CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

160917 matches found

The Hacker News•added 6 days ago•13 views

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability, tracked as CVE-2026-50751 CVSS score: 9.3, is a case of a logic flow weakne...

9.3CVSS5.8AI score0.11841EPSS

Exploits4

Cvelist•added 6 days ago•37 views

CVE-2026-43972 gun HTTP/2 PUSH_PROMISE authority not validated against connection origin allows cross-origin cookie injection

Origin Validation Error vulnerability in ninenines gun gunhttp2 module allows cross-origin cookie injection via unvalidated HTTP/2 PUSHPROMISE authority. In gunhttp2:pushpromiseframe/7, the :authority pseudo-header from an incoming PUSHPROMISE frame is stored verbatim into the promised stream...

6.3CVSS0.00018EPSS

Exploits0References3

CVE•added 6 days ago•12 views

CVE-2026-43972

CVE-2026-43972 (gun_http2) : In gun_http2:push_promise_frame/7, the incoming PUSH_PROMISE :authority header is stored without validating it against the connection origin. Later, gun_http2:headers_frame/9 uses this unvalidated value when calling gun_cookies:set_cookie_header/7, before status handl...

6.3CVSS5.7AI score0.00018EPSS

Exploits0References3

Vulnrichment•added 6 days ago•3 views

CVE-2026-43972 gun HTTP/2 PUSH_PROMISE authority not validated against connection origin allows cross-origin cookie injection

6.3CVSS5.7AI score0.00018EPSS

Exploits0References3

EUVD•added 6 days ago•5 views

EUVD-2026-35073

6.3CVSS5.7AI score0.00018EPSS

Exploits0References3

OSV•added 6 days ago•5 views

EEF-CVE-2026-43972 gun HTTP/2 PUSH_PROMISE authority not validated against connection origin allows cross-origin cookie injection

Summary Origin Validation Error vulnerability in ninenines gun gunhttp2 module allows cross-origin cookie injection via unvalidated HTTP/2 PUSHPROMISE authority. In gunhttp2:pushpromiseframe/7, the :authority pseudo-header from an incoming PUSHPROMISE frame is stored verbatim into the promised...

6.3CVSS5.7AI score0.00018EPSS

Exploits0References2

OSV•added 6 days ago•2 views

SUSE-SU-2026:22051-1 Security update for elemental-toolkit

This update for elemental-toolkit fixes the following issue - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260277. Changes: - Update to v2.3.4: 974af043 Bump golang.org/x/net to v0.55.0 bsc1267168 bsc1251679 ae39c90...

9.1CVSS6.4AI score0.0002EPSS

Exploits1References6

OSV•added 6 days ago•6 views

USN-8402-1 systemd vulnerabilities

It was discovered that systemd-nspawn incorrectly handled certain optional configuration files. A local attacker could possibly use this issue to escape to the host system and execute arbitrary code. CVE-2026-40226 It was discovered that systemd-resolved incorrectly validated DNSSEC records for...

6.4CVSS6.9AI score0.00477EPSS

Exploits0References3

NVD•added 6 days ago•7 views

CVE-2026-8833

Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site scripting when another...

8.5CVSS0.0003EPSS

Exploits0References1

OSV•added 6 days ago•4 views

UBUNTU-CVE-2026-8833

8.5CVSS5.2AI score0.0003EPSS

Exploits0References3

RedHat Linux•added 6 days ago•5 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.7AI score0.00044EPSS

Exploits0References8

EUVD•added 6 days ago•1 views

EUVD-2026-21581

GeoNode contains a server-side request forgery vulnerability in the service registration endpoint...

6.3CVSS5.4AI score0.00044EPSS

Exploits0References6

OSV•added 6 days ago•3 views

GHSA-Q42J-X8RQ-PJG6 Cordova Plugin InAppBrowser: iOS: Arbitrary Cordova callback IDs can be dispatched without validation from InAppBrowser WebViews.

Summary The iOS implementation of cordova-plugin-inappbrowser passes the id field from a WKScriptMessage body to commandDelegate sendPluginResult:callbackId: with no format validation CDVWKInAppBrowser.m:560–574. Any web content loaded inside the InAppBrowser can fire any pending Cordova callback...

9.5CVSS5.4AI score0.00129EPSS

Exploits0References4

NVD•added 6 days ago•8 views

CVE-2026-50751

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

9.3CVSS0.11841EPSS

Exploits4References3

NVD•added 6 days ago•9 views

CVE-2026-50752

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS0.00031EPSS

Exploits0References1

NVD•added 6 days ago•9 views

CVE-2026-11569

A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...

5.4CVSS0.00029EPSS

Exploits0References2