CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1010 matches found

GHSA-G5VC-Q7QC-V939 Bugsink: Issue bulk actions can affect another project’s issue if its UUID is known

Description Bugsink’s issue list supports bulk actions such as resolving or muting selected issues. In affected versions, the issue list view authorizes access through the project in the URL, but applies the requested bulk action to the submitted issue IDs without also requiring those issues to...

3.1CVSS5.4AI score0.00029EPSS

Exploits0References4

RedhatCVE•added yesterday•3 views

CVE-2026-33212

Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't have access to given scope. The attacker needs to brute-force the random UUID of the task, so...

3.1CVSS5.5AI score0.00011EPSS

Exploits0References1

RedhatCVE•added yesterday•3 views

CVE-2026-44712

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...

8.2CVSS5.5AI score0.00025EPSS

Exploits0References1

OSV•added yesterday•2 views

GHSA-9WGH-M22W-9XJ8 NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints

Summary The public shared-view relation endpoints accepted a caller-supplied column ID without verifying that the column was visible in the shared view, so anyone holding a share UUID could read links from any LTAR column on the view's table — including columns the view owner had hidden. Details...

6.9CVSS5.5AI score

Exploits0References3

OSV•added 2 days ago•3 views

ROOT-APP-NPM-CVE-2026-41907 CVE-2026-41907 in @rootio/uuid - Patched by Root

Root has patched CVE-2026-41907 in the @rootio/uuid package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.00019EPSS

Exploits1

OSV•added 2 days ago•1 views

ROOT-APP-NPM-GHSA-W5HQ-G745-H8PQ GHSA-w5hq-g745-h8pq in @rootio/uuid - Patched by Root

Root has patched GHSA-w5hq-g745-h8pq in the @rootio/uuid package for Root:npm. Multiple fixed versions available...

5.3AI score

Exploits0

EUVD•added 2 days ago•4 views

EUVD-2026-34322

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

6.2AI score0.00022EPSS

Exploits0References1

IBM Security Bulletins•added 5 days ago•7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in uuid-3.3.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in uuid-3.3.2.tgz Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which ...

3.2CVSS5.8AI score0.00018EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 5 days ago•7 views

Security Bulletin: There is a vulnerability in uuid-9.0.1.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-41988)

Summary There is a vulnerability in uuid-9.0.1.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6...

3.2CVSS5.8AI score0.00018EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 5 days ago•9 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

Summary IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before...

9.3CVSS5.8AI score0.00019EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 5 days ago•6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

9.3CVSS5.8AI score0.00019EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 6 days ago•10 views

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in uuid (CVE-2026-41907)

Summary A vulnerability in the uuid generation utility library CVE-2026-41907 used by IBM InfoSphere Optim Archive Viewer has been addressed by upgrading the component to version 9.0.1. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation of RFC9562 formerly RFC4122...

9.3CVSS5.7AI score0.00019EPSS

Exploits1Affected Software1

OSV•added 2026/05/29 9:54 p.m.•8 views

GHSA-QC4C-HRMC-4F78 Admidio: Authorization bypass in file_delete enables cross-folder file removal by authenticated users without delete privileges

Summary An authenticated Admidio member with upload rights on any one folder can permanently delete files from folders where they have only view access. The authorization check at the top of modules/documents-files.php evaluates upload rights against the attacker-supplied folderuuid URL parameter...

6.5CVSS5.8AI score

Exploits0References3

IBM Security Bulletins•added 2026/05/29 10:36 a.m.•7 views

Security Bulletin: IBM Edge Data Collector uses uuid-8.3.2.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907

Summary IBM Edge Data Collector Component uses uuid-8.3.2.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation of RFC9562 formerly RFC4122 UUIDs...

9.3CVSS5.8AI score0.00019EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/05/29 10:26 a.m.•9 views

Security Bulletin: IBM Edge Data Collector uses uuid-8.3.2.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988

Summary IBM Edge Data Collector Component uses uuid-8.3.2.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected writes when external...

3.2CVSS5.8AI score0.00018EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/05/29 8:47 a.m.•7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses uuid-7.0.3.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses uuid-7.0.3.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation ...

9.3CVSS5.8AI score0.00019EPSS

Exploits1Affected Software1