VIR Vulnerability Intelligence Relay

Search

Found 33,068 results in 1666ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-8544 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8542 high 8.3 8.3 FIX debian debianwindows windows google 23d ago Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM…
CVE-2026-8540 high 8.8 8.8 FIX debian debianwindows windows google 23d ago Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8536 low 3.1 3.1 FIX debian debianmacos macoswindows windows google 23d ago Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation v…
CVE-2026-8534 high 8.3 8.3 FIX debian debian linux-kernelwindows windows google 23d ago Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a…
CVE-2026-8533 high 8.3 8.3 FIX debian debianwindows windows google 23d ago Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …
CVE-2026-8532 high 8.8 8.8 FIX debian debianwindows windows google 23d ago Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8531 high 8.8 8.8 FIX debian debianwindows windows google 23d ago Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity…
CVE-2026-8530 high 8.3 8.3 FIX debian debianwindows windows google 23d ago Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …
CVE-2026-8529 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Hig…
CVE-2026-8527 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severi…
CVE-2026-8526 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8525 high 8.3 8.3 FIX debian debianmacos macoswindows windows google 23d ago Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: H…
CVE-2026-8524 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hig…
CVE-2026-8523 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-8522 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 23d ago Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8521 high 7.5 7.5 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
CVE-2026-8520 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 23d ago Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8519 high 8.8 8.8 FIX debian debianwindows windows google 23d ago Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: …
CVE-2026-8518 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8517 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 23d ago Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a cra…
CVE-2026-8515 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted H…
CVE-2026-8514 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-8513 high 8.3 8.3 FIX debian debianwindows windows google 23d ago Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
CVE-2026-8512 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a cr…
CVE-2026-8510 high 7.5 7.5 FIX debian debianwindows windows google 23d ago Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted …
CVE-2026-8509 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Heap buffer overflow in WebML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Criti…
CVE-2026-46356 high 7.5 7.5 fleetdm 23d ago Fleet: IP spoofing allows bypassing API rate limiting
CVE-2026-44638 low 2.5 2.5 FIX debian debian sles saitoha 23d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel_decode_raw and sixel_decode causes a NULL pointe…
CVE-2026-44637 high 7.1 7.1 FIX debian debian sles saitoha 23d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-boun…
CVE-2026-44636 high 7.8 7.8 FIX debian debian sles saitoha 23d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap bu…
CVE-2026-43909 high 8.8 8.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t…
CVE-2026-43908 high 8.8 8.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t…
CVE-2026-43907 high 8.3 8.3 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGB…
CVE-2026-43906 high 7.8 7.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the H…
CVE-2026-43905 high 7.8 7.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer…
CVE-2026-43904 high 7.8 7.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 (mixed RLE) an…
CVE-2026-43903 high 7.8 7.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIO_DASSERT…
CVE-2026-24899 high 7.5 7.5 fleetdm 23d ago Fleet Windows MDM Azure AD JWT Authentication Bypass
CVE-2026-45303 high 7.7 7.7 openwebui 23d ago Open WebUI has stored XSS via the HTML renedering view
CVE-2026-8621 high 8.8 8.8 23d ago Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers
CVE-2026-45371 high 8.0 23d ago SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs
CVE-2026-44633 high 8.1 8.1 23d ago Live Helper Chat is an open-source application that enables live support websites. In 4.84v, the Live Helper Chat REST API chat update endpoint allows a REST user with lhchat/use to update a chat in …
CVE-2026-44589 low 3.7 3.7 23d ago nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
CVE-2026-44586 high 8.3 8.3 23d ago SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML wit…
CVE-2026-44522 high 8.0 23d ago Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leads to Remote Code Execution
CVE-2026-27886 high 7.5 7.5 strapi 23d ago Strapi may leak sensitive data via relational filtering due to lack of query sanitization
CVE-2026-23998 high 7.5 7.5 fleetdm 23d ago Fleet has a Windows MDM management endpoint authentication bypass
CVE-2026-22599 high 7.2 7.2 strapi 23d ago Strapi Vulnerable to SQL Injection in Content Type Builder
CVE-2026-44541 high 8.0 23d ago ethyca-fides has a DOM-based XSS vulnerability in fides.js via fides_description override
CVE-2026-45011 high 8.0 23d ago Apostrophe has stored XSS via javascript: URL in Image Widget Link
CVE-2026-45013 high 8.0 23d ago Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation
CVE-2026-45012 high 8.0 23d ago Apostrophe has authenticated SSRF in rich-text widget import via @apostrophecms/area/validate-widget
CVE-2026-44973 high 8.1 8.1 debian debian 23d ago Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcem…
CVE-2026-44970 low 2.5 23d ago dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction
CVE-2026-44969 low 2.5 23d ago dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled
CVE-2026-6332 high 7.5 7.5 schneider-electric 23d ago CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of …
CVE-2026-42897 high 8.1 9.6 KEV windows windows microsoft 23d ago Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-42334 high 7.5 7.5 mongoosejs 23d ago Mongoose's Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection
CVE-2025-15024 high 8.8 8.8 23d ago Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System …
CVE-2025-15023 high 8.8 8.8 23d ago Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Conf…
CVE-2026-6923 low 3.8 3.8 23d ago A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key.
CVE-2026-44827 high 8.8 8.8 huggingface 23d ago Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components
CVE-2026-44516 high 7.6 7.6 23d ago Valtimo has sensitive data exposure through HTTP request/response logging in LoggingRestClientCustomizer
CVE-2026-44513 high 8.8 8.8 huggingface 23d ago Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components
CVE-2026-44348 low 2.5 2.5 FIX debian debian sles 23d ago PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_hash_to_sign() in src/podofo/private/OpenSSLInternal_Ripped.cpp. If EVP_DigestFin…
CVE-2026-20224 high 8.6 8.6 23d ago A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system.…
CVE-2025-62317 low 2.6 2.6 23d ago HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary syst…
CVE-2025-62316 low 2.3 2.3 23d ago HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based securi…
CVE-2025-62312 low 3.0 3.0 23d ago HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse,…
CVE-2025-62309 low 2.6 2.6 23d ago HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to…
CVE-2026-44883 high 7.5 7.5 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44849 high 8.8 8.8 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44882 high 8.1 8.1 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44850 high 8.5 8.5 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44848 high 8.8 8.8 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-46480 high 8.0 23d ago FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
CVE-2026-46479 high 8.0 23d ago FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
CVE-2026-46478 high 8.0 23d ago FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover
CVE-2026-46477 high 8.0 23d ago FlowiseAI: Dataset create+update mass-assignment allows cross-workspace dataset takeover
CVE-2026-46476 high 8.0 23d ago FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover
CVE-2026-46475 high 8.0 23d ago FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover
CVE-2026-46444 high 8.0 23d ago FlowiseAI: Vector Store No Permission Checks
CVE-2026-45076 low 2.7 2.7 FIX debian debian element 23d ago Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full h…
CVE-2026-45732 high 8.0 23d ago n8n Has a Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints
CVE-2026-44792 high 8.0 23d ago n8n Has a Source Control Pull SQL Injection
CVE-2026-43978 high 8.0 23d ago wger: Privilege escalation via trainer-login session chaining allows gym trainer to impersonate gym manager
CVE-2026-44504 high 8.0 23d ago Aegra has cross-user run injection in /threads/{thread_id}/runs (IDOR)
CVE-2026-44501 high 7.1 7.1 datahub 23d ago DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend (datahub-frontend-react) deserializes attacker-controlled Java objects from the REDIRECT_URL HTTP cookie during the…
CVE-2026-42595 high 8.6 8.6 thecodingmachine 23d ago Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass
CVE-2026-42594 high 7.5 7.5 thecodingmachine 23d ago Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine
CVE-2026-42591 high 8.2 8.2 thecodingmachine 23d ago Gotenberg has a Server-Side Request Forgery (SSRF) Issue
CVE-2026-42590 high 8.2 8.2 thecodingmachine 23d ago Gotenberg's ExifTool group-prefix syntax bypasses dangerous-tag blocklist
CVE-2026-42283 high 7.8 7.8 devspace 23d ago DevSpace UI Server WebSocket CheckOrigin does not validate source
CVE-2026-42281 high 8.6 8.6 magicmirror 23d ago MagicMirror vulnerable to unauthenticated SSRF via /cors endpoint
CVE-2026-43977 high 8.0 23d ago wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API
CVE-2026-40893 high 8.2 8.2 thecodingmachine 23d ago Gotenberg has an ExifTool Dangerous Tag Blocklist Bypass via Group-Prefixed Tag Names that Allows Arbitrary File Rename and Move
CVE-2026-44375 high 7.5 7.5 23d ago Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException
CVE-2026-42186 high 7.5 7.5 openbao 23d ago OpenBao's Namespace Deletion May Not Delete Data Properly
CVE-2026-41937 high 7.2 7.2 23d ago Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows super_admin users to execute arbitrary PHP code by uploading a malicious plugin ZIP f…