VIR Vulnerability Intelligence Relay

Search

Found 38,331 results in 6369ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-37431 critical 9.8 9.8 29d ago Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers …
CVE-2026-44336 critical 9.6 9.6 praison 29d ago PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection
CVE-2026-44335 critical 9.8 9.8 praison 29d ago PraisonAI has an SSRF bypass
CVE-2026-43341 critical 9.8 9.8 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6_fill_trace_data() stores the schema contribution to the tra…
CVE-2026-43304 critical 9.8 9.8 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPH_MAX_KEY_LEN When decoding the key, verify that the key material would fit into a fixed-size buff…
CVE-2026-41512 critical 9.9 9.9 mozilla 29d ago ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in `BrowserAutomati…
CVE-2026-41509 critical 9.8 9.8 cross-crypto 29d ago CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in crypto_sign_open() caused b…
CVE-2026-41507 critical 9.8 9.8 mauriciopoppe 29d ago Remote Code Execution (RCE) via String Literal Injection into math-codegen
CVE-2026-41497 critical 9.8 9.8 praison 29d ago PraisonAI has an incomplete fix for CVE-2026-34935 - OS Command Injection
CVE-2026-32803 low 3.3 3.3 29d ago Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileg…
CVE-2026-25199 critical 9.1 9.1 apache 29d ago Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxm…
CVE-2026-8153 critical 9.8 9.8 29d ago OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS.
CVE-2013-10075 critical 9.1 9.1 debian debian chorny 29d ago Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not ex…
CVE-2026-44916 low 3.0 3.0 FIX debian debian 1mo ago In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing.
CVE-2025-69691 critical 9.9 9.9 pfsense 1mo ago Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the Supplier disputes this because the API call is only available to admins and they are intentionally all…
CVE-2025-69690 critical 9.1 9.1 pfsense 1mo ago Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the post_reboot_commands property. NOTE: the Supplier disputes …
CVE-2025-69599 critical 9.8 9.8 1mo ago RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to c…
CVE-2025-67887 critical 9.8 9.8 1mo ago 1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess fil…
CVE-2023-46453 critical 9.8 9.8 1mo ago Certain GL.iNet devices with 4.x firmware allow authentication bypass (resulting in administrative control of the device) via a username that is both a valid SQL statement and a valid regular express…
CVE-2024-51092 critical 9.1 10.0 EXP librenms 1mo ago LibreNMS has an Authenticated OS Command Injection
CVE-2026-8136 low 2.4 2.4 1mo ago A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead…
CVE-2026-43944 critical 9.6 9.6 electerm_project 1mo ago Electerm users can run dangrous code through link or command line
CVE-2026-43941 critical 9.6 9.6 electerm_project 1mo ago Electerm has an unvalidated shell.openExternal that allows arbitrary protocol execution via terminal link click
CVE-2026-42264 critical 9.1 9.1 FIX slesdebian debian axios 1mo ago Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking
CVE-2026-42208 critical 9.8 10.0 KEV litellm 1mo ago BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the cr…
CVE-2026-41900 critical 10.0 10.0 th30d4y 1mo ago OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution envir…
CVE-2026-41501 critical 9.8 9.8 electerm_project 1mo ago electerm has Command Injection via runLinux funtion
CVE-2026-41500 critical 9.8 9.8 electerm_project 1mo ago electerm: electerm_install_script_CommandInjection Vulnerability Report
CVE-2026-41498 low 3.3 3.3 kimai 1mo ago Kimai has Missing Object-Level Authorization in the Team API
CVE-2026-42880 critical 9.6 9.6 argoproj 1mo ago ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction
CVE-2026-8034 critical 9.8 9.8 github 1mo ago A server-side request forgery (SSRF) vulnerability was identified in the GitHub Enterprise Server notebook viewer that allowed an attacker to access internal services by exploiting URL parser confusi…
CVE-2026-42826 critical 10.0 10.0 windows windows microsoft 1mo ago Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.
CVE-2026-35428 critical 9.6 9.6 windows windows microsoft 1mo ago Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-33844 critical 9.0 9.0 windows windows microsoft 1mo ago Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
CVE-2026-33823 critical 9.6 9.6 windows windows microsoft 1mo ago Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.
CVE-2026-33109 critical 9.9 9.9 windows windows microsoft 1mo ago Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
CVE-2026-41691 critical 9.1 9.1 i18next 1mo ago Copilot said: i18nextify is a JavaScript library that adds i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 3…
CVE-2026-27964 low 3.9 3.9 1mo ago FacturaScripts vulnerable to Reflected Cross-Site Scripting (XSS) via Cookie Manipulation
CVE-2026-42284 critical 9.8 9.8 FIX slesdebian debian gitpython_project 1mo ago GitPython: Unsafe option check validates multi_options before shlex.split transformation
CVE-2026-41902 critical 9.1 9.1 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, the /user-setup/{hash} endpoint accepts a 60-character random invite_hash to set a new use…
CVE-2026-7415 critical 9.8 9.8 1mo ago The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetr…
CVE-2026-7414 critical 9.8 9.8 1mo ago Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or r…
CVE-2026-7413 critical 9.8 9.8 1mo ago A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cann…
CVE-2026-7821 critical 9.1 9.1 ivanti 1mo ago Improper certificate validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to enroll a device belonging to a restricted set of unenrolled…
CVE-2026-5788 critical 9.8 9.8 ivanti 1mo ago An Improper Access Control in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to invoke arbitrary methods.
CVE-2026-5787 critical 9.1 9.1 ivanti 1mo ago An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to impersonate registered Sentry hosts and obtain valid CA-…
CVE-2025-63704 critical 9.8 9.8 1mo ago query-parser-string is vulnerable to Prototype Pollution
CVE-2025-63703 critical 9.8 9.8 1mo ago parse-ini is vulnerable to Prototype Pollution in index.js()
CVE-2026-36458 critical 9.8 9.8 1mo ago ChestnutCMS v1.5.10 has a SQL injection vulnerability. The content parameter of the cms_content tag can be manipulated in the admin backend and injected into a SQL query when the template is rendered.
CVE-2025-63706 critical 9.8 9.8 1mo ago next-npm-version is vulnerable to Command injection
CVE-2026-6795 critical 9.6 9.6 1mo ago URL redirection to untrusted site ('open redirect') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Parameter Injection. This issue affects DivvyDrive: from 4.8.2.9 befor…
CVE-2026-41589 critical 9.6 9.6 charm 1mo ago Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A ma…
CVE-2026-30496 critical 9.8 9.8 1mo ago The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports bot…
CVE-2026-8091 critical 9.8 9.8 FIX debian debian sles mozilla 1mo ago Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.…
CVE-2026-6508 critical 9.8 9.8 1mo ago Origin Validation Error vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Lidera…
CVE-2026-33587 critical 10.0 10.0 lfnovo 1mo ago Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code (and subsequently OS commands) on the docker container via Server-Side Template Injection (S…
CVE-2025-1978 critical 9.8 9.8 hitachi 1mo ago Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Vi…
CVE-2025-9661 critical 9.8 9.8 hitachi 1mo ago OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28. This issue affects Hitachi Virtual Storage Platform On…
CVE-2026-41586 critical 9.5 1mo ago fabric-sdk-java has ObjectInputStream.readObject() without ObjectInputFilter, which allows Java deserialization RCE
CVE-2026-44603 critical 9.1 9.1 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007.
CVE-2026-42217 critical 9.8 9.8 slesdebian debian openexr 1mo ago OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3…
CVE-2026-42216 critical 9.1 9.1 slesdebian debian openexr 1mo ago OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3…
CVE-2026-41203 critical 9.5 1mo ago CI4MS Theme::upload is vulnerable to Zip Slip leading to RCE
CVE-2026-41202 critical 9.5 1mo ago CI4MS Backup::restore is vulnerable to Zip Slip leading to RCE
CVE-2026-41201 critical 9.1 9.1 1mo ago CI4MS: Backup Management Full Account Takeover for All Roles & Privilege Escalation via Stored DOM Blind XSS
CVE-2026-40982 critical 9.1 9.1 vmware 1mo ago Spring Cloud Config vulnerable to Path Traversal
CVE-2026-44597 critical 9.1 9.1 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011.
CVE-2026-40281 critical 9.1 9.1 thecodingmachine 1mo ago Gotenberg has ExifTool stdin argument injection via metadata value newlines (bypass of key sanitization fix)
CVE-2026-44112 critical 9.6 9.6 openclaw 1mo ago OpenClaw: OpenShell FS bridge writes stay pinned to the sandbox mount root
CVE-2026-44109 critical 9.8 9.8 openclaw 1mo ago OpenClaw: Feishu webhook and card-action validation now fail closed
CVE-2026-43585 critical 9.8 9.8 openclaw 1mo ago OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation
CVE-2026-43581 critical 9.6 9.6 openclaw 1mo ago OpenClaw before 2026.4.10 contains an improper network binding vulnerability in the sandbox browser CDP relay that exposes Chrome DevTools Protocol on 0.0.0.0. Attackers can access the DevTools proto…
CVE-2026-43578 critical 9.1 9.1 openclaw 1mo ago OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can…
CVE-2026-43575 critical 9.8 9.8 openclaw 1mo ago OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in the sandbox noVNC helper route that exposes interactive browser session credentials. Attackers can acces…
CVE-2026-44262 critical 9.4 10.0 EXP 1mo ago Scramble vulnerable to remote code execution via evaluation of user-controlled input in validation rules
CVE-2026-8022 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted …
CVE-2026-8017 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-7968 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafte…
CVE-2026-7966 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c…
CVE-2026-7965 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…
CVE-2026-7959 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.…
CVE-2026-7954 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security…
CVE-2026-7949 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromi…
CVE-2026-7945 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HT…
CVE-2026-7944 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via …
CVE-2026-7937 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a c…
CVE-2026-7910 critical 9.6 9.6 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security…
CVE-2026-7909 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pa…
CVE-2026-7908 critical 9.6 9.6 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Fullscreen in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-41930 critical 9.8 9.8 1mo ago Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin con…
CVE-2026-0300 critical 9.8 10.0 KEV 1mo ago Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitra…
CVE-2026-8028 low 3.7 3.7 flowiseai 1mo ago A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Perf…
CVE-2025-31959 low 3.5 3.5 hcltech 1mo ago HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentio…
CVE-2026-5081 critical 9.1 9.1 debian debian chorny 1mo ago Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value of the UNIQUE_…
CVE-2026-6210 unknown FIX slesdebian debianwindows windows 1mo ago A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id at…
CVE-2026-43208 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: do not pass flow_id to set_rps_cpu() Blamed commit made the assumption that the RPS table for each receive queue would have …
CVE-2026-43198 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv_sock() Code in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock() is done…
CVE-2026-43197 critical 9.1 9.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: netconsole: avoid OOB reads, msg is not nul-terminated msg passed to netconsole from the console subsystem is not guaranteed to b…
CVE-2026-43186 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() On the receive path, __ioam6_fill_trace_data() uses trace->node…
CVE-2026-43185 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smb_direct_prepare_negotiation() smb_direct_prepare_negotiation() casts an unsigned __u32 value fr…