VIR Vulnerability Intelligence Relay

Search

Found 45,568 results in 3351ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-8561 medium 5.4 5.4 FIX debian debianmacos macos linux-kernel google 23d ago Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8560 medium 4.3 4.3 FIX debian debianmacos macoswindows windows google 23d ago Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium securi…
CVE-2026-8559 medium 4.3 4.3 FIX debian debianwindows windows google 23d ago Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium secu…
CVE-2026-8556 low 3.1 3.1 FIX debian debianwindows windows google 23d ago Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HT…
CVE-2026-8554 low 3.1 3.1 FIX debian debianwindows windows google 23d ago Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted H…
CVE-2026-8553 low 3.1 3.1 FIX debian debianwindows windows google 23d ago Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Ch…
CVE-2026-8552 medium 4.3 4.3 FIX debian debianwindows windows google 23d ago Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity…
CVE-2026-8550 medium 6.5 6.5 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memo…
CVE-2026-8546 medium 5.3 5.3 FIX debian debianmacos macoswindows windows google 23d ago Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information fr…
CVE-2026-8545 low 3.1 3.1 FIX debian debianmacos macos linux-kernel google 23d ago Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromi…
CVE-2026-8543 medium 5.3 5.3 FIX debian debianmacos macoswindows windows google 23d ago Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive infor…
CVE-2026-8541 medium 5.3 5.3 FIX debian debianmacos macos linux-kernel google 23d ago Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory vi…
CVE-2026-8539 medium 5.4 5.4 FIX debian debianwindows windows google 23d ago Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security s…
CVE-2026-8538 medium 5.3 5.3 FIX debian debianwindows windows google 23d ago Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a craf…
CVE-2026-8537 medium 4.3 4.3 FIX debian debianwindows windows google 23d ago Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: H…
CVE-2026-8536 low 3.1 3.1 FIX debian debianmacos macoswindows windows google 23d ago Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation v…
CVE-2026-8535 medium 5.3 5.3 FIX debian debian linux-kernelwindows windows google 23d ago Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informati…
CVE-2026-8528 medium 4.3 4.3 FIX debian debianmacos macos linux-kernel google 23d ago Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a …
CVE-2026-8516 medium 5.3 5.3 FIX debian debianmacos macos linux-kernel google 23d ago Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentia…
CVE-2026-44638 low 2.5 2.5 FIX debian debian sles saitoha 23d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel_decode_raw and sixel_decode causes a NULL pointe…
CVE-2026-43996 medium 5.5 5.5 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decode_…
CVE-2026-26062 medium 6.5 6.5 fleetdm 23d ago Fleet server may terminate unexpectedly when handling certain gRPC requests
CVE-2026-24000 medium 5.3 5.3 fleetdm 23d ago Fleet has a rate limiting bypass via untrusted client IP headers
CVE-2026-45299 medium 5.4 5.4 openwebui 23d ago Open WebUI has Stored Cross-Site Scripting In Profile Picture
CVE-2026-45021 medium 5.5 23d ago Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin…
CVE-2026-45148 medium 4.3 4.3 23d ago SiYuan has broken access control in `/api/search/{searchAsset,searchTag,searchWidget,searchTemplate}` publish-mode
CVE-2026-45147 medium 4.3 4.3 23d ago SiYuan: Broken access control in `/api/tag/getTag` — Reader role can mutate `Conf.Tag.Sort` and persist to disk
CVE-2026-44589 low 3.7 3.7 23d ago nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
CVE-2026-38740 medium 5.3 5.3 23d ago Foscam VD1 Video Doorbell before V5.3.13_1072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol (SDP), including ICE creden…
CVE-2026-27680 medium 4.3 4.3 sap 23d ago Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets (CSS) data into a web page served by the appl…
CVE-2026-22707 medium 5.4 5.4 strapi 23d ago Strapi Upload Plugin MIME Validation Bypass via Content API
CVE-2026-22706 medium 6.5 6.5 strapi 23d ago Strapi: Password Reset Does Not Revoke Existing Refresh Sessions
CVE-2025-64526 medium 5.3 5.3 strapi 23d ago Strapi has a rate limit bypass on users-permissions plugin via attacker-controlled email keying
CVE-2026-44970 low 2.5 23d ago dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction
CVE-2026-44969 low 2.5 23d ago dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled
CVE-2026-44968 medium 5.5 23d ago dbt MCP Server has an Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters
CVE-2026-46469 medium 5.5 5.5 FIX debian debian sles freedesktop 23d ago An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak function does not sufficiently validate atom data before per…
CVE-2026-44544 medium 5.5 debian debian 23d ago gittuf is a platform-agnostic Git security system. Prior to 0.14.0, an attacker with push access to gittuf's Reference State Log (RSL) can roll back the current policy to any previous policy trusted …
CVE-2026-44520 medium 5.7 5.7 23d ago docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler
CVE-2026-44283 medium 4.3 4.3 FIX debian debian sleswindows windows etcd 23d ago etcd RBAC bypass allows unauthorized data access via PrevKv/lease attachment in nested transaction Put requests
CVE-2026-42572 medium 6.5 6.5 hatchet 23d ago Hatchet affected by cross-tenant information disclosure in `listTasksByDAGIds`
CVE-2026-41888 medium 6.5 6.5 debian debian sles distribution 23d ago Distribution's tag deletion bypasses `storage.delete.enabled` configuration
CVE-2026-6923 low 3.8 3.8 23d ago A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key.
CVE-2026-45448 medium 4.3 4.3 23d ago CWE-601 URL redirection to untrusted site ('open redirect')
CVE-2026-44514 medium 6.5 6.5 23d ago Kubetail has a Cross-Site WebSocket Hijacking issue that allows attacker to read Kubernetes logs from authenticated users
CVE-2026-44348 low 2.5 2.5 FIX debian debian sles 23d ago PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_hash_to_sign() in src/podofo/private/OpenSSLInternal_Ripped.cpp. If EVP_DigestFin…
CVE-2026-20210 medium 5.4 5.4 23d ago A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform …
CVE-2026-20209 medium 5.4 5.4 23d ago A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low …
CVE-2025-62317 low 2.6 2.6 23d ago HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary syst…
CVE-2025-62316 low 2.3 2.3 23d ago HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based securi…
CVE-2025-62313 medium 5.4 5.4 23d ago HCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced. This may allow repeated authentication attempts, potentially leading to unauthorized …
CVE-2025-62312 low 3.0 3.0 23d ago HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse,…
CVE-2025-62311 medium 4.3 4.3 23d ago HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized a…
CVE-2025-62310 medium 5.4 5.4 23d ago HCL AION is affected by a vulnerability where encryption is not enforced for certain data transmissions or operations. This may expose sensitive information to potential interception or unauthorized …
CVE-2025-62309 low 2.6 2.6 23d ago HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to…
CVE-2025-62308 medium 5.1 5.1 23d ago HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details,…
CVE-2025-62305 medium 5.1 5.1 23d ago HCL AION is affected by a vulnerability where certain operations may trigger out-of-band interactions, potentially resulting in unintended disclosure of sensitive information. Such behaviour may allo…
CVE-2026-44898 medium 6.1 6.1 slesdebian debianwindows windows mistune_project 23d ago Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_toc_ul() builds a <ul> table-of-contents tree from a list of (level, id, text) tuples. Both the id value (used a…
CVE-2026-45292 medium 5.3 5.3 23d ago opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggag…
CVE-2026-44884 medium 6.5 6.5 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44885 medium 5.5 5.5 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-45076 low 2.7 2.7 FIX debian debian element 23d ago Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full h…
CVE-2026-45078 medium 5.5 5.5 FIX debian debian element 23d ago Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing o…
CVE-2026-44722 medium 5.5 23d ago pyzipper has an encryption bypass for small files encrypted using it
CVE-2026-42597 medium 5.9 5.9 thecodingmachine 23d ago Gotenberg allows Chromium URL conversion routes to read arbitrary files under /tmp via file:// scheme
CVE-2026-42593 medium 5.3 5.3 thecodingmachine 23d ago Gotenberg has arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routes
CVE-2026-42592 medium 5.3 5.3 thecodingmachine 23d ago Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes
CVE-2026-42159 medium 5.4 5.4 flowsint 23d ago Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Flowsint allows a user to create investigations, whic…
CVE-2026-42853 medium 5.5 23d ago @apostrophecms/cli: Command Injection in apos create via Unsanitized Password Input
CVE-2026-44374 medium 4.3 4.3 linuxfoundation 23d ago Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permissi…
CVE-2026-44308 medium 5.5 23d ago Spring Cloud AWS missing SNS message signature verification allows spoofing of HTTP/HTTPS endpoint notifications
CVE-2026-41933 medium 5.3 5.3 23d ago Vvveb before 1.0.8.3 contains a directory listing information disclosure vulnerability that allows unauthenticated attackers to enumerate files and directories by accessing multiple paths lacking pro…
CVE-2026-41932 medium 6.1 6.1 23d ago Vvveb before 1.0.8.3 contains a stored cross-site scripting vulnerability in the customer signup flow where the Signup::addUser() controller copies raw POST username values into the display_name fiel…
CVE-2026-24711 medium 5.3 5.3 northern.tech 23d ago Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control.
CVE-2026-24710 medium 6.1 6.1 northern.tech 23d ago Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS.
CVE-2026-21730 medium 6.1 6.1 verint 23d ago Verba is affected by a Stored Cross-Site Scripting (XSS) vulnerability within its login logging mechanism. When an unauthenticated remote attacker attempts to log in using an incorrect username and p…
CVE-2025-69443 medium 6.3 6.3 23d ago Remote Code Execution in coleam00 Archon 0.1.0. A crafted HTML page, when accessed by a victim, can execute commands, run prompts on behalf of the user, control the Archon UI features, and steal all …
CVE-2026-6575 medium 4.3 4.3 FIX slesdebian debian postgresql 23d ago Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintain…
CVE-2026-6478 medium 6.5 6.5 FIX slesdebian debianwindows windows postgresql 23d ago Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 …
CVE-2026-6474 medium 4.3 4.3 FIX slesdebian debianwindows windows postgresql 23d ago Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 1…
CVE-2026-6472 medium 5.4 5.4 FIX slesdebian debianwindows windows postgresql 23d ago Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, including extension-defined types. That is to say, t…
CVE-2026-6008 medium 6.8 6.8 23d ago Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. …
CVE-2026-43644 medium 6.1 6.1 stefanprodan 23d ago podinfo through 6.11.2 contains a reflected cross-site scripting vulnerability in the /echo and /api/echo endpoints where the echoHandler writes request body content directly to the response without …
CVE-2026-45205 medium 5.3 5.3 FIX debian debian sles apache 23d ago Apache Commons Configuration: StackOverflowError for YAML input with cycles
CVE-2026-6504 medium 6.4 6.4 23d ago The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title_tag' parameter in all versions up to, and including, 1.7.1058 due to insuffic…
CVE-2026-6206 medium 5.3 5.3 23d ago The MW WP Form plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 5.1.2 via the _get_post_property_from_querystring() function due to insufficient restri…
CVE-2026-6174 medium 6.4 6.4 23d ago The CC Child Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'more' parameter in all versions up to, and including, 2.1.1 due to insufficient input sanitization and ou…
CVE-2026-6145 medium 5.3 5.3 23d ago The User Registration & Membership plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.1.5. This is due to the is_admin_creation_process() method relyi…
CVE-2026-6670 medium 6.5 6.5 23d ago The Media Sync plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.9 via the 'sub_dir' and 'media_items' parameters. This is due to insufficient validation …
CVE-2026-6252 medium 6.4 6.4 23d ago The Meta Field Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tagName' block attribute in all versions up to, and including, 1.5.2 due to insufficient input sanitiza…
CVE-2026-6225 medium 6.5 6.5 23d ago The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'project_search' parameter in all versions u…
CVE-2026-5365 medium 4.3 4.3 23d ago The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 5.3.2. This is due to missing nonce verification on the request_cancellation() funct…
CVE-2026-5193 medium 6.5 6.5 23d ago The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.5.13. This is due to insu…
CVE-2026-3694 medium 6.4 6.4 23d ago The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the bt_bb_button shortcode in all versions up to, and including, 5.6.8. This is due…
CVE-2026-8280 medium 6.5 6.5 gitlab 23d ago GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to cause den…
CVE-2026-8144 medium 4.3 4.3 gitlab 23d ago GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with projec…
CVE-2026-7481 medium 5.4 5.4 gitlab 23d ago GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer…
CVE-2026-7471 low 3.5 3.5 gitlab 23d ago GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control o…
CVE-2026-7377 medium 5.4 5.4 gitlab 23d ago GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that, in customizable analytics dashboards, could have allow…
CVE-2026-6883 medium 4.3 4.3 gitlab 23d ago GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merg…