS

Exploits0References1

Cvelist•added 2026/05/13 12:19 a.m.•31 views

CVE-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators

5.3CVSS0.0004EPSS

Exploits0References1

ATTACKERKB•added 2026/05/13 12:19 a.m.•3 views

CVE-2026-8202

5.3CVSS5.8AI score0.0004EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/13 12:19 a.m.•3 views

CVE-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators

5.3CVSS5.8AI score0.0004EPSS

Exploits0References1

CVE•added 2026/05/13 12:19 a.m.•34 views

CVE-2026-8202

CVE-2026-8202 affects MongoDB Server prior to certain fixed versions: v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. The issue is a post-authentication CPU DoS caused by using a densely populated characters mask with large input strings in the MongoDB aggregatio...

6.5CVSS5.8AI score0.0004EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/05/13 12:0 a.m.•5 views

PT-2026-40552

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.34 MongoDB Server versions prior to 8.0.23 MongoDB Server versions prior to 8.2.9 MongoDB Server versions prior to 8.3.2 Description An authenticated user with aggregation permissions can cause CPU...

6.5CVSS5.8AI score0.0004EPSS

Exploits0References4

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

7.8CVSS6.7AI score0.00018EPSS

Exploits1References2

Tenable Nessus•added 2026/04/21 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013322 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in tcpbpfsendmsg while sk msg is full If tcpbpfsendmsg is running while...

5.5CVSS6.3AI score0.00009EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by