CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

291 matches found

CVE-2026-57455

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spell file's SOFO sound-folding byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound an...

7.8CVSS0.0012EPSS

Exploits0References3

NVD•added 3 days ago•4 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS0.00126EPSS

Exploits0References3

EUVD•added 3 days ago•4 views

EUVD-2026-39437

7.1CVSS6.1AI score0.0012EPSS

Exploits0References3

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crashing when dealing with very long words. In cases where a console is set up to handle very large data, containing words that are truly long 256 characters, we need to stop processing before reaching the length o...

5.9CVSS5.7AI score0.00277EPSS

Exploits0References2

Tenable Nessus•added 2026/06/18 12:0 a.m.•5 views

Mattermost Server 10.11.x < 10.11.14 / 11.4.x < 11.4.4 / 11.5.x < 11.5.2 Vulnerability (MMSA-2026-00597)

The version of Mattermost Server installed on the remote host is affected by a vulnerability: - Mattermost fails to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate...

4.3CVSS6AI score0.00152EPSS

Exploits0References2

OSV•added 2026/06/11 12:59 a.m.•15 views

CLEANSTART-2026-BM78291 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU

Multiple security vulnerabilities affect the dex package. Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU. See references for individual vulnerability details...

9.8CVSS6.4AI score0.01027EPSS

Exploits3References74

OSV•added 2026/06/11 12:58 a.m.•13 views

CLEANSTART-2026-SQ76279 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU

9.8CVSS5.5AI score0.01027EPSS

Exploits3References74

OSV•added 2026/06/11 12:37 a.m.•6 views

CLEANSTART-2026-KN74022 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU

Security vulnerability affects the local-static-provisioner-fips package. Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

9.8CVSS5.5AI score0.0056EPSS

Exploits0References3

OSV•added 2026/06/11 12:37 a.m.•6 views

CLEANSTART-2026-KV53168 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU

Security vulnerability affects the kyverno-policy-reporter-kyverno-plugin package. Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

9.8CVSS5.5AI score0.0056EPSS

Exploits0References3

OSV•added 2026/06/05 5:45 a.m.•6 views

BIT-GOLANG-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime