CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/19 12:0 a.m.•7 views

ALSA-2026:19180 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS6.4AI score0.00838EPSS

Exploits0References16

Nvidia•added 2026/05/19 12:0 a.m.•45 views

Security Bulletin: NVIDIA TensorRT - May 2026

NVIDIA has released a software update for NVIDIA® TensorRT. To protect your system, clone or update this software to TensorRT v10.16.1 from the NVIDIA/TensorRT GitHub repo, the TensorRT product page, or the network repository. Go to NVIDIA Product Security. Details The following table summarizes...

8.2CVSS5.8AI score0.00377EPSS

Exploits0Affected Software1

Tenable Nessus•added 2026/05/19 12:0 a.m.•9 views

RHEL 9 : libssh (RHSA-2026:18683)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18683 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...

8.2CVSS5.8AI score0.00582EPSS

Exploits0References25

OSV•added 2026/05/19 12:0 a.m.•10 views

ALSA-2026:18683 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Double Free Vulnerability in libssh Key Export Functions CVE-2025-5351 libssh: Use of uninitialized variable in privatekeyfromfile CVE-2025-4878 libssh: Write...

8.2CVSS7.2AI score0.00582EPSS

Exploits0References22

AlmaLinux•added 2026/05/19 12:0 a.m.•8 views

Moderate: libssh security update

8.2CVSS6.3AI score0.00582EPSS

Exploits0References22

NVD•added 2026/05/18 10:16 p.m.•11 views

CVE-2026-27891

FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add function. The system fails to properly validate the file paths within uploaded ZIP archives. This allows an attacker to perform a Zip Slip attack, leadi...

7.2CVSS0.00522EPSS

Vulnrichment•added 2026/05/18 9:16 p.m.•7 views

CVE-2026-27891 Remote Code Execution (RCE) via Zip Slip in Plugin Upload Mechanism

Cvelist•added 2026/05/18 9:16 p.m.•29 views

CVE-2026-27891 Remote Code Execution (RCE) via Zip Slip in Plugin Upload Mechanism

7.2CVSS0.00522EPSS

EUVD•added 2026/05/18 9:16 p.m.•8 views

EUVD-2026-30808

ATTACKERKB•added 2026/05/18 9:16 p.m.•9 views

CVE-2026-27891

Exploits0References3Affected Software1

CVE•added 2026/05/18 9:16 p.m.•19 views

CVE-2026-27891

FacturaScripts versions up to 2026 are affected by a Zip Slip vulnerability in the Plugins::add() function. The issue arises from improper validation of file paths inside uploaded ZIP archives (Plugins.php), allowing path traversal (e.g., ValidPluginName/../../shell.php) during extraction. This c...

Snyk•added 2026/05/18 8:37 p.m.•5 views

Out-of-bounds Write

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Snyk•added 2026/05/18 8:37 p.m.•8 views

Out-of-bounds Write

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Snyk•added 2026/05/18 8:37 p.m.•9 views

Out-of-bounds Write

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

Snyk•added 2026/05/18 8:37 p.m.•7 views

Out-of-bounds Write

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Snyk•added 2026/05/18 8:37 p.m.•10 views

Out-of-bounds Write

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Snyk•added 2026/05/18 8:37 p.m.•8 views

Out-of-bounds Write

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Snyk•added 2026/05/18 8:37 p.m.•8 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...