VIR Vulnerability Intelligence Relay

Search

Found 58,588 results in 2287ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-8539 medium 5.4 5.4 FIX debian debianwindows windows google 23d ago Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security s…
CVE-2026-8538 medium 5.3 5.3 FIX debian debianwindows windows google 23d ago Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a craf…
CVE-2026-8537 medium 4.3 4.3 FIX debian debianwindows windows google 23d ago Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: H…
CVE-2026-8536 low 3.1 3.1 FIX debian debianmacos macoswindows windows google 23d ago Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation v…
CVE-2026-8535 medium 5.3 5.3 FIX debian debian linux-kernelwindows windows google 23d ago Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informati…
CVE-2026-8528 medium 4.3 4.3 FIX debian debianmacos macos linux-kernel google 23d ago Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a …
CVE-2026-8516 medium 5.3 5.3 FIX debian debianmacos macos linux-kernel google 23d ago Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentia…
CVE-2026-8511 critical 9.6 9.6 FIX debian debianmacos macos linux-kernel google 23d ago Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-44638 low 2.5 2.5 FIX debian debian sles saitoha 23d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel_decode_raw and sixel_decode causes a NULL pointe…
CVE-2026-43996 medium 5.5 5.5 debian debian openimageio 23d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decode_…
CVE-2026-26191 critical 9.8 9.8 fleetdm 23d ago Fleet vulnerable to OS command injection in software packages
CVE-2026-26062 medium 6.5 6.5 fleetdm 23d ago Fleet server may terminate unexpectedly when handling certain gRPC requests
CVE-2026-24000 medium 5.3 5.3 fleetdm 23d ago Fleet has a rate limiting bypass via untrusted client IP headers
CVE-2026-45058 critical 9.5 23d ago electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync…
CVE-2026-45299 medium 5.4 5.4 openwebui 23d ago Open WebUI has Stored Cross-Site Scripting In Profile Picture
CVE-2026-45021 medium 5.5 23d ago Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin…
CVE-2026-45375 critical 9.0 9.0 23d ago SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution
CVE-2026-45148 medium 4.3 4.3 23d ago SiYuan has broken access control in `/api/search/{searchAsset,searchTag,searchWidget,searchTemplate}` publish-mode
CVE-2026-45147 medium 4.3 4.3 23d ago SiYuan: Broken access control in `/api/tag/getTag` — Reader role can mutate `Conf.Tag.Sort` and persist to disk
CVE-2026-44670 critical 9.5 23d ago SiYuan Affected by Stored XSS via Attribute View Name to Electron Renderer RCE
CVE-2026-44592 critical 9.4 9.4 23d ago Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto can register as a worker with…
CVE-2026-44589 low 3.7 3.7 23d ago nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
CVE-2026-44588 critical 9.5 23d ago SiYuan: Electron Renderer RCE via decodeURIComponent-driven tooltip XSS in aria-label sink (incomplete fix for CVE-2026-34585)
CVE-2026-44523 critical 10.0 10.0 23d ago Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery
CVE-2026-41315 critical 9.8 9.8 midoks 23d ago mdserver-web is a simple Linux panel. From 0.18.0 to 0.18.4, mdserver-web has a front-end unauthorized remote command execution vulnerability. Due to the lack of authentication on the /modify_crond a…
CVE-2026-38740 medium 5.3 5.3 23d ago Foscam VD1 Video Doorbell before V5.3.13_1072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol (SDP), including ICE creden…
CVE-2026-27680 medium 4.3 4.3 sap 23d ago Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets (CSS) data into a web page served by the appl…
CVE-2026-22707 medium 5.4 5.4 strapi 23d ago Strapi Upload Plugin MIME Validation Bypass via Content API
CVE-2026-22706 medium 6.5 6.5 strapi 23d ago Strapi: Password Reset Does Not Revoke Existing Refresh Sessions
CVE-2025-64526 medium 5.3 5.3 strapi 23d ago Strapi has a rate limit bypass on users-permissions plugin via attacker-controlled email keying
CVE-2026-44990 critical 9.5 23d ago Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`
CVE-2026-44970 low 2.5 23d ago dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction
CVE-2026-44969 low 2.5 23d ago dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled
CVE-2026-44968 medium 5.5 23d ago dbt MCP Server has an Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters
CVE-2026-46470 critical 9.1 9.1 FIX debian debian sles freedesktop 23d ago An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate atom data before per…
CVE-2026-46469 medium 5.5 5.5 FIX debian debian sles freedesktop 23d ago An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak function does not sufficiently validate atom data before per…
CVE-2026-44544 medium 5.5 debian debian 23d ago gittuf is a platform-agnostic Git security system. Prior to 0.14.0, an attacker with push access to gittuf's Reference State Log (RSL) can roll back the current policy to any previous policy trusted …
CVE-2026-44542 critical 9.1 9.1 gtsteffaniak 23d ago FileBrowser Public Share DELETE API Path Traversal Allows Unauthenticated Arbitrary File Deletion
CVE-2026-44520 medium 5.7 5.7 23d ago docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler
CVE-2026-44283 medium 4.3 4.3 FIX debian debian sleswindows windows etcd 23d ago etcd RBAC bypass allows unauthorized data access via PrevKv/lease attachment in nested transaction Put requests
CVE-2026-42572 medium 6.5 6.5 hatchet 23d ago Hatchet affected by cross-tenant information disclosure in `listTasksByDAGIds`
CVE-2026-41888 medium 6.5 6.5 debian debian sles distribution 23d ago Distribution's tag deletion bypasses `storage.delete.enabled` configuration
CVE-2026-41615 critical 9.6 9.6 windows windows microsoft 23d ago Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.
CVE-2026-6923 low 3.8 3.8 23d ago A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key.
CVE-2026-45448 medium 4.3 4.3 23d ago CWE-601 URL redirection to untrusted site ('open redirect')
CVE-2026-44514 medium 6.5 6.5 23d ago Kubetail has a Cross-Site WebSocket Hijacking issue that allows attacker to read Kubernetes logs from authenticated users
CVE-2026-44348 low 2.5 2.5 FIX debian debian sles 23d ago PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_hash_to_sign() in src/podofo/private/OpenSSLInternal_Ripped.cpp. If EVP_DigestFin…
CVE-2026-42555 critical 9.1 9.1 23d ago Valtimo has SpEL injection via StandardEvaluationContext that allows Remote Code Execution by admin users
CVE-2026-20210 medium 5.4 5.4 23d ago A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform …
CVE-2026-20209 medium 5.4 5.4 23d ago A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low …
CVE-2026-20182 critical 10.0 10.0 KEVEXP cisco 23d ago Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges…
CVE-2025-62317 low 2.6 2.6 23d ago HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary syst…
CVE-2025-62316 low 2.3 2.3 23d ago HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based securi…
CVE-2025-62313 medium 5.4 5.4 23d ago HCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced. This may allow repeated authentication attempts, potentially leading to unauthorized …
CVE-2025-62312 low 3.0 3.0 23d ago HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse,…
CVE-2025-62311 medium 4.3 4.3 23d ago HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized a…
CVE-2025-62310 medium 5.4 5.4 23d ago HCL AION is affected by a vulnerability where encryption is not enforced for certain data transmissions or operations. This may expose sensitive information to potential interception or unauthorized …
CVE-2025-62309 low 2.6 2.6 23d ago HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to…
CVE-2025-62308 medium 5.1 5.1 23d ago HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details,…
CVE-2025-62305 medium 5.1 5.1 23d ago HCL AION is affected by a vulnerability where certain operations may trigger out-of-band interactions, potentially resulting in unintended disclosure of sensitive information. Such behaviour may allo…
CVE-2026-44898 medium 6.1 6.1 slesdebian debianwindows windows mistune_project 23d ago Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_toc_ul() builds a <ul> table-of-contents tree from a list of (level, id, text) tuples. Both the id value (used a…
CVE-2026-45292 medium 5.3 5.3 23d ago opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggag…
CVE-2026-44884 medium 6.5 6.5 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44881 critical 9.9 9.9 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-44885 medium 5.5 5.5 portainer 23d ago Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before …
CVE-2026-45076 low 2.7 2.7 FIX debian debian element 23d ago Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full h…
CVE-2026-45078 medium 5.5 5.5 FIX debian debian element 23d ago Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing o…
CVE-2026-44791 critical 9.5 23d ago n8n Has an XML Node Prototype Pollution Patch Bypass
CVE-2026-44790 critical 9.5 23d ago n8n Has an Arbitrary File Read via Git Node
CVE-2026-44789 critical 9.5 23d ago n8n: HTTP Request Node Pagination Prototype Pollution to RCE
CVE-2026-44722 medium 5.5 23d ago pyzipper has an encryption bypass for small files encrypted using it
CVE-2026-42597 medium 5.9 5.9 thecodingmachine 23d ago Gotenberg allows Chromium URL conversion routes to read arbitrary files under /tmp via file:// scheme
CVE-2026-42596 critical 9.4 9.4 thecodingmachine 23d ago Gotenberg vulnerable to unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook
CVE-2026-42593 medium 5.3 5.3 thecodingmachine 23d ago Gotenberg has arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routes
CVE-2026-42592 medium 5.3 5.3 thecodingmachine 23d ago Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes
CVE-2026-42589 critical 9.8 9.8 thecodingmachine 23d ago Gotenberg has Unauthenticated RCE via ExifTool Metadata Key Injection
CVE-2026-42159 medium 5.4 5.4 flowsint 23d ago Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Flowsint allows a user to create investigations, whic…
CVE-2026-42853 medium 5.5 23d ago @apostrophecms/cli: Command Injection in apos create via Unsanitized Password Input
CVE-2026-44484 critical 9.8 9.8 lightningai 24d ago Compromise of PyTorch Lightning PyPi Package Versions
CVE-2026-44482 critical 9.6 9.6 24d ago soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app…
CVE-2026-44374 medium 4.3 4.3 linuxfoundation 24d ago Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permissi…
CVE-2026-44308 medium 5.5 24d ago Spring Cloud AWS missing SNS message signature verification allows spoofing of HTTP/HTTPS endpoint notifications
CVE-2026-42457 critical 9.0 9.0 24d ago vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulner…
CVE-2026-41933 medium 5.3 5.3 24d ago Vvveb before 1.0.8.3 contains a directory listing information disclosure vulnerability that allows unauthenticated attackers to enumerate files and directories by accessing multiple paths lacking pro…
CVE-2026-41932 medium 6.1 6.1 24d ago Vvveb before 1.0.8.3 contains a stored cross-site scripting vulnerability in the customer signup flow where the Signup::addUser() controller copies raw POST username values into the display_name fiel…
CVE-2026-24711 medium 5.3 5.3 northern.tech 24d ago Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control.
CVE-2026-24710 medium 6.1 6.1 northern.tech 24d ago Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS.
CVE-2026-21730 medium 6.1 6.1 verint 24d ago Verba is affected by a Stored Cross-Site Scripting (XSS) vulnerability within its login logging mechanism. When an unauthenticated remote attacker attempts to log in using an incorrect username and p…
CVE-2025-69443 medium 6.3 6.3 24d ago Remote Code Execution in coleam00 Archon 0.1.0. A crafted HTML page, when accessed by a victim, can execute commands, run prompts on behalf of the user, control the Archon UI features, and steal all …
CVE-2026-46442 critical 9.5 24d ago FlowiseAI: Authenticated Host RCE via POST /api/v1/node-custom-function and NodeVM Sandbox Escape
CVE-2026-6575 medium 4.3 4.3 FIX slesdebian debian postgresql 24d ago Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintain…
CVE-2026-6478 medium 6.5 6.5 FIX slesdebian debianwindows windows postgresql 24d ago Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 …
CVE-2026-6474 medium 4.3 4.3 FIX slesdebian debianwindows windows postgresql 24d ago Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 1…
CVE-2026-6472 medium 5.4 5.4 FIX slesdebian debianwindows windows postgresql 24d ago Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, including extension-defined types. That is to say, t…
CVE-2026-6008 medium 6.8 6.8 24d ago Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. …
CVE-2026-43644 medium 6.1 6.1 stefanprodan 24d ago podinfo through 6.11.2 contains a reflected cross-site scripting vulnerability in the /echo and /api/echo endpoints where the echoHandler writes request body content directly to the response without …
CVE-2026-45205 medium 5.3 5.3 FIX debian debian sles apache 24d ago Apache Commons Configuration: StackOverflowError for YAML input with cycles
CVE-2026-2347 critical 9.8 9.8 24d ago Authorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Session Hijacking. This issue affects E-Commerce Website: b…
CVE-2025-11024 critical 9.8 9.8 24d ago Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. Th…
CVE-2026-6512 critical 9.1 9.1 24d ago The InfusedWoo Pro plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.1.2. This is due to the plugin not properly verifying that a user is authorized t…