CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Filippo.io•added 2026/04/20 3:21 p.m.•5 views

Quantum Computers Are Not a Threat to 128-bit Symmetric Keys

The advancing threat of cryptographically-relevant quantum computers has made it urgent to replace currently-deployed asymmetric cryptography primitives—key exchange ECDH and digital signatures RSA, ECDSA, EdDSA—which are vulnerable to Shor’s quantum algorithm. It does not, however, impact existi...

6AI score

Packet Storm News•added 2026/04/07 12:0 a.m.•1 views

Stop Fixating on Prompts: Reasoning Hijacking and Constraint Tightening for Red-Teaming LLM Agents

With the widespread application of LLM-based agents across various domains, their complexity has introduced new security threats. Existing red-team methods mostly rely on modifying user prompts, which lack adaptability to new data and may impact the agent's performance. To address the challenge,...

5.8AI score

Cvelist•added 2026/03/25 7:38 a.m.•20 views

CVE-2026-32326

SHARP routers do not perform authentication for some web APIs. The device information may be retrieved without authentication. If the administrative password of the device is left as the initial one, the device may be taken over...

6.9CVSS0.00018EPSS

Exploits0References2

Tenable Nessus•added 2026/03/02 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005572 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream before comparing them WHAT & HOW amdgpudm can pass a null stream to...

5.5CVSS6.8AI score0.0001EPSS

RedhatCVE•added 2025/12/19 9:14 p.m.•3 views

CVE-2025-62000

BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other...

7.1CVSS6.7AI score0.00007EPSS

Exploits0References1

NVD•added 2025/12/16 7:15 p.m.•4 views

CVE-2025-14553

Exposure of password hashes through an unauthenticated API response in TP-Link Tapo app on iOS and Android for Tapo cameras, allowing attackers to brute force the password in the local network. Issue can be mitigated through mobile application updates. Device firmware remains unchanged...

7CVSS0.00023EPSS

Cvelist•added 2025/12/16 6:38 p.m.•26 views

CVE-2025-14553 Password Hash Leak Could Lead to Unauthorized Access on Tapo App via Local Network

7CVSS0.00023EPSS

SUSE CVE•added 2025/11/13 12:24 a.m.•1 views

SUSE CVE-2025-40126

In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respectiv...

6.5AI score0.00089EPSS

EUVD•added 2025/11/12 4:37 a.m.•2 views

EUVD-2025-120008

Malicious code in unchangedplanariansapphire-50 npm...

OSSF Malicious Packages•added 2025/11/12 3:4 a.m.•2 views

Malicious code in unchanged-tomato-parakeet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d7c3df03d5d11071ece7f3d6a02d6d287db936e19a518d6b13433fcfd3df1d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 3:4 a.m.•1 views

EUVD-2025-117016

Malicious code in unchanged-tomato-parakeet npm...

Positive Technologies•added 2025/11/12 12:0 a.m.•2 views

PT-2025-46588

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue was identified in the Linux kernel related to exception handling within the copy from user and copy to user functions on the Niagara architecture. The problem stemmed from...

7.2AI score0.00066EPSS

OSSF Malicious Packages•added 2025/11/11 8:46 p.m.•4 views

Malicious code in unchanged_tarantula_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faca7deb97c8d301f65d024b1d173b79d71ca158826c2a01fb03f02ba79e03a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/11 8:46 p.m.•3 views

EUVD-2025-101263

Malicious code in unchangedtarantulaz3n npm...

OSSF Malicious Packages•added 2025/11/11 3:19 p.m.•2 views

Malicious code in unchanged_salmon_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a3df351130e78eb9275d680457521fbf7ec652d7baa6535e2750730a55f5333 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/11 7:47 a.m.•2 views

Malicious code in unchanged_herring_lavender-54 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c82c7901f2ede1f8036fd33fea813cb9ec7abf0a4b790285d45efaa9f078bdd6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/11 7:47 a.m.•2 views

EUVD-2025-74133

Malicious code in unchangedtiglonemerald-79 npm...

EUVD•added 2025/11/11 7:44 a.m.•1 views

EUVD-2025-75368

Malicious code in unchangedfly-notthedevs npm...