VIR Vulnerability Intelligence Relay

Search

Found 41,691 results in 2062ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-8531 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity…
CVE-2026-8530 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …
CVE-2026-8529 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Hig…
CVE-2026-8527 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severi…
CVE-2026-8526 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8525 high 8.3 8.3 FIX debian debianmacos macoswindows windows google 24d ago Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: H…
CVE-2026-8524 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hig…
CVE-2026-8523 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-8522 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 24d ago Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8521 high 7.5 7.5 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
CVE-2026-8520 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8519 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: …
CVE-2026-8518 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8517 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 24d ago Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a cra…
CVE-2026-8515 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted H…
CVE-2026-8514 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-8513 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
CVE-2026-8512 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a cr…
CVE-2026-8511 critical 9.6 9.6 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8510 high 7.5 7.5 FIX debian debianwindows windows google 24d ago Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted …
CVE-2026-8509 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Heap buffer overflow in WebML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Criti…
CVE-2026-46356 high 7.5 7.5 fleetdm 24d ago Fleet: IP spoofing allows bypassing API rate limiting
CVE-2026-44637 high 7.1 7.1 FIX debian debian sles saitoha 24d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-boun…
CVE-2026-44636 high 7.8 7.8 FIX debian debian sles saitoha 24d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap bu…
CVE-2026-43909 high 8.8 8.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t…
CVE-2026-43908 high 8.8 8.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t…
CVE-2026-43907 high 8.3 8.3 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGB…
CVE-2026-43906 high 7.8 7.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the H…
CVE-2026-43905 high 7.8 7.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer…
CVE-2026-43904 high 7.8 7.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 (mixed RLE) an…
CVE-2026-43903 high 7.8 7.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIO_DASSERT…
CVE-2026-26191 critical 9.8 9.8 fleetdm 24d ago Fleet vulnerable to OS command injection in software packages
CVE-2026-24899 high 7.5 7.5 fleetdm 24d ago Fleet Windows MDM Azure AD JWT Authentication Bypass
CVE-2026-45303 high 7.7 7.7 openwebui 24d ago Open WebUI has stored XSS via the HTML renedering view
CVE-2026-45058 critical 9.5 24d ago electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync…
CVE-2026-8621 high 8.8 8.8 24d ago Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers
CVE-2026-45375 critical 9.0 9.0 24d ago SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution
CVE-2026-45371 high 8.0 24d ago SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs
CVE-2026-44670 critical 9.5 24d ago SiYuan Affected by Stored XSS via Attribute View Name to Electron Renderer RCE
CVE-2026-44633 high 8.1 8.1 24d ago Live Helper Chat is an open-source application that enables live support websites. In 4.84v, the Live Helper Chat REST API chat update endpoint allows a REST user with lhchat/use to update a chat in …
CVE-2026-44592 critical 9.4 9.4 24d ago Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto can register as a worker with…
CVE-2026-44588 critical 9.5 24d ago SiYuan: Electron Renderer RCE via decodeURIComponent-driven tooltip XSS in aria-label sink (incomplete fix for CVE-2026-34585)
CVE-2026-44586 high 8.3 8.3 24d ago SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML wit…
CVE-2026-44523 critical 10.0 10.0 24d ago Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery
CVE-2026-44522 high 8.0 24d ago Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leads to Remote Code Execution
CVE-2026-41315 critical 9.8 9.8 midoks 24d ago mdserver-web is a simple Linux panel. From 0.18.0 to 0.18.4, mdserver-web has a front-end unauthorized remote command execution vulnerability. Due to the lack of authentication on the /modify_crond a…
CVE-2026-27886 high 7.5 7.5 strapi 24d ago Strapi may leak sensitive data via relational filtering due to lack of query sanitization
CVE-2026-23998 high 7.5 7.5 fleetdm 24d ago Fleet has a Windows MDM management endpoint authentication bypass
CVE-2026-22599 high 7.2 7.2 strapi 24d ago Strapi Vulnerable to SQL Injection in Content Type Builder
CVE-2026-44541 high 8.0 24d ago ethyca-fides has a DOM-based XSS vulnerability in fides.js via fides_description override
CVE-2026-45011 high 8.0 24d ago Apostrophe has stored XSS via javascript: URL in Image Widget Link
CVE-2026-45013 high 8.0 24d ago Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation
CVE-2026-45012 high 8.0 24d ago Apostrophe has authenticated SSRF in rich-text widget import via @apostrophecms/area/validate-widget
CVE-2026-44990 critical 9.5 24d ago Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`
CVE-2026-44973 high 8.1 8.1 debian debian 24d ago Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcem…
CVE-2026-6332 high 7.5 7.5 schneider-electric 24d ago CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of …
CVE-2026-46470 critical 9.1 9.1 FIX debian debian slesubuntu ubuntu freedesktop 24d ago GStreamer Good Plugins vulnerabilities
CVE-2026-44542 critical 9.1 9.1 gtsteffaniak 24d ago FileBrowser Public Share DELETE API Path Traversal Allows Unauthenticated Arbitrary File Deletion
CVE-2026-42897 high 8.1 9.6 KEV windows windows microsoft 24d ago Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-42334 high 7.5 7.5 mongoosejs 24d ago Mongoose's Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection
CVE-2026-41615 critical 9.6 9.6 windows windows microsoft 24d ago Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.
CVE-2025-15024 high 8.8 8.8 24d ago Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System …
CVE-2025-15023 high 8.8 8.8 24d ago Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Conf…
CVE-2026-44827 high 8.8 8.8 huggingface 24d ago Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components
CVE-2026-44516 high 7.6 7.6 24d ago Valtimo has sensitive data exposure through HTTP request/response logging in LoggingRestClientCustomizer
CVE-2026-44513 high 8.8 8.8 huggingface 24d ago Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components
CVE-2026-42555 critical 9.1 9.1 24d ago Valtimo has SpEL injection via StandardEvaluationContext that allows Remote Code Execution by admin users
CVE-2026-20224 high 8.6 8.6 24d ago A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system.…
CVE-2026-20182 critical 10.0 10.0 KEVEXP cisco 24d ago Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges…
CVE-2026-44883 high 7.5 7.5 portainer 24d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44849 high 8.8 8.8 portainer 24d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44882 high 8.1 8.1 portainer 24d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44881 critical 9.9 9.9 portainer 24d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44850 high 8.5 8.5 portainer 24d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44848 high 8.8 8.8 portainer 24d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-46480 high 8.0 24d ago FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
CVE-2026-46479 high 8.0 24d ago FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
CVE-2026-46478 high 8.0 24d ago FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover
CVE-2026-46477 high 8.0 24d ago FlowiseAI: Dataset create+update mass-assignment allows cross-workspace dataset takeover
CVE-2026-46476 high 8.0 24d ago FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover
CVE-2026-46475 high 8.0 24d ago FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover
CVE-2026-46444 high 8.0 24d ago FlowiseAI: Vector Store No Permission Checks
CVE-2026-45732 high 8.0 24d ago n8n Has a Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints
CVE-2026-44792 high 8.0 24d ago n8n Has a Source Control Pull SQL Injection
CVE-2026-44791 critical 9.5 24d ago n8n Has an XML Node Prototype Pollution Patch Bypass
CVE-2026-44790 critical 9.5 24d ago n8n Has an Arbitrary File Read via Git Node
CVE-2026-44789 critical 9.5 24d ago n8n: HTTP Request Node Pagination Prototype Pollution to RCE
CVE-2026-43978 high 8.0 24d ago wger: Privilege escalation via trainer-login session chaining allows gym trainer to impersonate gym manager
CVE-2026-44504 high 8.0 24d ago Aegra has cross-user run injection in /threads/{thread_id}/runs (IDOR)
CVE-2026-44501 high 7.1 7.1 datahub 24d ago DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend (datahub-frontend-react) deserializes attacker-controlled Java objects from the REDIRECT_URL HTTP cookie during the…
CVE-2026-42596 critical 9.4 9.4 thecodingmachine 24d ago Gotenberg vulnerable to unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook
CVE-2026-42595 high 8.6 8.6 thecodingmachine 24d ago Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass
CVE-2026-42594 high 7.5 7.5 thecodingmachine 24d ago Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine
CVE-2026-42591 high 8.2 8.2 thecodingmachine 24d ago Gotenberg has a Server-Side Request Forgery (SSRF) Issue
CVE-2026-42590 high 8.2 8.2 thecodingmachine 24d ago Gotenberg's ExifTool group-prefix syntax bypasses dangerous-tag blocklist
CVE-2026-42589 critical 9.8 9.8 thecodingmachine 24d ago Gotenberg has Unauthenticated RCE via ExifTool Metadata Key Injection
CVE-2026-42283 high 7.8 7.8 devspace 24d ago DevSpace UI Server WebSocket CheckOrigin does not validate source
CVE-2026-42281 high 8.6 8.6 magicmirror 24d ago MagicMirror vulnerable to unauthenticated SSRF via /cors endpoint
CVE-2026-43977 high 8.0 24d ago wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API
CVE-2026-40893 high 8.2 8.2 thecodingmachine 24d ago Gotenberg has an ExifTool Dangerous Tag Blocklist Bypass via Group-Prefixed Tag Names that Allows Arbitrary File Rename and Move