CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added yesterday•6 views

CVE-2026-2379

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulti...

8.2CVSS

CVE•added yesterday•11 views

CVE-2026-45748

Termix includes a vulnerability in its POST /ssh/tunnel/connect endpoint prior to version 2.3.2. The handler builds an SSH tunnel command by directly interpolating user-controlled fields (endpointIP, endpointUsername, password) into a shell command without escaping, enabling persistent OS command...

Cvelist•added yesterday•20 views

CVE-2026-45748 Termix Vulnerable to Remote Code Execution via SSH Tunnel Forward Command Injection

9.8CVSS

EUVD•added yesterday•6 views

EUVD-2026-34876

ATTACKERKB•added yesterday•5 views

CVE-2026-45748

Exploits0References3Affected Software1

Cvelist•added yesterday•19 views

CVE-2026-2379 Arista EOS IPsec Tunnel Sequence Number Mismatch via Interface Flaps when Anti-Replay is Disabled

8.2CVSS

EUVD•added yesterday•5 views

EUVD-2026-34875

ATTACKERKB•added yesterday•5 views

CVE-2026-2379

Exploits0References2Affected Software1

CVE•added yesterday•15 views

CVE-2026-2379

The CVE-2026-2379 issue affects Arista EOS on hardware IPSec platforms where anti-replay is disabled. When IPsec is enabled, specific events (physical interface flaps or certain agent restarts) can trigger IPsec tunnel re-establishment using existing SAs, causing sequence number mismatches betwee...

NVD•added yesterday•6 views

CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

6.9CVSS

ATTACKERKB•added yesterday•3 views

CVE-2026-7473

Exploits0References2Affected Software1

CVE•added yesterday•12 views

CVE-2026-7473

CVE-2026-7473 affects Arista EOS tunnel decapsulation: VXLAN, GRE, IP-in-IP, GUE, and decap-groups can cause decapsulation of non-configured tunnel traffic when the destination IP matches the configured decap IP. Root cause: the switch does not verify the tunnel protocol type, enabling unintended...

In wildExploits0References1

Cvelist•added yesterday•28 views

CVE-2026-7473 Arista EOS Unexpected Tunnel Protocol Decapsulation and Forwarding Bypass

6.9CVSS

EUVD•added yesterday•5 views

EUVD-2026-34858

EUVD•added yesterday•5 views

EUVD-2026-34332

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start6rdtunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv66rdborderrelay leads to os command injection. It is possible to launch the attack remotely. The...

8.6CVSS6.7AI score0.00129EPSS

Exploits0References7

Positive Technologies•added yesterday•7 views

PT-2026-46983

Positive Technologies•added yesterday•5 views

PT-2026-47015

Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description On platforms with hardware IPSec support and specific IPsec features enabled, the system may exhibit unexpected behavior. Physical interface flaps and certain agent restarts can trigger...

VulnCheck KEV•added yesterday•4 views

Exploits0References4

VulnCheck KEV: CVE-2026-7473

In wildExploits0References2

Positive Technologies•added yesterday•5 views

PT-2026-47020

Name of the Vulnerable Software and Affected Versions Termix versions prior to 2.3.2 Description Termix is a web-based server management platform providing SSH terminal, tunneling, and file editing capabilities. The 'POST /ssh/tunnel/connect' endpoint allows persistent OS command injection on the...