CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/06/16 10:32 a.m.•6 views

EUVD-2026-37064

4.8CVSS5.6AI score0.0014EPSS

Cvelist•added 2026/06/16 10:32 a.m.•27 views

CVE-2026-8484 Heap buffer overflow in Jansi

4.8CVSS0.0014EPSS

CVE•added 2026/06/16 10:32 a.m.•15 views

CVE-2026-8484

The CVE-2026-8484 entry describes a heap buffer overflow in the Jansi JNI"ioctl()" wrapper caused by missing size verification of the argument array before the system call. Affected software is Jansi (JNI wrapper) and, per sources, all versions are believed vulnerable. Consequences stated are hea...

4.8CVSS5.7AI score0.0014EPSS

NVD•added 2026/06/15 12:16 p.m.•6 views

CVE-2026-5482

Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14...

9.3CVSS0.00445EPSS

CVE•added 2026/06/08 11:45 a.m.•20 views

CVE-2026-11511

The CVE-2026-11511 affects Bolt CMS up to version 3.7.5, specifically a weakness in the file src/Storage/Field/Type/TextType.php within the HTML Attribute Handler. The issue enables remote HTML injection when an attacker manipulates the argument style. It is exploitable remotely and an exploit ha...

5.1CVSS5.3AI score0.00191EPSS

Exploits0References4

Positive Technologies•added 2026/06/08 12:0 a.m.•9 views

PT-2026-47278

Name of the Vulnerable Software and Affected Versions Bolt CMS versions prior to 3.7.6 Description An issue exists in the HTML Attribute Handler component within the file src/Storage/Field/Type/TextType.php. A remote attacker can perform HTML injection by manipulating the style argument. This...

5.1CVSS5.5AI score0.00191EPSS

Exploits0References6

RustSec•added 2026/06/07 12:0 p.m.•20 views

proc-macro-error2 is unmaintained

The author of proc-macro-error2 has confirmed that the crate is no longer maintained and recommends that users migrate away from it. proc-macro-error2 was originally created as a maintained fork of proc-macro-error see RUSTSEC-2024-0370. Both the original crate and this fork are now unmaintained...

5.5AI score

OSV•added 2026/06/07 12:0 p.m.•39 views

RUSTSEC-2026-0173 proc-macro-error2 is unmaintained

5.5AI score

RedhatCVE•added 2026/06/05 7:49 p.m.•7 views

CVE-2026-41873

UNSUPPORTED WHEN ASSIGNED Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Pony Mail leading to admin account takeover. This issue affects all versions of the Lua implementation of Pony Mail. There is a Python implementation under development under t...

9.8CVSS5.4AI score0.00444EPSS

Exploits0References1

OSV•added 2026/06/04 12:0 p.m.•7 views

RUSTSEC-2026-0169 surf is unmaintained

The surf crate is unmaintained, and all versions are affected. For alternatives, consider using reqwest or ureq. See this issue for more context...

OSV•added 2026/06/04 12:0 p.m.•8 views

RUSTSEC-2026-0167 `pqcrypto-classicmceliece` is unmaintained: upstream PQClean project being archived

This crate provides Rust bindings to the Classic McEliece key encapsulation mechanism via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream...

OSV•added 2026/06/04 12:0 p.m.•7 views

RUSTSEC-2026-0162 `pqcrypto-traits` is unmaintained: upstream PQClean project being archived

This crate provides shared trait definitions for the pqcrypto- ecosystem, which wraps C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604. As a result, this crate and the broader pqcrypto- ecosystem will no longer receive updates. Use...

OSV•added 2026/06/04 12:0 p.m.•10 views

RUSTSEC-2026-0166 `pqcrypto-mldsa` is unmaintained: upstream PQClean project being archived

This crate provides Rust bindings to ML-DSA FIPS 204 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...

RustSec•added 2026/06/04 12:0 p.m.•8 views

surf is unmaintained

The surf crate is unmaintained, and all versions are affected. For alternatives, consider using reqwest or ureq. See this issue for more context...

RustSec•added 2026/06/04 12:0 p.m.•12 views

`pqcrypto-mldsa` is unmaintained: upstream PQClean project being archived

RustSec•added 2026/06/04 12:0 p.m.•8 views

tide is unmaintained

The tide crate is unmaintained, and all versions are affected. The closest maintained alternative might be trillium. See this issue for more context...

RustSec•added 2026/06/04 12:0 p.m.•10 views

`pqcrypto-mlkem` is unmaintained: upstream PQClean project being archived

This crate provides Rust bindings to ML-KEM FIPS 203 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...

RustSec•added 2026/06/04 12:0 p.m.•8 views

`pqcrypto-traits` is unmaintained: upstream PQClean project being archived

OSV•added 2026/06/04 12:0 p.m.•7 views

RUSTSEC-2026-0164 `pqcrypto` is unmaintained: upstream PQClean project being archived

The pqcrypto crate and the entire pqcrypto- ecosystem wrap C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches, algorithm updates, or bug fixes will be applied to the upstream implementations. ...