critical
critical
- CVE-2026-12761 - The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerab
- CVE-2026-14480 - OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑u
- CVE-2026-14894 - The Super Forms – Drag & Drop Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload in all
- CVE-2026-15143 - A flaw was found in the file_type content detector of guardrails-detectors
- CVE-2026-15282 - The Instant Appointment plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type
- CVE-2026-15300 - The GEO my WP plugin for WordPress was vulnerable to SQL Injection via the 'distance', 'lat', and 'lng' parame
- CVE-2026-15378 - A flaw was found in the guardrails-detectors component
- CVE-2026-20744 - The charging station websocket endpoint accepts connections without proper authentication, which could lead to
- CVE-2026-2397 - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Adam Ret
- CVE-2026-28564 - Insufficient Session Expiration, Authentication Bypass by Capture-replay vulnerability in Apache IoTDB
- CVE-2026-40005 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB
- CVE-2026-40008 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Apache IoT
- CVE-2026-41880 - R-SOFT DMS is vulnerable to OS Command Injection in the Optical Character Recognition (OCR) module
- CVE-2026-50551 - SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content
- CVE-2026-51119 - An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/Create
- CVE-2026-54067 - SiYuan: Stored XSS to RCE via CSS-snippet <style> breakout in renderSnippet()
- CVE-2026-54069 - SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist
- CVE-2026-54072 - Authorizer: Unvalidated redirect_uri in /authorize leaks OAuth2 tokens to attacker-controlled URL
- CVE-2026-54088 - File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)
- CVE-2026-54089 - File Browser: Authentication Bypass via Proxy Auth Header Forgery
- CVE-2026-54158 - SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML()
- CVE-2026-54159 - prestashop/ps_facetedsearch: PHP Object Injection in faceted search cache allows unauthenticated RCE
- CVE-2026-55500 - 9Router is an AI router & token saver. Prior to 0.4.80, the /api/settings/database endpoint allows full databa
- CVE-2026-55879 - OpenReplay is a self-hosted session replay suite
- CVE-2026-55884 - Tilt defines dev environments as code for microservice apps on Kubernetes
- CVE-2026-56261 - Crawl4AI before 0.8.7 contains a server-side request forgery (SSRF) vulnerability in the Docker API server's /
- CVE-2026-56688 - Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements us
- CVE-2026-56765 - Vikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint exposes share hashe
- CVE-2026-57807 - Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Software Pvt Ltd
- CVE-2026-5801 - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Semtek I
- CVE-2026-58492 - grav-plugin-database is the database plugin for Grav CMS
- CVE-2026-59151 - Prowler is a cloud security platform. Prior to 5.30.3, Prowler's SAML authentication flow trusted the email do
- CVE-2026-59792 - In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID h
- CVE-2026-61444 - PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agents_file
- CVE-2026-61459 - MCP Server Kubernetes before 3.9.0 contains an argument injection vulnerability in structured tools (kubectl_g
- CVE-2025-27462 - [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities corresp
- CVE-2025-27463 - [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities corresp
- CVE-2025-27464 - [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities corresp
- CVE-2025-58146 - There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the noti
- CVE-2025-58151 - varstored is a component of the Xapi toolstack handling UEFI Variables for a VM
- CVE-2026-12116 - A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server
- CVE-2026-13461 - When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange vers
- CVE-2026-14245 - The miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress is vulnerable to Authenticat
- CVE-2026-14261 - A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reins
- CVE-2026-15158 - The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and i
- CVE-2026-2342 - Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OceanicS
- CVE-2026-23556 - When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked
- CVE-2026-23559 - [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities corresp
- CVE-2026-23560 - [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities corresp
- CVE-2026-23561 - [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities corresp
- CVE-2026-23562 - [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities corresp
- CVE-2026-42486 - [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities corresp
- CVE-2026-51597 - MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest a
- CVE-2026-51599 - An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel
- CVE-2026-52766 - YesWiki vulnerable to unauthenticated arbitrary page deletion via {{erasespamedcomments}} action
- CVE-2026-52777 - YesWiki Vulnerable to Authenticated PHP Object Injection in BazarImportAction via unserialize
- CVE-2026-52778 - YesWiki has Unsafe eval() in its Formula Calculato, Leading to Remote Code Execution & Denial of Service
- CVE-2026-54003 - Kirby is an open-source content management system
- CVE-2026-54760 - Langroid is a framework for building large-language-model-powered applications
- CVE-2026-54769 - Langroid is a framework for building large-language-model-powered applications
- CVE-2026-55615 - Langroid is a framework for building large-language-model-powered applications
- CVE-2026-58122 - Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remot
- CVE-2026-58123 - Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remot
- CVE-2026-5955 - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Inrove S
- CVE-2026-59726 - Ruflo is an agent meta-harness for Claude Code and Codex
- CVE-2026-59826 - Metabase is an open-source business intelligence and embedded analytics tool
- CVE-2026-59827 - Metabase is an open-source business intelligence and embedded analytics tool
- CVE-2026-14454 - Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed
- CVE-2026-15113 - Use after free in Autofill in Google Chrome on Android prior to 150.0.7871.115 allowed a remote attacker to po
- CVE-2026-44024 - Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop a
- CVE-2026-47646 -
- CVE-2026-52200 - An issue in Generic OEM UZ801_v2.1 4G LTE Router V3.4.3 allows a remote attacker to execute arbitrary code via
- CVE-2026-52831 - Nuclio: Unsanitized cron trigger event headers/body injected into CronJob shell command leads to persistent RCE
- CVE-2026-53649 - Joro: Unauthenticated Cross-Origin Plugin Upload Leads to RCE
- CVE-2026-54527 - JupyterLab Git is a Git extension for JupyterLab
- CVE-2026-54782 - CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core
- CVE-2026-58480 - Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vul
- CVE-2026-8307 - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Webbeyaz
- CVE-2026-9074 - IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL inject
- CVE-2026-27823 - EGroupware has a Remote Code Execution Vulnerability
- CVE-2026-37270 - Trueview Security camera T18161- AF v4.9.60.0 contains an authentication bypass vulnerability caused by improp
- CVE-2026-37271 - Fire-Boltt Smartwatch FB BGS001 Firmware: MOY-JS14-2.0.4 is vulnerable to Improper Authentication, The device
- CVE-2026-53512 - Better Auth: OAuth refresh-token replay via missing client authentication on oidc-provider and mcp plugins
- CVE-2026-53513 - @better-auth/sso provider registration has server-side request forgery via unvalidated OIDC endpoints
- CVE-2026-53552 - Goploy: Cross-namespace IDOR and RCE via body-supplied row id in project and project_file handlers
- CVE-2026-59706 - mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side
- CVE-2026-59707 - LocalAI contains an unauthenticated server-side request forgery vulnerability in the POST /models/apply endpoi
- CVE-2026-11405 - The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function a
- CVE-2026-40139 - A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Suppo
- CVE-2026-40141 - A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileg
- CVE-2026-54763 - Traefik is an HTTP reverse proxy and load balancer
- CVE-2026-9181 - Esri ArcGIS Server contains a directory traversal vulnerability
- CVE-2026-10536 - A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tr
- CVE-2026-11564 - libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of the
- CVE-2026-12481 - A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handlin
- CVE-2026-14544 - A flaw was found in HPLIP (HP Linux Imaging and Printing Software)
- CVE-2026-20896 - Gitea Docker image versions up to and including 1.26.2 use REVERSE_PROXY_TRUSTED_PROXIES=* by default, allowin
- CVE-2026-47898 - Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net (Lucene.Net.Analysis
- CVE-2026-58289 - Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an una
- CVE-2026-8926 - When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a usern
- CVE-2026-38971 - ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_se
- CVE-2026-41106 - Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate
- CVE-2026-45499 - Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a
- CVE-2026-54402 - A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vul
- CVE-2026-55115 - A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (S
- CVE-2026-55116 - A malicious actor with access to the network and under certain network configurations could exploit an Imprope
- CVE-2026-57100 - Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized a
- CVE-2026-59800 - 9router: Missing Authorization and OS Command Injection
- CVE-2025-23350 - NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual
- CVE-2025-23351 - NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual
- CVE-2026-10539 - A Control-M/Server communication command does not sufficiently filter or sanitize user-supplied input
- CVE-2026-11387 - The SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery plugin for WordPress
- CVE-2026-14198 - @fastify/middie versions 9.1.0 through 9.3.2 decode the encoded slash %2F inside path parameter values before
- CVE-2026-14363 - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in The Wiki
- CVE-2026-23537 - A vulnerability has been identified in the Feast Feature Server’s /save-document endpoint that allows an una
- CVE-2026-24270 - NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication
- CVE-2026-34099 - Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in job_info.php (l
- CVE-2026-34100 - Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in media.php (line
- CVE-2026-34101 - Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in text_file.php (
- CVE-2026-34102 - Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in job_info_get.ph
- CVE-2026-34103 - Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in subtitles.php (
- CVE-2026-34104 - Guardian language-system passes the name GET parameter directly into an unsanitized SQL query in designer.php
- CVE-2026-34105 - Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in translate_text
- CVE-2026-34106 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in subtitles.php (line 19
- CVE-2026-34107 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in translate.php (line 14
- CVE-2026-34108 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in text.php (line 15) wit
- CVE-2026-34109 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in speech.php (line 18) w
- CVE-2026-34110 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in complex_start.php (lin
- CVE-2026-34111 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in speechmac_text.php (li
- CVE-2026-34112 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in speechmac.php (line 18
- CVE-2026-34113 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in speech_text.php (line
- CVE-2026-34114 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in translate_text.php (li
- CVE-2026-34115 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe_amazon.php
- CVE-2026-34116 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe.php (line 1
- CVE-2026-34117 - Guardian language-system passes the id GET parameter directly into a PHP exec() call in text_to_subtitles.php
- CVE-2026-50195 - containerd is an open-source container runtime
- CVE-2026-53492 - containerd is an open-source container runtime
- CVE-2026-57517 - Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated r
- CVE-2026-57692 - Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation
- CVE-2026-58025 - Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki
- CVE-2026-58126 - PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote at
- CVE-2026-58127 - PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll,
- CVE-2026-58453 - JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerab
- CVE-2026-58521 - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in The Wiki
- CVE-2026-6070 - The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Deletion in vers
- CVE-2026-7839 - UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password
- CVE-2026-7840 - UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embedded HTTP administration server
- CVE-2026-10109 - IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to imprope
- CVE-2026-10134 - IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to read every secret available to the Langflow process
- CVE-2026-10140 - IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of
- CVE-2026-11708 - IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the admin
- CVE-2026-11712 - IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the admin
- CVE-2026-12073 - The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escala
- CVE-2026-13766 - DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers
- CVE-2026-13775 - Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised th
- CVE-2026-13776 - Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised t
- CVE-2026-13780 - Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote a
- CVE-2026-13781 - Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote at
- CVE-2026-13782 - Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromise
- CVE-2026-13797 - Insufficient validation of untrusted input in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a rem
- CVE-2026-13798 - Heap buffer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had c
- CVE-2026-13843 - Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 al
- CVE-2026-13846 - Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had comprom
- CVE-2026-13851 - Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4
- CVE-2026-13852 - Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4
- CVE-2026-13853 - Use after free in Journeys in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromis
- CVE-2026-13854 - Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who had com
- CVE-2026-13859 - Inappropriate implementation in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to pot
- CVE-2026-13861 - Use after free in Core in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised t
- CVE-2026-13869 - Use after free in Device in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had
- CVE-2026-13872 - Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4
- CVE-2026-13878 - Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had c
- CVE-2026-13880 - Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had comprom
- CVE-2026-13882 - Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer
- CVE-2026-13883 - Type Confusion in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perfo
- CVE-2026-13901 - Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker wh
- CVE-2026-13909 - Insufficient policy enforcement in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker
- CVE-2026-13934 - Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.47 allowed
- CVE-2026-14037 - Insufficient policy enforcement in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who h
- CVE-2026-14038 - Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 150.0.7871.47 allowed a r
- CVE-2026-14043 - Use after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compr
- CVE-2026-14044 - Use after free in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised
- CVE-2026-14055 - Insufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47
- CVE-2026-14056 - Insufficient validation of untrusted input in Media in Google Chrome prior to 150.0.7871.47 allowed a remote a
- CVE-2026-14090 - Insufficient validation of untrusted input in CameraCapture in Google Chrome on ChromeOS prior to 150.0.7871.4
- CVE-2026-14093 - Use after free in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised t
- CVE-2026-14095 - Insufficient policy enforcement in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker w
- CVE-2026-14097 - Inappropriate implementation in WebAppInstalls in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote
- CVE-2026-14101 - Insufficient policy enforcement in Sandbox in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote att
- CVE-2026-14105 - Insufficient policy enforcement in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to
- CVE-2026-14106 - Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed
- CVE-2026-14109 - Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who
- CVE-2026-14113 - Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had
- CVE-2026-14120 - Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who
- CVE-2026-14151 - Inappropriate implementation in AI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had c
- CVE-2026-14152 - Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who ha
- CVE-2026-14162 - Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unaut
- CVE-2026-14241 - Memory safety bugs present in Firefox 152.0.3
- CVE-2026-37106 - An issue in DokuWiki 2025-05-14b Librarian 56.2 allows a remote attacker to create an account via the regist
- CVE-2026-46817 - Oracle E-Business Suite Payments File Transmission takeover
- CVE-2026-48276 - ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous
- CVE-2026-48277 - ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability tha
- CVE-2026-48281 - ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability tha
- CVE-2026-48282 - ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Rest
- CVE-2026-48283 - ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous
- CVE-2026-48286 - Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization
- CVE-2026-48313 - ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Rest
- CVE-2026-48315 - ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability tha
- CVE-2026-50003 - A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files
- CVE-2026-50110 - Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within
- CVE-2026-50545 - Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover
- CVE-2026-50563 - Fission Container Executor Function PodSpec Injection Leading to Node Escape
- CVE-2026-50564 - Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape
- CVE-2026-50566 - Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation
- CVE-2026-55721 - Storage Concentrator (SC & SCVM) is vulnerable to SQL injection through cookie values processed by the login.p
- CVE-2026-56278 - Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses a weak hardcoded default secret ('flowise') f
- CVE-2026-56413 - Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, whic
- CVE-2026-56415 - Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is
- CVE-2026-56700 - Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities
- CVE-2026-58116 - LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI ac
- CVE-2026-58138 - Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that all
- CVE-2026-58166 - OpenBMB ChatDev through 2.2.0, fixed in commit 4fd4da6, contains a path traversal vulnerability that allows un
- CVE-2026-58172 - Ocelot through 24.1.0, fixed in commit f156fd4, contains a security control bypass vulnerability that allows d
- CVE-2026-58449 - txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint whose function body parameter
- CVE-2026-6556 - @fastify/express versions 4.0.6 and earlier only rewrite the plugin prefix for middleware mount paths when the
- CVE-2026-7663 - IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project res
- CVE-2026-7803 - IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary code execution due to improper validation of flow
- CVE-2026-7871 - IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis access to execute arbitrary code with full appli
- CVE-2026-7873 - IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated attackers to execute arbitrary OS commands and read
- CVE-2026-7874 - IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow disclosure of all stored credentials due to the use
- CVE-2026-8037 - Progress Kemp LoadMaster API command injection RCE
- CVE-2026-8402 - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Eksagate
- CVE-2026-8452 - Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavi
- CVE-2026-8655 - Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or er
- CVE-2026-9711 - The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress (full) is vulnerable to SQL Injecti
- CVE-2026-13762 - Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote ac
- CVE-2026-13763 - Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might all
- CVE-2026-37637 - An issue in Alexantr filemanager v.1.0 allows a remote attacker to execute arbitrary code via the filemanager
- CVE-2026-39868 - This issue was addressed with improved input validation
- CVE-2026-53434 - Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM bas
- CVE-2026-55276 - Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty
- CVE-2026-56782 - Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoint
- CVE-2026-57331 - Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions
- CVE-2026-57498 - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases
- CVE-2026-49048 - The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly c
- CVE-2026-58053 - Gitea act_runner Docker container options host escape
- CVE-2026-58053 - Gitea act_runner Docker container options host escape
- CVE-2026-12415 - Invoice Generator unauthenticated account takeover
- CVE-2026-50015 - pnpm malicious patch path traversal
- CVE-2026-53519 - Nezha dashboard path traversal leaks JWT secret
- CVE-2026-55487 - pnpm allowBuilds identity spoof
- CVE-2026-55697 - pnpm global bin name traversal
- CVE-2026-55698 - pnpm env lockfile short-circuit
- CVE-2026-55700 - pnpm stage download symlink traversal
- GHSA-q6xx-5vr8-p898 - Nezha WebSocket stream ownership bypass
- CVE-2025-71336 - Flowise Custom MCP auth bypass RCE
- CVE-2026-28701 - Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users
- CVE-2026-33646 - mise manages dev tools like node, python, cmake, and terraform
- CVE-2026-39830 - Go x/crypto ssh unsolicited response deadlock
- CVE-2026-39831 - Go x/crypto ssh FIDO presence bypass
- CVE-2026-39832 - Go x/crypto ssh agent forwarded constraint loss
- CVE-2026-39833 - Go x/crypto ssh agent confirm constraint bypass
- CVE-2026-39834 - Go x/crypto ssh large channel write infinite loop
- CVE-2026-42508 - Go x/crypto knownhosts revoked CA bypass
- CVE-2026-45405 - Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supp
- CVE-2026-45406 - Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openre
- CVE-2026-46386 - OpenProject is open-source, web-based project management software
- CVE-2026-46595 - Go x/crypto ssh VerifiedPublicKeyCallback auth bypass
- CVE-2026-48749 - Incus has an arbitrary file read+write on host via rootfs/ symlink in malicious image
- CVE-2026-48750 - Incus has an arbitrary file write on host via exec-output symlink in crafted image
- CVE-2026-48751 - Incus has a restricted project bypass leading to arbitrary command execution
- CVE-2026-48752 - Incus has arbitrary file read+write on host via templates/ symlink in malicious image
- CVE-2026-48753 - Incus has an arbitrary file write via path traversal in S3 multipart upload
- CVE-2026-48755 - Incus has an argument injection in backup compression algorithm leading to AFW and ACE
- CVE-2026-48769 - Incus has an arbitrary file write on its client due to trusted image hash
- CVE-2026-48797 - Backpropagate: backprop ui --auth and backprop ui --share do not enforce authentication
- CVE-2026-48930 - A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebindin
- CVE-2026-49252 - deepstream is vulnerable to prototype pollution
- CVE-2026-49257 - mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind
- CVE-2026-49869 - Kestra is an open-source, event-driven orchestration platform
- CVE-2026-50137 - Budibase is an open-source low-code platform
- CVE-2026-52782 - OpenProject is open-source, web-based project management software
- CVE-2026-52785 - OpenProject is open-source, web-based project management software
- CVE-2026-53309 - In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlm_match_reg
- CVE-2026-53576 - Kestra is an open-source, event-driven orchestration platform
- CVE-2026-54350 - Budibase is an open-source low-code platform
- CVE-2026-54352 - Budibase is an open-source low-code platform
- CVE-2026-54636 - Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to man
- CVE-2026-55166 - Lemur ACME SSRF and creator-equality IDOR
- CVE-2026-56028 - Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates <=
- CVE-2026-56034 - Unauthenticated SQL Injection in Library Management System <= 3.5.7 versions
- CVE-2026-56068 - Unauthenticated SQL Injection in JetEngine <= 3.8.10.2 versions
- CVE-2025-71327 - Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint t
- CVE-2025-71333 - Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachmen
- CVE-2025-71334 - Flowise before 3.0.6 (affected versions 2.2.8 and earlier) contains an arbitrary file access vulnerability due
- CVE-2025-71338 - Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that all
- CVE-2026-40079 - Cacti is an open source performance and fault management framework
- CVE-2026-50548 - Cursor is a code editor built for programming with AI
- CVE-2026-50549 - Cursor is a code editor built for programming with AI
- CVE-2026-53131 - In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header bef
- CVE-2026-53151 - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix the ACK parser to extract the S
- CVE-2026-53175 - In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by
- CVE-2026-53176 - In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than I
- CVE-2026-53186 - In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRP_RSP sense copy by the
- CVE-2026-53215 - In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP o
- CVE-2026-53216 - In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX
- CVE-2026-53221 - In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix incorrect tunnel matching in
- CVE-2026-53224 - In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and add
- CVE-2026-53225 - In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in __sctp_rcv_ascon
- CVE-2026-53228 - In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after
- CVE-2026-53246 - In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk leng
- CVE-2026-53247 - In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Fix use-after-
- CVE-2026-53260 - In the Linux kernel, the following vulnerability has been resolved: tcp: Add preempt_{disable,enable}_nested()
- CVE-2026-54917 - SeaweedFS is a distributed storage system for object storage (S3), file systems, and Iceberg tables
- CVE-2026-56786 - RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 function that fails to c
- CVE-2026-57700 - Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious File
- CVE-2026-6094 - Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData
- CVE-2026-7531 - Use-after-free in PQC hybrid key-share handling
- CVE-2026-12417 - The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Valida
- CVE-2026-39948 - Cacti is an open source performance and fault management framework
- CVE-2026-45051 - OpenAM WebAuthn deserialization RCE
- CVE-2026-45052 - OpenAM Liberty Discovery authz bypass
- CVE-2026-49980 - Rclone is a command-line program to sync files and directories to and from different cloud storage providers
- CVE-2026-52924 - In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO
- CVE-2026-52955 - In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds acces
- CVE-2026-52989 - In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmet_tcp_build_pdu_i
- CVE-2026-52993 - In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipc_buf_append()
- CVE-2026-53002 - In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage
- CVE-2026-53006 - In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6_rcv() Cac
- CVE-2026-54906 - concurrent-ruby is a modern concurrency tools for Ruby
- CVE-2026-55455 - Appsmith is a platform to build admin panels, internal tools, and dashboards
- CVE-2026-56121 - Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthoriz
- CVE-2026-48020 - Traefik is an HTTP reverse proxy and load balancer
- CVE-2026-48491 - Traefik is an HTTP reverse proxy and load balancer
- CVE-2026-52806 - Gogs vulnerable to RCE via git rebase --exec argument injection in pull request merge
- CVE-2026-53622 - Traefik is an HTTP reverse proxy and load balancer
- CVE-2026-53753 - Crawl4AI is an open-source LLM friendly web crawler & scraper
- CVE-2026-54305 - n8n is an open source workflow automation platform
- CVE-2026-54307 - n8n is an open source workflow automation platform
- CVE-2026-54316 - Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-
- CVE-2026-11746 - Central Dogma ZooKeeper replication secret cluster takeover
- CVE-2026-28381 - The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries agai
- CVE-2026-48746 - vLLM is an inference and serving engine for large language models (LLMs)
- CVE-2026-49468 - LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format
- CVE-2026-48908 - A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimate
- CVE-2026-48939 - A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachme
- CVE-2025-62821 - Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntry_GetDataSize can
- CVE-2026-12048 - Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths
- CVE-2026-48584 - Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges ove
- CVE-2026-50242 - In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.14842
- CVE-2026-51843 - Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface
- CVE-2026-51844 - Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface
- CVE-2026-51845 - Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface
- CVE-2026-51846 - In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer over
- CVE-2026-56142 - In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.14842
- CVE-2026-58399 - @acastellon/auth: Authentication bypass via spoofable headers in validateToken()
- CVE-2026-30803 - Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buf
- CVE-2026-3894 - Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This iss
- CVE-2026-50203 - Apache Airflow SFTP provider: Path traversal in SFTPHook.retrieve_directory
- CVE-2026-12293 - Use-after-free in the Graphics: WebGPU component
- CVE-2026-12294 - Sandbox escape in the DOM: Workers component
- CVE-2026-12295 - Sandbox escape in the DOM: Navigation component
- CVE-2026-12296 - Sandbox escape in the Security: Process Sandboxing component
- CVE-2026-12297 - Sandbox escape due to incorrect boundary conditions in the Networking component
- CVE-2026-53633 - Vitest Browser Mode CDP API RCE
- CVE-2026-54257 - Electron Buffer heap under/overflow
- CVE-2026-48039 - Meta Ads MCP HTTP tool auth bypass
- CVE-2026-48062 - CodeIgniter4 ext_in upload validation bypass
- CVE-2026-48063 - Baileys protocolMessage spoofing and state corruption
- CVE-2026-48150 - Budibase workspace builder to global admin escalation
- CVE-2026-44170 - MariaDB server is a community developed fork of MySQL server
- CVE-2026-44172 - MariaDB server is a community developed fork of MySQL server
- CVE-2026-49875 - Apache CXF's EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the
- CVE-2026-50083 - The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcoded OAuth client credential, which is an instanc
- CVE-2026-50086 - The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's
- CVE-2026-50091 - Aqara Home Android (com.lumiunited.aqarahome) 6.0.0 (and white-label clients embedding the same liblumidevsdk
- CVE-2026-50627 - The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' (Audience) claims of incoming JWT
- CVE-2026-50628 - A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while b
- CVE-2025-11953 - React Native CLI Metro command injection
- CVE-2025-12735 - expr-eval context function RCE
- CVE-2025-3248 - Langflow validate/code unauthenticated RCE
- CVE-2025-32711 - Microsoft 365 Copilot EchoLeak data exfiltration
- CVE-2025-49596 - MCP Inspector proxy unauthenticated RCE
- CVE-2025-55182 - React Server Components RCE
- CVE-2025-6514 - mcp-remote OAuth command injection
- CVE-2026-43515 - Apache Tomcat security constraints authorization bypass
- CVE-2026-44990 - sanitize-html xmp raw-text XSS
- CVE-2026-45034 - PHPSpreadsheet PHAR wrapper patch bypass
- CVE-2026-47252 - Anyquery browser plugin AppleScript/JXA injection
- CVE-2026-47724 - nebula-mesh API ownership authorization bypass
- CVE-2026-49261 - MariaDB server is a community developed fork of MySQL server
- CVE-2026-0274 - An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR an
- CVE-2025-10263 - Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925,
- CVE-2026-26142 - Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a
- CVE-2026-34841 - @usebruno/cli axios supply-chain RAT
- CVE-2026-46316 - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation
- CVE-2026-5058 - aws-mcp-server command injection RCE
- CVE-2026-9698 - DBI versions before 1.648 for Perl saved errors in a limited-sized buffer
- GHSA-jpvj-wpmj-h7rv - @cap-js/openapi package compromise
- CVE-2026-27494 - n8n Python Code node sandbox escape
- CVE-2026-46289 - In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations i
- CVE-2026-47430 - Cordova InAppBrowser callback spoofing on iOS
- CVE-2026-49448 - authentik SourceStage empty POST bypass
- CVE-2026-27606 - Rollup path traversal arbitrary write
- CVE-2026-33032 - nginx-ui MCP auth bypass
- CVE-2026-33696 - n8n GSuiteAdmin prototype pollution RCE
- CVE-2026-40576 - excel-mcp-server path traversal
- CVE-2026-44180 - Jupyter Enterprise Gateway prohibited UID/GID bypass
- CVE-2026-44181 - Jupyter Enterprise Gateway Jinja2 SSTI RCE
- CVE-2026-44182 - Jupyter Enterprise Gateway YAML manifest injection
- CVE-2026-44632 - Yamcs Janino expression RCE
- CVE-2026-45321 - TanStack npm supply-chain compromise
- CVE-2026-47391 - PraisonAI A2A eval tool RCE
- CVE-2026-47407 - PraisonAI Platform workspace takeover
- CVE-2026-47413 - PraisonAI Platform member-add owner injection
- CVE-2026-47416 - PraisonAI Platform workspace owner promotion
- CVE-2026-47668 - DbGate JSON script runner unauthenticated RCE
- CVE-2026-47669 - DbGate archive unzip arbitrary write RCE
- CVE-2026-47670 - DbGate loadReader dynamic import RCE
- CVE-2026-47708 - stata-mcp log_file_name command injection
- CVE-2026-47731 - AIT-Core BSC path traversal file append
- CVE-2026-47744 - Shopper team RBAC privilege escalation
- CVE-2026-48027 - Nx Console extension compromise
- CVE-2026-25049 - n8n expression escape RCE
- CVE-2026-30861 - WeKnora MCP stdio command injection
- CVE-2026-41242 - protobufjs generated-code RCE
- CVE-2026-47410 - PraisonAI Platform default JWT secret
- CVE-2026-47428 - Vitest browser otelCarrier token RCE
- CVE-2026-47429 - Vitest UI API file read and RCE
- CVE-2026-48907 - A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthen
- CVE-2026-41283 - OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed
- CVE-2026-46244 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6 inner_thoff
- CVE-2026-46266 - In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTO_RAW MUST d
- CVE-2026-47065 - ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Proxy Assessm
- CVE-2026-5241 - A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attack
- CVE-2026-47117 - OpenMed vulnerable to remote code injection through privacy-filter model loading path
- CVE-2026-42252 - Apache Airflow vulnerable to Improper Neutralization of Special Elements Used in a Template Engine
- CVE-2026-45700 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-4408 - A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic
- CVE-2026-46115 - In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovec_phys_merg
- CVE-2026-46119 - In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in
- CVE-2026-46135 - In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling
- CVE-2026-46185 - In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in syml
- CVE-2026-46195 - In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before bu
- CVE-2026-9094 - Casdoor: GetTokenExchangeToken bypass through lack of cross-organization JWT signature check
- CVE-2026-45898 - In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption b
- CVE-2026-45972 - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double
- CVE-2026-45988 - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packe
- CVE-2026-46043 - In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before pay
- CVE-2026-8450 - HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file()
- CVE-2018-25357 - Dolibarr ERP CRM contains a remote code evaluation vulnerability
- CVE-2026-2651 - MLflow allows unauthorized access to multipart upload endpoints when the --serve-artifacts mode is enabled
- CVE-2026-42496 - Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extra
- CVE-2026-4480 - A flaw was found in the Samba printing subsystem
- CVE-2026-44930 - Apache CXF has an LDAP injection vulnerability
- CVE-2026-7374 - KubeVirt has a Link Following vulnerability
- CVE-2026-46716 - Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron
- CVE-2026-39821 - The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only la
- CVE-2026-43501 - In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len headroom when r
- CVE-2026-48207 - Apache Fory PyFory Deserialization of Untrusted Data
- CVE-2026-20223 - A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an un
- CVE-2026-33278 - NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that
- CVE-2026-8631 - A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software
- CVE-2026-31072 - The JSONSerializer and CBORSerializer in APScheduler (all versions including 3.10.x and 4.0.0a5) are vulnerabl
- CVE-2026-43493 - In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKL
- CVE-2026-46725 - TYPO3 Remote Code Execution in extension Content Element Selector (ceselector)
- CVE-2026-8948 - Same-origin policy bypass in the DOM: Networking component
- CVE-2026-42822 - Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate priv
- CVE-2026-44774 - Traefik is an HTTP reverse proxy and load balancer
- CVE-2026-44484 - PyTorch Lightning is a deep learning framework to pretrain and finetune AI models
- CVE-2026-42557 - jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Noteb
- CVE-2026-43997 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-43999 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-44005 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-44006 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-44008 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-44009 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-45411 - vm2 is an open source vm/sandbox for Node.js
- CVE-2025-40949 - A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (
- CVE-2026-22924 - A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0)
- CVE-2026-25244 - WebdriverIO BrowserStack branch command injection
- CVE-2026-27478 - Unity Catalog JWT issuer bypass
- CVE-2026-31228 - The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a remote code execution vulnerability in its Kub
- CVE-2026-31230 - The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a command-line argument injection vulnerability
- CVE-2026-31236 - The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line
- CVE-2026-43898 - SandboxJS Function.caller sandbox escape
- CVE-2026-44336 - PraisonAI MCP tools/call path traversal RCE
- CVE-2026-44477 - CloudNativePG metrics exporter RCE
- CVE-2026-8401 - Sandbox escape in the Profile Backup component
- GHSA-v6wj-c83f-v46x - profullstack MCP server command injection
- CVE-2025-14179 - In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO
- CVE-2026-44007 - vm2 NodeVM nesting sandbox escape
- CVE-2026-44542 - FileBrowser public share DELETE path traversal
- CVE-2026-6104 - In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an encoding name containing an embedded NUL b
- CVE-2026-6722 - In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOA
- GHSA-54pg-9963-v8vg - Intercom client package compromise
- CVE-2026-41428 - Budibase public endpoint auth bypass
- CVE-2026-42208 - LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format
- CVE-2026-43304 - In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPH_MAX_KEY_L
- CVE-2026-43341 - In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wra
- CVE-2026-43378 - In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2_op
- CVE-2026-43383 - In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be cons
- CVE-2026-43384 - In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be const
- CVE-2026-43406 - In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds r
- CVE-2026-43407 - In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds acces
- CVE-2026-43414 - In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport doubl
- CVE-2026-40982 - Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-conf
- CVE-2026-42216 - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage forma
- CVE-2026-42880 - Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes
- CVE-2026-8091 - Incorrect boundary conditions in the Audio/Video: Playback component
- CVE-2026-8094 - Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140
- CVE-2026-29080 - Rucio has SQL Injection in FilterEngine Oracle JSON Path via DID Search API
- CVE-2026-29090 - Rucio has SQL Injection in FilterEngine PostgreSQL Query Builder via DID Search API
- CVE-2026-40933 - Flowise MCP adapter command execution
- CVE-2026-42601 - ArchiveBox AddView config override RCE
- CVE-2026-43114 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't retu
- CVE-2026-43117 - In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock
- CVE-2026-43125 - In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tre
- CVE-2026-43186 - In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in __
- CVE-2026-43198 - In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv
- CVE-2026-5081 - Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure
- CVE-2026-28780 - Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server
- CVE-2026-35579 - CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport im
- CVE-2026-43071 - In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket
- CVE-2026-24118 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-24120 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-24781 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-26332 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-26956 - vm2 is an open source vm/sandbox for Node.js
- CVE-2026-29200 - Comet Backup tenant impersonation IDOR
- CVE-2026-40682 - XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versio
- CVE-2026-42027 - Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 1
- CVE-2026-40884 - goshs empty-username SFTP authentication bypass
- CVE-2026-40903 - goshs ArtiPACKED GitHub Actions token leakage
- CVE-2026-40280 - Gotenberg SSRF deny-list bypass
- CVE-2026-40281 - Gotenberg ExifTool argument injection
- CVE-2026-41265 - Flowise Airtable Agent code injection RCE
- CVE-2026-41478 - Saltcorn mobile-sync SQL injection
- CVE-2026-41497 - PraisonAI MCP command injection incomplete fix
- CVE-2026-41507 - math-codegen string literal RCE
- CVE-2026-41574 - Nhost OAuth email verification bypass
- CVE-2026-41583/CVE-2026-41584 - Zebra consensus split and rk panic
- CVE-2026-41589 - Wish SCP path traversal
- CVE-2026-42231 - n8n XML webhook prototype pollution RCE
- CVE-2026-42232 - n8n XML node prototype pollution RCE
- CVE-2026-42354 - Sentry SAML SSO identity linking
- CVE-2026-42560 - go-pkgz/auth Patreon identity collision
- CVE-2026-42779 - Apache MINA resolveClass deserialization RCE
- CVE-2026-43824 - Argo CD ServerSideDiff secret disclosure
- CVE-2026-4882 - WordPress User Registration Advanced Fields upload RCE
- CVE-2026-7458 - WordPress User Verification OTP auth bypass
- CVE-2026-7567 - WordPress Temporary Login auth bypass
- GHSA-3xx2/GHSA-47wq - Paperclip agent key tenant-boundary bypass
- GHSA-vr7g-88fq-vhq3 - Paperclip workspace cleanup command injection
- GHSA-xh72/GHSA-xmxx - OpenClaw agent-surface fail-closed bypasses
- CVE-2026-43011 - In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb
- CVE-2026-43037 - In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err
- CVE-2026-43038 - In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_ge
- CVE-2026-40976 - In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to al
- CVE-2026-33453 - Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Apache Camel C
- CVE-2026-40860 - JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized
- CVE-2026-24159 — NVIDIA NeMo deserialization RCE
- CVE-2026-24164 — NVIDIA BioNeMo deserialization RCE
- CVE-2026-33824 — Windows IKEv2 remote code execution
- CVE-2026-5760 — SGLang GGUF template RCE
- CVE-2026-31682 - In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before p
- CVE-2026-31685 - In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC
- CVE-2026-6951 - Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incom
- CVE-2026-31607 - In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip
- CVE-2026-31637 - In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response
- CVE-2026-31649 - In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chai
- CVE-2026-31657 - In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways b
- CVE-2026-31659 - In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT res
- CVE-2026-31668 - In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and out
- CVE-2026-31669 - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_l
- CVE-2026-31533 - In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY erro
- CVE-2026-3844 - The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validat
- CVE-2026-41176 - Rclone is a command-line program to sync files and directories to and from different cloud storage providers
- CVE-2026-41179 - Rclone is a command-line program to sync files and directories to and from different cloud storage providers
- CVE-2026-31436 - In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descri
- CVE-2026-31448 - In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by resid
- CVE-2026-31478 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2_len with off
- CVE-2026-40575 - OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers
- CVE-2026-40906 - Electric is a Postgres sync engine. From 1.1.12 to before 1.5.0, the order_by parameter in the ElectricSQL /v1
- CVE-2026-6748 - Uninitialized memory in the Audio/Video: Web Codecs component
- CVE-2026-33557 - A possible security vulnerability has been identified in Apache Kafka
- CVE-2025-14813 - Bouncy Castle for Java GOST 28147 CTR mode reuses keystream after 255 blocks
- CVE-2026-40477 - Thymeleaf is a server-side Java template engine for web and standalone environments
- CVE-2026-40478 - Thymeleaf is a server-side Java template engine for web and standalone environments
- CVE-2026-5720 - miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attacker
- CVE-2026-54333 - UEFI Firmware Parser has a stack out-of-bounds write in tiano decompressor MakeTable
- CVE-2026-54334 - UEFI Firmware Parser has a heap out-of-bounds write in tiano decompressor ReadCLen
- CVE-2025-41118 - Pyroscope is an open-source continuous profiling database
- CVE-2026-20186 - A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execu
- CVE-2026-6388 - A flaw was found in ArgoCD Image Updater
- CVE-2026-0234 - An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM plat
- CVE-2025-62718 - Axios is a promise based HTTP client for the browser and Node.js
- CVE-2026-39892 - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers
- CVE-2026-0740 - The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due to missing fil
- CVE-2026-1114 - LoLLMs is vulnerable to Improper Access Control through weak secret key
- CVE-2026-20889 - A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d2031
- CVE-2026-20911 - A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b5
- CVE-2026-21413 - A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit
- CVE-2026-28808 - Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scrip
- CVE-2026-33815 - pgx contains memory-safety vulnerability
- CVE-2026-33816 - Memory-safety vulnerability in github.com/jackc/pgx/v5
- CVE-2026-34078 - Flatpak is a Linux application sandboxing and distribution framework
- CVE-2026-34582 - Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationDa
- CVE-2026-5731 - Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149
- CVE-2026-5734 - Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 14
- CVE-2026-5735 - Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1
- CVE-2026-34444 - Lupa integrates the runtimes of Lua or LuaJIT2 into CPython
- CVE-2026-35030 - LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format
- CVE-2026-0545 - In mlflow/mlflow, the FastAPI job endpoints under /ajax-api/3.0/jobs/* are not protected by authentication o
- CVE-2026-23428 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of share_conf in
- CVE-2026-23450 - In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in s
- CVE-2026-23455 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for ze
- CVE-2026-31402 - In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK re
- CVE-2026-32871 - FastMCP is a Pythonic way to build MCP servers and clients
- CVE-2026-20160 - A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote a
- CVE-2026-3300 - The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in al
- CVE-2025-15036 - A path traversal vulnerability exists in the extract_archive_to_dir function within the mlflow/pyfunc/dbcon
- CVE-2025-15379 - A command injection vulnerability exists in MLflow's model serving container initialization code, specifically
- CVE-2026-34714 - Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default
- CVE-2026-27876 - A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execu
- CVE-2026-33701 - OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries f
- CVE-2026-33757 - OpenBao is an open source identity-based secrets management system
- CVE-2026-33937 - Handlebars provides the power necessary to let users build semantic templates
- CVE-2026-33195 - Active Storage allows users to attach cloud and local files in Rails applications
- CVE-2026-33211 - Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines
- CVE-2026-4688 - Sandbox escape due to use-after-free in the Disability Access APIs component
- CVE-2026-4689 - Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
- CVE-2026-4691 - Use-after-free in the CSS Parsing and Computation component
- CVE-2026-4692 - Sandbox escape in the Responsive Design Mode component
- CVE-2026-4696 - Use-after-free in the Layout: Text and Fonts component
- CVE-2026-4698 - JIT miscompilation in the JavaScript Engine: JIT component
- CVE-2026-4700 - Mitigation bypass in the Networking: HTTP component
- CVE-2026-4720 - Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
- CVE-2026-4721 - Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Th
- CVE-2026-4729 - Memory safety bugs present in Firefox 148 and Thunderbird 148
- CVE-2026-4599 - Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Mi
- CVE-2026-33186 - gRPC-Go is the Go language implementation of gRPC
- CVE-2026-33210 - Ruby JSON is a JSON implementation for Ruby
- CVE-2026-33228 - flatted is a circular JSON parser. Prior to version 3.4.2, the parse() function in flatted can use attacker-co
- CVE-2006-10003 - XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack
- CVE-2025-15031 - A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handlin
- CVE-2026-27459 - pyOpenSSL is a Python wrapper around the OpenSSL library
- CVE-2026-31938 - jsPDF is a library to generate PDFs in JavaScript
- CVE-2026-3564 - A condition in the ScreenConnect server component may allow an actor with access to server-level cryptographic
- CVE-2026-27962 - Authlib is a Python library which builds OAuth and OpenID Connect servers
- CVE-2026-32640 - SimpleEval is a library for adding evaluatable expressions into python projects
- CVE-2026-4177 - YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-seve
- CVE-2026-31806 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-32304 - Locutus brings stdlibs of other programming languages to JavaScript for educational purposes
- CVE-2026-28229 - Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernete
- CVE-2026-28292 - simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15
- CVE-2026-3823 - EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing
- CVE-2026-28802 - Authlib is a Python library which builds OAuth and OpenID Connect servers
- CVE-2026-29063 - Immutable.js provides many Persistent Immutable data structures
- CVE-2026-27446 - Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemi
- CVE-2026-2293 - A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middlewar
- CVE-2026-27148 - Storybook is a frontend workshop for building user interface components and pages in isolation
- CVE-2026-27727 - mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations
- CVE-2026-2757 - Incorrect boundary conditions in the WebRTC: Audio/Video component
- CVE-2026-2758 - Use-after-free in the JavaScript: GC component
- CVE-2026-2759 - Incorrect boundary conditions in the Graphics: ImageLib component
- CVE-2026-2760 - Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component
- CVE-2026-2761 - Sandbox escape in the Graphics: WebRender component
- CVE-2026-2762 - Integer overflow in the JavaScript: Standard Library component
- CVE-2026-2763 - Use-after-free in the JavaScript Engine component
- CVE-2026-2764 - JIT miscompilation, use-after-free in the JavaScript Engine: JIT component
- CVE-2026-2765 - Use-after-free in the JavaScript Engine component
- CVE-2026-2766 - Use-after-free in the JavaScript Engine: JIT component
- CVE-2026-2767 - Use-after-free in the JavaScript: WebAssembly component
- CVE-2026-2768 - Sandbox escape in the Storage: IndexedDB component
- CVE-2026-2770 - Use-after-free in the DOM: Bindings (WebIDL) component
- CVE-2026-2771 - Undefined behavior in the DOM: Core & HTML component
- CVE-2026-2772 - Use-after-free in the Audio/Video: Playback component
- CVE-2026-2773 - Incorrect boundary conditions in the Web Audio component
- CVE-2026-2774 - Integer overflow in the Audio/Video component
- CVE-2026-2775 - Mitigation bypass in the DOM: HTML Parser component
- CVE-2026-2776 - Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
- CVE-2026-2777 - Privilege escalation in the Messaging System component
- CVE-2026-2778 - Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component
- CVE-2026-2792 - Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147
- CVE-2026-2793 - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Th
- CVE-2026-2795 - Use-after-free in the JavaScript: GC component
- CVE-2026-2796 - JIT miscompilation in the JavaScript: WebAssembly component
- CVE-2026-2797 - Use-after-free in the JavaScript: GC component
- CVE-2026-2799 - Use-after-free in the DOM: Core & HTML component
- CVE-2026-2807 - Memory safety bugs present in Firefox 147 and Thunderbird 147
- CVE-2026-25896 - fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C+
- CVE-2026-24834 - Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machine
- CVE-2025-69872 - DiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default
- CVE-2026-1615 - Versions of the package jsonpath before 1.3.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation
- CVE-2026-1709 - A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transpo
- CVE-2026-22778 - vLLM is an inference and serving engine for large language models (LLMs)
- CVE-2025-61140 - The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution
- CVE-2025-55130 - A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write rest
- CVE-2025-56005 - An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE
- CVE-2026-22797 - An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before
- CVE-2026-23530 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-23531 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-23532 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-23533 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-23534 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-23883 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-23884 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-22853 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-22855 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-22858 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-22859 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-0879 - Sandbox escape due to incorrect boundary conditions in the Graphics component
- CVE-2026-0881 - Sandbox escape in the Messaging System component
- CVE-2025-61686 - React Router is a router for React. In @react-router/node versions 7.0.0 through 7.9.3, @remix-run/deno prior
- CVE-2025-12543 - A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applica
- CVE-2025-67268 - gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2
- CVE-2025-67288 - An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary code by up
- CVE-2025-68263 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipc_msg_
- CVE-2025-41115 - SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations
- CVE-2025-10230 - A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are pa
- CVE-2025-7852 - The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation
- CVE-2025-23266 - NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the conta
- CVE-2020-36847 - The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and includ
- CVE-2025-4404 - A privilege escalation from host to domain vulnerability was found in the FreeIPA project
- CVE-2025-49794 - A use-after-free vulnerability was found in libxml2
- CVE-2025-49796 - A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger
- CVE-2025-37924 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos auth
- CVE-2025-32911 - A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition(
- CVE-2025-24207 - A permissions issue was addressed with additional restrictions
- CVE-2025-24211 - This issue was addressed with improved memory handling
- CVE-2025-24246 - An injection issue was addressed with improved validation
- CVE-2025-24250 - This issue was addressed with improved access restrictions
- CVE-2025-24253 - This issue was addressed with improved handling of symlinks
- CVE-2025-31183 - The issue was addressed with improved restriction of data container access
- CVE-2025-26988 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vis
- CVE-2024-12084 - A heap-based buffer overflow flaw was found in the rsync daemon
- CVE-2024-55591 - An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version
- CVE-2023-42789 - A out-of-bounds write vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.5, Fort
- CVE-2024-22416 - Cross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalation
- CVE-2015-1778 - Opendaylight will authenticate any username and password combination
- CVE-2022-26258 - D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST t
- CVE-2021-42237 - Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attac
- CVE-2020-36326 - Object injection in PHPMailer/PHPMailer
- CVE-2020-24881 - SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scan
- CVE-2020-26867 - ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, wh
- CVE-2020-25213 - The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execu
- CVE-2019-19634 - class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension fo
- CVE-2019-19576 - class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for
- CVE-2018-1273 - Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain
- CVE-2017-8046 - Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), ve