VIR Vulnerability Intelligence Relay

Search

Found 53,824 results in 4355ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-46134 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration cros_typec_register_thunderbolt() missed initializing the …
CVE-2026-46133 high 7.5 7.5 FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 ("RDMA/rxe: Validate pad and ICRC…
CVE-2026-46132 unknown FIX debian debianwindows windows sles google 9d ago In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo rtnl_fill_vfinfo() declares struct ifla_vf_bro…
CVE-2026-46131 unknown FIX debian debianwindows windows sles google 9d ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking is_guest_mode(vcpu) is incorrect, because translate_nested_gpa() …
CVE-2026-46130 unknown FIX debian debianwindows windows sles 9d ago In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks (take 3) fec_decode_bufs() assumes that the parity bytes of the first…
CVE-2026-46129 high 7.8 7.8 FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free in create_space_info() error path When kobject_init_and_add() fails, the call chain is: create_space_info…
CVE-2026-46128 unknown FIX debian debianwindows windows sles 9d ago In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when process…
CVE-2026-46127 unknown FIX debian debianwindows windows sles 9d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp() Sashiko points out that pd->uctx isn't initialized until l…
CVE-2026-46126 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() Sashiko points out there are two bugs here in the error u…
CVE-2026-46125 high 8.8 8.8 FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: remove station if connection prep fails If connection preparation fails for MLO connections, then the interface i…
CVE-2026-46124 high 7.5 7.5 FIX debian debian sleswindows windows google 9d ago In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofs_export_iget isofs_fh_to_dentry() and isofs_fh_to_parent() pass an atta…
CVE-2026-46123 high 7.7 7.7 FIX debian debianwindows windows sles 9d ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtio_bt: clamp rx length before skb_put virtbt_rx_work() calls skb_put(skb, len) where len comes directly from virtq…
CVE-2026-46122 unknown FIX debian debianwindows windows sles 9d ago In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43_rx() The firmware-controlled key index in b43_rx() can exceed the de…
CVE-2026-46121 unknown FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock Patch series "mm/damon/sysfs-schemes: fix use-after-free…
CVE-2026-46120 high 7.8 7.8 FIX debian debianwindows windows sles google 9d ago In the Linux kernel, the following vulnerability has been resolved: ip6_gre: Use cached t->net in ip6erspan_changelink(). After commit 5e72ce3e3980 ("net: ipv6: Use link netns in newlink() of rtnl_…
CVE-2026-46118 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle() commit 6d3789d347a7 ("papr-hvpipe: convert papr_hvpipe…
CVE-2026-46117 high 7.8 7.8 FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() Sashiko points out that the user can specify WQs sharing …
CVE-2026-46116 high 7.8 7.8 FIX debian debianwindows windows sles google 9d ago In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete KASAN reproduces a slab-use-after-free in __xfrm_state_delete()'…
CVE-2026-46114 high 7.5 7.5 FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads atomic_write_reply() at drivers/infiniband/sw/rxe/rxe_resp.c unconditionally de…
CVE-2026-46113 high 8.8 8.8 FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp->g…
CVE-2026-46112 high 7.8 7.8 FIX debian debianwindows windows sles 9d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hns_roce_qp_remove() Sashiko points out that hns_roce_qp_remove() requires the caller to hold lock…
CVE-2026-46111 high 7.8 7.8 FIX debian debianwindows windows sles 9d ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fix potential UAF in create_big_sync Add hci_conn_valid() check in create_big_sync() to detect stale connect…
CVE-2026-46110 high 7.5 7.5 FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU a…
CVE-2026-46109 unknown FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpi_register() error paths Commit 01af542392b5 ("usb: ulpi: fix double free in ulpi_register_inter…
CVE-2026-46108 unknown FIX debian debianwindows windows sles 9d ago In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message alloca…
CVE-2026-46107 high 7.8 7.8 FIX debian debianwindows windows sles google 9d ago In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalance_children. If the internal btree node …
CVE-2026-46106 unknown FIX debian debianwindows windows sles google 9d ago In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfs_mutex and SRCU when remount walks events Commit 340f0c7067a9 ("eventfs: Update all the eventfs_inodes from …
CVE-2026-46105 high 7.8 7.8 FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capabilit…
CVE-2026-46104 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sock_has…
CVE-2026-9804 high 7.7 7.7 sleswindows windows 9d ago A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing …
CVE-2026-6226 high 8.8 8.8 9d ago The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthenticated privilege escalation in versions up to and including 3.29.2. This is due to insecure form submission handling th…
CVE-2024-47097 unknown 9d ago Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do.
CVE-2024-47096 unknown 9d ago Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of hand…
CVE-2026-9806 unknown 9d ago A stored cross-site scripting (XSS) vulnerability exists in the notification panel of CTI Transmute in versions prior to the patched release. Notification messages containing user-controlled convert …
CVE-2026-9227 high 8.8 8.8 9d ago The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.20.1 via the gutenbee_file_and_ext_json function. This is due to a …
CVE-2026-7862 high 8.6 8.6 9d ago The Eupago Gateway For Woocommerce WordPress plugin before 4.7.2 does not properly restrict access to its refund request handler, allowing unauthenticated attackers to initiate refunds against any Wo…
CVE-2026-7797 high 7.5 7.5 9d ago The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'append_where_sql' parameter in all version…
CVE-2026-7634 high 7.2 7.2 9d ago The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'User-Agent' header in all versions up to, and including, 5.4.11 due to insufficient input sanitizatio…
CVE-2026-7052 high 7.2 7.2 9d ago The HT Contact Form – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'file_upload' parameter in all versions up to, and including, 2.…
CVE-2026-6455 high 8.1 8.1 9d ago The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Deletion via SQL Injection and PHP Object Injection in versions up to and i…
CVE-2026-44604 high 7.0 7.0 debian debian 9d ago A command injection vulnerability was discovered in the `rpmuncompress` utility of RPM. When extracting certain archive formats (ZIP, 7z, GEM) to a specified destination directory, the tool inserts t…
CVE-2026-9009 high 8.8 8.8 9d ago The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filter_content function. This is due t…
CVE-2026-9795 high 7.3 7.3 redhat 9d ago A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, in…
CVE-2026-9793 high 7.5 7.5 redhat 9d ago A flaw was found in Keycloak. When a JSON Web Encryption (JWE) encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing …
CVE-2026-7802 high 8.8 8.8 9d ago The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user …
CVE-2026-32998 unknown 9d ago This vulnerability in Veeam Service Provider Console allows for remote code execution.
CVE-2026-32997 unknown 9d ago A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server.
CVE-2026-32996 unknown 9d ago This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
CVE-2026-32995 high 7.5 7.5 9d ago The Rocket.Chat DDP method autoTranslate.translateMessage in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.5, <7.13.8, and <7.10.12 accepts a client-supplied IMessage object and passes it dir…
CVE-2026-2374 high 7.2 7.2 9d ago The Login No Captcha reCAPTCHA plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `$_SERVER['PHP_SELF']` superglobal in all versions up to, and including, 1.8.0. This is due to…
CVE-2026-9789 unknown 9d ago A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe wi…
CVE-2026-8915 high 8.8 8.8 samsung 9d ago Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31.
CVE-2026-34079 high 8.0 FIX debian debian sles rhel 9d ago Important: flatpak security update
CVE-2026-34078 high 8.0 FIX debian debian sles rhel 9d ago Important: flatpak security update
CVE-2026-23392 high 8.0 FIX sles rheldebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call synchronize_rcu() after unregistering the hooks from…
CVE-2025-71089 high 8.0 FIX sles rheldebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a f…
CVE-2025-68366 high 8.0 FIX sles rheldebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbd_genl_connect There is one use-after-free warning when running NBD_CMD_CONNECT and NBD_CLEAR_SOCK:…
CVE-2025-68347 high 8.0 FIX slesdebian debianalmalinux almalinux 9d ago In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdep_read() could write mor…
CVE-2025-68183 high 8.0 FIX sles rheldebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA …
CVE-2025-38653 high 8.0 FIX rhel slesdebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may ca…
CVE-2026-45725 high 8.0 9d ago compliance-trestle Remote Fetching Mechanism has an Arbitrary File Write via Cache Path Traversal
CVE-2026-47717 high 8.0 9d ago FUXA's Unauthenticated Project Data Disclosure Exposes Server-Side Scripts and Device Configurations
CVE-2026-47243 high 8.0 9d ago Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs
CVE-2026-45704 high 8.0 9d ago Pimcore has a CustomReports Share Bypass
CVE-2026-46414 high 8.8 8.8 9d ago Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fie…
CVE-2026-46402 high 8.1 8.1 9d ago Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled task_name value directly when constructing se…
CVE-2026-9739 unknown 9d ago Vulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During the beta phase, we implemented `allowed-origins` and `allowed-hosts` flags to align with MCP security guidelines. Howev…
CVE-2026-45322 high 7.8 7.8 9d ago Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in …
CVE-2026-45332 high 7.5 7.5 9d ago Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcr…
CVE-2026-47269 high 7.4 7.4 9d ago pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pam_usb's deny_remote feature checks utmpx ut_addr_v6 to detect whether an authentication request o…
CVE-2026-44713 high 8.8 8.8 9d ago pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the so…
CVE-2026-44712 high 8.2 8.2 9d ago pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $(id>/tmp/rce) in the config causes root RCE when pamusb-conf --reset-pads is…
CVE-2026-44711 high 7.9 7.9 9d ago pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption…
CVE-2026-44709 high 7.8 7.8 9d ago pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly withou…
CVE-2026-9208 high 8.8 8.8 9d ago Tanium addressed an unauthorized code execution vulnerability in Connect.
CVE-2026-8361 high 7.5 7.5 9d ago A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome
CVE-2026-8360 high 7.5 7.5 9d ago Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll) can return a NULL pointer (i.e., when no user is logged into th…
CVE-2026-8359 high 7.5 7.5 9d ago When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would b…
CVE-2026-48064 high 8.1 8.1 9d ago pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage…
CVE-2026-47272 high 7.1 7.1 9d ago pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusb_pad_compare() function in src/pad.c only verified that the user-side pad (~/.pamusb/device.…
CVE-2026-44982 high 8.0 9d ago CrowdSec AppSec silently drops request body for chunked / HTTP-2 requests
CVE-2026-44726 high 8.0 9d ago Deno's TLS retry copies stale upgrade hook, risking plaintext traffic
CVE-2026-44886 unknown 9d ago Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devi…
CVE-2026-45108 high 8.4 8.4 sles 9d ago Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Autho…
CVE-2026-45104 high 7.5 7.5 FIX debian debian osgeo 9d ago MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls _SLDApplyRuleValues(psRule, psLayer, 1); for any <Rule> carrying <ElseFil…
CVE-2026-47161 unknown 9d ago RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An atta…
CVE-2026-42197 high 8.7 8.7 9d ago RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execut…
CVE-2026-44635 high 7.5 7.5 9d ago Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters (., [, ], *, **, ?). When attacker-controlle…
CVE-2026-45617 high 8.0 9d ago LiquidJS Vulnerable to ReDoS via Quadratic Backtracking in `strip_html` Filter Regex
CVE-2026-4868 high 8.2 8.2 gitlab 9d ago GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that, under certain conditions, could have allowed an authent…
CVE-2026-45368 high 8.0 9d ago Kirby CMS vulnerable to cross-site scripting (XSS) from links in KirbyTags and image blocks in the site frontend
CVE-2026-45088 high 7.5 7.5 9d ago Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`
CVE-2026-45357 high 8.0 9d ago LiquidJS has a memory and render limit bypass via unbounded width padding in `date` filter (strftime)
CVE-2026-45089 high 8.2 8.2 9d ago Dalfox Server Mode has an Unauthenticated Arbitrary File Create/Append via `output` Option
CVE-2026-45090 high 7.5 7.5 9d ago Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both wri…
CVE-2026-42553 high 8.0 9d ago Cinny is a Matrix client. Prior to 4.10.3, A remote authenticated attacker who shares a room with a victim and has permissions to create room emotes (for example in a DM) can cause the victim's clien…
CVE-2026-5509 high 7.2 7.2 tp-link 9d ago An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interf…
CVE-2026-44346 high 8.8 8.8 bentoml 9d ago BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs[*].n…
CVE-2026-45260 high 8.0 9d ago Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling
CVE-2026-45548 high 7.7 7.7 9d ago Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation