Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13124 matches found

Snyk
Snykadded 2026/02/10 10:0 p.m.1 views

Malicious Package

Overview graphsync is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.5AI score
Exploits0References2
NVD
NVDadded 2026/02/10 7:15 p.m.3 views

CVE-2026-1850

Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...

7.5CVSS0.00077EPSS
Exploits0References1
OSV
OSVadded 2026/02/10 7:15 p.m.3 views

CVE-2026-1850

Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...

7.5CVSS5.9AI score
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/02/10 7:15 p.m.2 views

CVE-2026-1850

Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...

7.5CVSS5.8AI score0.00077EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/02/10 6:49 p.m.3 views

CVE-2026-1850

Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...

7.1CVSS5.4AI score0.00077EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploitadded 2026/02/10 6:17 p.m.137 views

Exploit for CVE-2025-69871

Ethan Public Disclosures Security vulnerability disclosures a...

5.6AI score0.00121EPSS
Exploits2
RedHat Linux
RedHat Linuxadded 2026/02/10 5:54 p.m.2 views

tornado: Tornado Quadratic DoS via Crafted Multipart Parameters

A denial of service flaw has been discovered in the Tornado networking library. Affected versions of Tornado us an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values,...

7.5CVSS5.8AI score0.00036EPSS
Exploits0References7
Snyk
Snykadded 2026/02/10 4:34 p.m.3 views

Malicious Package

Overview @snazah/davey is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snykadded 2026/02/10 4:15 p.m.3 views

Malicious Package

Overview express-configer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snykadded 2026/02/10 3:56 p.m.2 views

Malicious Package

Overview chai-as-approved is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/02/10 1:23 p.m.3 views

CVE-2026-25905

The Python code being run by 'runPython' or 'runPythonAsync' is not isolated from the rest of the JS code, allowing any Python code to use the Pyodide APIs to modify the JS environment. This may result in an attacker hijacking the MCP server - for malicious purposes including MCP tool shadowing...

5.8CVSS5.6AI score0.00013EPSS
Exploits0References1
Fedora
Fedoraadded 2026/02/10 1:34 a.m.5 views

[SECURITY] Fedora 43 Update: rust-dua-cli-2.32.2-3.fc43

A tool to conveniently learn about the disk usage of directories, fast!...

7.5CVSS5.5AI score0.00042EPSS
Exploits1
SUSE CVE
SUSE CVEadded 2026/02/10 12:26 a.m.2 views

SUSE CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

5.3CVSS5.5AI score0.00008EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/02/10 12:0 a.m.1 views

PT-2026-7434

Name of the Vulnerable Software and Affected Versions MongoDB affected versions not specified Description Complex queries can lead to excessive memory consumption within the MongoDB Query Planner, potentially causing an Out-Of-Memory crash. An authorized user can disrupt the MongoDB server by...

7.5CVSS5.3AI score0.00077EPSS
Exploits0References8
AlmaLinux
AlmaLinuxadded 2026/02/10 12:0 a.m.8 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps...

7.8CVSS5.6AI score0.00208EPSS
Exploits0References18
ATTACKERKB
ATTACKERKBadded 2026/02/09 6:46 p.m.2 views

CVE-2026-25478

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, CORSConfig.allowedoriginsregex is constructed using a regex built from configured allowlist values and used with fullmatch for validation. Because metacharacters are not escaped, a malicious origin can match...

7.4CVSS5.5AI score0.0002EPSS
Exploits1References5Affected Software1
Snyk
Snykadded 2026/02/09 5:25 p.m.1 views

Malicious Package

Overview json-web-sources is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snykadded 2026/02/09 5:16 p.m.2 views

Malicious Package

Overview react-svg-handler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
NVD
NVDadded 2026/02/09 3:16 p.m.3 views

CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

5.3CVSS0.00008EPSS
Exploits0References1
OSV
OSVadded 2026/02/09 3:16 p.m.0 views

UBUNTU-CVE-2026-0398

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor...

5.3CVSS5.8AI score0.00008EPSS
Exploits0References4
Rows per page
Query Builder