VIR Vulnerability Intelligence Relay

Search

Found 41,685 results in 4158ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-8518 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8517 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 23d ago Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a cra…
CVE-2026-8515 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted H…
CVE-2026-8514 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-8513 high 8.3 8.3 FIX debian debianwindows windows google 23d ago Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
CVE-2026-8512 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a cr…
CVE-2026-8511 critical 9.6 9.6 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8510 high 7.5 7.5 FIX debian debianwindows windows google 23d ago Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted …
CVE-2026-8509 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 23d ago Heap buffer overflow in WebML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Criti…
CVE-2026-46356 high 7.5 7.5 fleetdm 23d ago Fleet: IP spoofing allows bypassing API rate limiting
CVE-2026-44637 high 7.1 7.1 FIX debian debian sles saitoha 23d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-boun…
CVE-2026-44636 high 7.8 7.8 FIX debian debian sles saitoha 23d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap bu…
CVE-2026-43909 high 8.8 8.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t…
CVE-2026-43908 high 8.8 8.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t…
CVE-2026-43907 high 8.3 8.3 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGB…
CVE-2026-43906 high 7.8 7.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the H…
CVE-2026-43905 high 7.8 7.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer…
CVE-2026-43904 high 7.8 7.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 (mixed RLE) an…
CVE-2026-43903 high 7.8 7.8 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIO_DASSERT…
CVE-2026-26191 critical 9.8 9.8 fleetdm 23d ago Fleet vulnerable to OS command injection in software packages
CVE-2026-24899 high 7.5 7.5 fleetdm 23d ago Fleet Windows MDM Azure AD JWT Authentication Bypass
CVE-2026-45303 high 7.7 7.7 openwebui 23d ago Open WebUI has stored XSS via the HTML renedering view
CVE-2026-45058 critical 9.5 23d ago electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync…
CVE-2026-8621 high 8.8 8.8 23d ago Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers
CVE-2026-45375 critical 9.0 9.0 23d ago SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution
CVE-2026-45371 high 8.0 23d ago SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs
CVE-2026-44670 critical 9.5 23d ago SiYuan Affected by Stored XSS via Attribute View Name to Electron Renderer RCE
CVE-2026-44633 high 8.1 8.1 23d ago Live Helper Chat is an open-source application that enables live support websites. In 4.84v, the Live Helper Chat REST API chat update endpoint allows a REST user with lhchat/use to update a chat in …
CVE-2026-44592 critical 9.4 9.4 23d ago Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto can register as a worker with…
CVE-2026-44588 critical 9.5 23d ago SiYuan: Electron Renderer RCE via decodeURIComponent-driven tooltip XSS in aria-label sink (incomplete fix for CVE-2026-34585)
CVE-2026-44586 high 8.3 8.3 23d ago SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML wit…
CVE-2026-44523 critical 10.0 10.0 23d ago Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery
CVE-2026-44522 high 8.0 23d ago Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leads to Remote Code Execution
CVE-2026-41315 critical 9.8 9.8 midoks 23d ago mdserver-web is a simple Linux panel. From 0.18.0 to 0.18.4, mdserver-web has a front-end unauthorized remote command execution vulnerability. Due to the lack of authentication on the /modify_crond a…
CVE-2026-27886 high 7.5 7.5 strapi 23d ago Strapi may leak sensitive data via relational filtering due to lack of query sanitization
CVE-2026-23998 high 7.5 7.5 fleetdm 23d ago Fleet has a Windows MDM management endpoint authentication bypass
CVE-2026-22599 high 7.2 7.2 strapi 23d ago Strapi Vulnerable to SQL Injection in Content Type Builder
CVE-2026-44541 high 8.0 23d ago ethyca-fides has a DOM-based XSS vulnerability in fides.js via fides_description override
CVE-2026-45011 high 8.0 23d ago Apostrophe has stored XSS via javascript: URL in Image Widget Link
CVE-2026-45013 high 8.0 23d ago Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation
CVE-2026-45012 high 8.0 23d ago Apostrophe has authenticated SSRF in rich-text widget import via @apostrophecms/area/validate-widget
CVE-2026-44990 critical 9.5 23d ago Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`
CVE-2026-44973 high 8.1 8.1 debian debian 23d ago Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcem…
CVE-2026-6332 high 7.5 7.5 schneider-electric 23d ago CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of …
CVE-2026-46470 critical 9.1 9.1 FIX debian debian sles freedesktop 23d ago An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate atom data before per…
CVE-2026-44542 critical 9.1 9.1 gtsteffaniak 23d ago FileBrowser Public Share DELETE API Path Traversal Allows Unauthenticated Arbitrary File Deletion
CVE-2026-42897 high 8.1 9.6 KEV windows windows microsoft 23d ago Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-42334 high 7.5 7.5 mongoosejs 23d ago Mongoose's Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection
CVE-2026-41615 critical 9.6 9.6 windows windows microsoft 23d ago Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.
CVE-2025-15024 high 8.8 8.8 23d ago Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System …
CVE-2025-15023 high 8.8 8.8 23d ago Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Conf…
CVE-2026-44827 high 8.8 8.8 huggingface 23d ago Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components
CVE-2026-44516 high 7.6 7.6 23d ago Valtimo has sensitive data exposure through HTTP request/response logging in LoggingRestClientCustomizer
CVE-2026-44513 high 8.8 8.8 huggingface 23d ago Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components
CVE-2026-42555 critical 9.1 9.1 23d ago Valtimo has SpEL injection via StandardEvaluationContext that allows Remote Code Execution by admin users
CVE-2026-20224 high 8.6 8.6 23d ago A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system.…
CVE-2026-20182 critical 10.0 10.0 KEVEXP cisco 23d ago Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges…
CVE-2026-44883 high 7.5 7.5 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44849 high 8.8 8.8 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44882 high 8.1 8.1 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44881 critical 9.9 9.9 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44850 high 8.5 8.5 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44848 high 8.8 8.8 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-46480 high 8.0 23d ago FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
CVE-2026-46479 high 8.0 23d ago FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
CVE-2026-46478 high 8.0 23d ago FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover
CVE-2026-46477 high 8.0 23d ago FlowiseAI: Dataset create+update mass-assignment allows cross-workspace dataset takeover
CVE-2026-46476 high 8.0 23d ago FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover
CVE-2026-46475 high 8.0 23d ago FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover
CVE-2026-46444 high 8.0 23d ago FlowiseAI: Vector Store No Permission Checks
CVE-2026-45732 high 8.0 23d ago n8n Has a Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints
CVE-2026-44792 high 8.0 23d ago n8n Has a Source Control Pull SQL Injection
CVE-2026-44791 critical 9.5 23d ago n8n Has an XML Node Prototype Pollution Patch Bypass
CVE-2026-44790 critical 9.5 23d ago n8n Has an Arbitrary File Read via Git Node
CVE-2026-44789 critical 9.5 23d ago n8n: HTTP Request Node Pagination Prototype Pollution to RCE
CVE-2026-43978 high 8.0 23d ago wger: Privilege escalation via trainer-login session chaining allows gym trainer to impersonate gym manager
CVE-2026-44504 high 8.0 23d ago Aegra has cross-user run injection in /threads/{thread_id}/runs (IDOR)
CVE-2026-44501 high 7.1 7.1 datahub 23d ago DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend (datahub-frontend-react) deserializes attacker-controlled Java objects from the REDIRECT_URL HTTP cookie during the…
CVE-2026-42596 critical 9.4 9.4 thecodingmachine 23d ago Gotenberg vulnerable to unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook
CVE-2026-42595 high 8.6 8.6 thecodingmachine 23d ago Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass
CVE-2026-42594 high 7.5 7.5 thecodingmachine 23d ago Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine
CVE-2026-42591 high 8.2 8.2 thecodingmachine 23d ago Gotenberg has a Server-Side Request Forgery (SSRF) Issue
CVE-2026-42590 high 8.2 8.2 thecodingmachine 23d ago Gotenberg's ExifTool group-prefix syntax bypasses dangerous-tag blocklist
CVE-2026-42589 critical 9.8 9.8 thecodingmachine 23d ago Gotenberg has Unauthenticated RCE via ExifTool Metadata Key Injection
CVE-2026-42283 high 7.8 7.8 devspace 23d ago DevSpace UI Server WebSocket CheckOrigin does not validate source
CVE-2026-42281 high 8.6 8.6 magicmirror 23d ago MagicMirror vulnerable to unauthenticated SSRF via /cors endpoint
CVE-2026-43977 high 8.0 23d ago wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API
CVE-2026-40893 high 8.2 8.2 thecodingmachine 23d ago Gotenberg has an ExifTool Dangerous Tag Blocklist Bypass via Group-Prefixed Tag Names that Allows Arbitrary File Rename and Move
CVE-2026-44484 critical 9.8 9.8 lightningai 23d ago Compromise of PyTorch Lightning PyPi Package Versions
CVE-2026-44482 critical 9.6 9.6 23d ago soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app…
CVE-2026-44375 high 7.5 7.5 23d ago Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException
CVE-2026-42457 critical 9.0 9.0 23d ago vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulner…
CVE-2026-42186 high 7.5 7.5 openbao 23d ago OpenBao's Namespace Deletion May Not Delete Data Properly
CVE-2026-41937 high 7.2 7.2 23d ago Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows super_admin users to execute arbitrary PHP code by uploading a malicious plugin ZIP f…
CVE-2026-41935 high 7.1 7.1 23d ago Vvveb before 1.0.8.3 contains an uncontrolled recursion vulnerability in the admin controller dispatch cycle where Base::init() repeatedly invokes permission() on error handlers, causing infinite rec…
CVE-2026-24712 high 7.3 7.3 debian debian northern.tech 23d ago Northern.tech CFEngine Enterprise and Community before 3.21.8, 3.24.3, and 3.27.0 allows Command injection.
CVE-2026-46443 high 8.0 23d ago FlowiseAI Vulnerable to Credential Data Leak
CVE-2026-46442 critical 9.5 23d ago FlowiseAI: Authenticated Host RCE via POST /api/v1/node-custom-function and NodeVM Sandbox Escape
CVE-2026-46441 high 8.0 23d ago FlowiseAI has Mass Assignment in Assistant Update Endpoint that Allows Cross-Workspace Resource Reassignment
CVE-2026-46440 high 8.0 23d ago FlowiseAI Exposes Basic Auth Credentials via API