CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/06/12 12:0 a.m.•10 views

PT-2026-49067

Name of the Vulnerable Software and Affected Versions File Browser affected versions not specified Description File Browser fails to properly validate symbolic links, allowing scoped users or unauthenticated public-share recipients to access files outside their intended directory boundaries. Whil...

6.8CVSS5.3AI score0.00028EPSS

Exploits0References6

Packet Storm News•added 2026/06/11 12:0 a.m.•5 views

Joern 4.0.556

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score

Tenable Nessus•added 2026/06/10 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-42768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: The CMSdecrypt and PKCS7decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME...

3.7CVSS5.7AI score0.00364EPSS

Exploits0References3

EUVD•added 2026/06/09 6:30 p.m.•7 views

EUVD-2026-35485

3.7CVSS5.5AI score0.00364EPSS

Exploits0References6

NVD•added 2026/06/09 5:17 p.m.•19 views

CVE-2026-42768

3.7CVSS0.00364EPSS

Cvelist•added 2026/06/09 4:3 p.m.•30 views

CVE-2026-42768 Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

0.00364EPSS

AlpineLinux•added 2026/06/09 4:3 p.m.•7 views

CVE-2026-42768

3.7CVSS5.5AI score0.00364EPSS

EUVD•added 2026/06/09 8:46 a.m.•8 views

EUVD-2025-210083

A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions, SIPROTEC 5 6MD89 CP300 All versions, SIPROTEC 5 6MU85 CP300 All versions,...

6.9CVSS5.7AI score0.00186EPSS

Exploits0References1

Positive Technologies•added 2026/06/09 12:0 a.m.•9 views

PT-2026-47838

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description The CMS decrypt and PKCS7 decrypt functions are susceptible to a Bleichenbacher-style attack, which is an adaptive-chosen-ciphertext side channel. This allows an attacker to use a vulnerable...

9.1CVSS5.5AI score0.00684EPSS

Exploits0References78

Packet Storm News•added 2026/06/04 12:0 a.m.•5 views

Joern 4.0.554

Packet Storm News•added 2026/06/04 12:0 a.m.•4 views

CodeQL 2.25.6

Discover vulnerabilities across a codebase with CodeQL, an industry-leading semantic code analysis engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same...

Github Security Blog•added 2026/05/29 10:27 p.m.•25 views

PraisonAI spider_tools SSRF protection bypass via alternate loopback host encodings

Summary PraisonAI's spidertools URL validation can be bypassed using alternate loopback host encodings. The affected component is: text praisonaiagents/tools/spidertools.py The tool contains a URL validation function intended to block local or unsafe targets before fetching attacker-controlled...

6.2AI score0.00014EPSS

Exploits0References2Affected Software2

Packet Storm News•added 2026/05/29 12:0 a.m.•13 views

Joern 4.0.551

EUVD•added 2026/05/28 9:34 p.m.•10 views

EUVD-2026-33073

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

7.3CVSS5.8AI score0.00295EPSS

RedhatCVE•added 2026/05/28 11:12 a.m.•10 views

CVE-2026-44576

A flaw was found in Next.js, a React framework for building web applications. This vulnerability, related to cache poisoning, affects applications utilizing React Server Components RSC when shared caches fail to properly partition response variants. A remote attacker can exploit this by causing a...

5.4CVSS5.8AI score0.0025EPSS

Exploits0References4

Packet Storm News•added 2026/05/28 12:0 a.m.•7 views

AgentDoG 1.5: A Lightweight and Scalable Alignment Framework for AI Agent Safety and Security

Modern open-world agents such as OpenClaw exhibit powerful cross-environment execution capabilities yet introduce broad new safety risk sources. Meanwhile, advanced frontier AI models drastically lower attack barriers, rendering current agent alignment frameworks inadequate for real-world...