CVEs classified under CWE-366, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-58143 — CVSS 9.8 (critical): [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are…
CVE-2025-31115: XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz…
CVE-2026-46181 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() Sashiko points out…
CVE-2024-10630 — CVSS 7.8 (high): A race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the…
CVE-2023-6546 — CVSS 7.0 (high): A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the…
CVE-2026-3904 — CVSS 6.2 (medium): Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under…
CVE-2026-22819 — CVSS 5.9 (medium): Outray openSource ngrok alternative. Prior to 0.1.5, this vulnerability allows a user i.e a free plan user to get more than the desired…