VIR Vulnerability Intelligence Relay

Search

Found 45,574 results in 2212ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-43968 medium 4.0 4.0 FIX debian debianwindows windows ninenines 26d ago ninenines cowlib: Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability allows SSE event splitting and injection via unvalidated field values
CVE-2026-7814 medium 4.8 4.8 sles pgadmin 26d ago pgAdmin 4: Stored cross-site scripting (XSS) vulnerability in Browser Tree and Explain Visualizer modules
CVE-2026-45005 medium 6.0 6.0 openclaw 26d ago OpenClaw's Webhooks SecretRef route secret remains valid after rotation/reload
CVE-2026-45003 medium 5.0 5.0 openclaw 26d ago OpenClaw: Workspace dotenv files cannot override connector endpoint hosts
CVE-2026-45002 medium 5.3 5.3 openclaw 26d ago OpenClaw: Hook mapping templates could bypass hook session-key opt-in
CVE-2026-45000 medium 5.0 5.0 openclaw 26d ago OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips strict-mode SSRF policy checks. Attackers can create stored profiles pointing…
CVE-2026-44999 medium 5.3 5.3 openclaw 26d ago OpenClaw: Isolated cron awareness events were recorded as trusted system events
CVE-2026-44998 medium 5.4 5.4 openclaw 26d ago OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restr…
CVE-2026-44997 medium 4.3 4.3 openclaw 26d ago OpenClaw's ACP child sessions inherit subagent security envelope constraints
CVE-2026-44996 low 3.7 3.7 openclaw 26d ago OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence ag…
CVE-2026-44994 medium 5.3 5.3 openclaw 26d ago OpenClaw before 2026.4.22 contains an authentication bypass vulnerability in the Control UI bootstrap config endpoint that allows unauthenticated attackers to read sensitive configuration fields. Att…
CVE-2026-44993 medium 5.4 5.4 openclaw 26d ago OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. Attackers can bypass dmPolicy enfo…
CVE-2026-44992 medium 5.0 5.0 openclaw 26d ago OpenClaw: Workspace dotenv MiniMax host override could redirect credentialed requests
CVE-2026-44991 medium 4.2 4.2 openclaw 26d ago OpenClaw: Owner-enforced commands could accept wildcard channel senders as command owners
CVE-2026-44777 medium 5.5 5.5 FIX debian debian sleswindows windows jqlang 26d ago jq is a command-line JSON processor. In 1.8.2rc1 and earlier, the ordinary module loader recurses without cycle detection when two otherwise valid modules include each other.
CVE-2026-44659 medium 4.7 4.7 26d ago Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the a…
CVE-2026-44658 low 2.4 2.4 26d ago Zen is a firefox-based browser. Prior to 1.19.12b, RSS feed URLs entered by the user are validated to http: or https: in promptForFeedUrl, but item links inside the feed are not subject to the same r…
CVE-2026-44226 medium 5.3 5.3 pyload 26d ago PyLoad vulnerable to unauthenticated traceback disclosure via global exception handler in WebUI
CVE-2026-43896 medium 5.5 5.5 FIX debian debian sleswindows windows jqlang 26d ago jq is a command-line JSON processor. In 1.8.1 and earlier, unbounded recursion in jv_object_merge_recursive() allows a crafted jq program to crash the process with a segfault. The function is reachab…
CVE-2026-43895 medium 4.4 4.4 FIX debian debian sleswindows windows jqlang 26d ago jq is a command-line JSON processor. In 1.8.1 and earlier, jq accepts embedded NUL bytes in import paths at the jq-language level, but later resolves those paths through C string operations during mo…
CVE-2026-43894 medium 5.5 5.5 FIX debian debian sleswindows windows jqlang 26d ago jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INT_MAX-1 (2147483646) digits, the D2U() macro overflows during signed-int arithmetic.…
CVE-2026-43638 medium 5.4 5.4 bitwarden 26d ago Bitwarden Server prior to v2026.4.1 contains a missing authorization vulnerability that allows any authenticated user to write ciphers into an arbitrary organization via `POST /ciphers/import-organiz…
CVE-2026-42865 medium 4.3 4.3 getinboxzero 26d ago Inbox Zero is an AI personal assistant for email. Prior to 2.29.3, the cleaner email stream endpoint used a shared Redis subscription listener, which could deliver thread events for one authenticated…
CVE-2026-42857 medium 5.4 5.4 openedx 26d ago Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer clean_thread_html_body() used for discussion notification emails fails to remove <style> tags …
CVE-2026-42316 medium 6.5 6.5 26d ago kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer (Kusto). Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the k…
CVE-2026-42315 medium 6.5 6.5 pyload-ng_project 26d ago pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the set_package_data() API function call inside the data object with key "_…
CVE-2026-42314 medium 6.5 6.5 pyload-ng_project 26d ago pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, package folder names are sanitized using insufficient string replacement. The pattern ....// becomes .._ …
CVE-2026-42312 medium 6.8 6.8 pyload-ng_project 26d ago pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates …
CVE-2026-41257 medium 5.5 5.5 FIX debian debian sleswindows windows jqlang 26d ago jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB (via deeply nested generator …
CVE-2026-41256 medium 5.5 5.5 FIX debian debian sleswindows windows jqlang 26d ago jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter fil…
CVE-2026-41250 medium 5.7 5.7 26d ago Taiga is a project management platform for startups and agile developers. Prior 6.9.1, Taiga front is vulnerable to stored XSS. This vulnerability is fixed in 6.9.1.
CVE-2026-40612 medium 5.5 5.5 FIX debian debian sleswindows windows jqlang 26d ago jq is a command-line JSON processor. In 1.8.1 and earlier, jv_contains recurses into nested arrays/objects with no depth limit. With a sufficiently nested input structure (built programmatically with…
CVE-2026-38569 medium 5.4 5.4 26d ago HireFlow v1.2 is vulnerable to Cross Site Scripting (XSS) in candidate_detail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add.
CVE-2026-34095 medium 6.1 6.1 FIX debian debian mediawiki 26d ago Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/ActionEntryPoint.Php, includes/Request/FauxResponse.Php. This issue affects …
CVE-2026-34094 low 3.8 3.8 FIX debian debian mediawiki 26d ago Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.
CVE-2026-34093 medium 5.3 5.3 FIX debian debian mediawiki 26d ago Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Specials/SpecialUserRights.P…
CVE-2026-33052 medium 5.5 26d ago MantisBT Has Authorization Bypass in Global Profile Creation
CVE-2026-36906 medium 6.1 6.1 26d ago Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function
CVE-2026-31252 medium 5.7 5.7 26d ago CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its model loading component. The framework uses torch.load(…
CVE-2026-8292 medium 6.5 6.5 open5gs 26d ago A security vulnerability has been detected in Open5GS up to 2.7.7. The affected element is the function yuarel_parse in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argu…
CVE-2026-8291 medium 6.5 6.5 open5gs 26d ago A weakness has been identified in Open5GS up to 2.7.7. Impacted is the function ogs_nnrf_nfm_handle_nf_profile of the file lib/sbi/nnrf-handler.c of the component NRF. This manipulation causes denial…
CVE-2026-7820 medium 6.5 6.5 sles pgadmin 26d ago pgAdmin 4: Improper restriction of excessive authentication attempts
CVE-2026-7817 medium 6.5 6.5 sles pgadmin 26d ago pgAdmin 4 contains local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities
CVE-2026-6815 medium 5.9 6.9 EXP casbin 26d ago An arbitrary file write vulnerability exists in Casdoor's Local File System storage provider. Due to insufficient path sanitization, an authenticated attacker with administrative privileges can perfo…
CVE-2026-44201 medium 5.3 5.3 torchbox 26d ago Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, the Documents and Images API incorrectly listed items in private collections. A user with access t…
CVE-2026-44199 medium 6.5 6.5 torchbox 26d ago Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to form pages could delete submissions to form pages they don't hav…
CVE-2026-44198 medium 4.3 4.3 torchbox 26d ago Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could still access the history report for the page, …
CVE-2026-44197 medium 6.5 6.5 torchbox 26d ago Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revis…
CVE-2026-31246 medium 6.5 6.5 26d ago GPT-Pilot contains a command injection vulnerability in the Executor.run() method
CVE-2025-65417 medium 6.1 6.1 26d ago docuFORM Managed Print Service Client 11.11c is vulnerable to a reflected cross site scripting attack via the login page of the application.
CVE-2025-65416 medium 6.3 6.3 26d ago docuFORM Managed Print Service Client 11.11c is vulnerable to arbitrary file upload via pmupdate.php.
CVE-2025-65415 medium 5.4 5.4 26d ago docuFORM Managed Print Service Client 11.11c is vulnerable to a session fixation attack via the login page of the application.
CVE-2025-61310 medium 6.1 6.1 26d ago A reflected cross-site scripted (XSS) vulnerability in the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in…
CVE-2025-61309 medium 6.1 6.1 26d ago A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_departments.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript…
CVE-2025-61308 medium 6.1 6.1 26d ago A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_maintenance.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript…
CVE-2025-61307 medium 6.1 6.1 26d ago A reflected cross-site scripted (XSS) vulnerability in the acc-menu_papers.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in t…
CVE-2025-61306 medium 6.1 6.1 26d ago A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_coveragealerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascr…
CVE-2025-61305 medium 6.1 6.1 26d ago A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_firmware.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in…
CVE-2026-8290 medium 6.5 6.5 open5gs 26d ago A security flaw has been discovered in Open5GS up to 2.7.7. This issue affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulat…
CVE-2026-8289 medium 6.5 6.5 open5gs 26d ago A vulnerability was identified in Open5GS up to 2.7.7. This vulnerability affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipu…
CVE-2026-44337 medium 6.3 6.3 praison 26d ago PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries
CVE-2026-8288 medium 6.5 6.5 open5gs 26d ago A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsm_handle_pdu_session_modification_qos_flow_descriptions of the file src/smf/gsm-handler.c of the component SMF. Exec…
CVE-2026-26946 medium 6.7 6.7 dell 27d ago Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local acce…
CVE-2025-43992 medium 5.6 5.6 dell 27d ago Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthentica…
CVE-2024-0391 medium 4.3 4.3 wso2 27d ago The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. The discovery of valid use…
CVE-2026-43826 medium 6.5 6.5 apache 27d ago Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedded in the host URL
CVE-2026-41018 medium 6.5 6.5 apache 27d ago Apache Airflow Providers Elasticsearch: Elasticsearch task-log handlers leak credentials embedded in the host URL
CVE-2026-5084 medium 6.5 6.5 27d ago WebDyne::Session versions through 2.075 for Perl generates the session id insecurely. The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function…
CVE-2026-8276 low 3.7 3.7 debian debian sles 27d ago bettercap Has an Integer Coercion Error in modules/mysql_server/mysql_server.go
CVE-2026-8275 low 3.7 3.7 debian debian 27d ago bettercap Has an Integer Coercion Error in the ippReadChunkedBody Function
CVE-2026-1677 medium 5.3 5.3 27d ago Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to …
CVE-2026-8274 medium 5.3 5.3 27d ago A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do_directory of the file cramfsck.c of the component Directory Handler. Such manipulation leads t…
CVE-2026-8270 medium 6.5 6.5 open5gs 27d ago A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_nas_parse_qos_rules of the component SMF. Executing a manipulation can lead to denial of service. The a…
CVE-2026-8269 medium 6.5 6.5 open5gs 27d ago A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function smf_nsmf_handle_create_sm_context of the component SMF. Performing a manipulation results in denial of service. Remote explo…
CVE-2026-8268 medium 6.5 6.5 open5gs 27d ago A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPI_list_create of the component SMF. Such manipulation leads to denial of service. The attack may be launch…
CVE-2026-8267 medium 6.5 6.5 open5gs 27d ago A flaw has been found in Open5GS up to 2.7.7. This vulnerability affects the function smf_nsmf_handle_created_data_in_vsmf of the component SMF. This manipulation causes denial of service. The attack…
CVE-2026-8266 medium 6.5 6.5 open5gs 27d ago A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsm_build_pdu_session_establishment_accept of the file /src/smf/gsm-build.c of the component SMF. The manipulation resul…
CVE-2026-8262 low 2.4 2.4 27d ago A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting. The attack ma…
CVE-2026-8261 medium 5.9 5.9 debian debian 27d ago A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attac…
CVE-2026-8258 medium 5.3 5.3 debian debian 27d ago A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The at…
CVE-2026-8257 medium 5.5 5.5 debian debian webassembly 27d ago A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a…
CVE-2026-8256 low 2.4 2.4 27d ago A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. This vulnerability affects unknown code of the file /accounts/mr-save. Such manipulation leads to cross site scriptin…
CVE-2026-8255 low 2.4 2.4 27d ago A weakness has been identified in Devs Palace ERP Online up to 4.0.0. This affects an unknown part of the file /inventory/add_new_customer. This manipulation causes cross site scripting. The attack c…
CVE-2026-8254 low 2.4 2.4 27d ago A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/sales_save. The manipulation results in cross si…
CVE-2026-8253 low 2.4 2.4 27d ago A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. Affected by this vulnerability is an unknown functionality of the file /inventory/purchase_save. The manipulation leads to cross …
CVE-2026-8252 medium 6.5 6.5 open5gs 27d ago A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smf_nsmf_handle_create_data_in_hsmf of the component SMF. Executing a manipulation can lead to null pointer dereference…
CVE-2026-43666 medium 6.2 6.2 FIX iosmacos macos tvos 27d ago visionOS 26.5
CVE-2026-43659 medium 4.7 4.7 FIX iosmacos macos apple 27d ago visionOS 26.5
CVE-2026-43653 medium 6.2 6.2 FIX iosmacos macos tvos 27d ago The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5. An attacker on …
CVE-2026-39869 medium 4.3 4.3 FIX iosmacos macos tvos 27d ago visionOS 26.5
CVE-2026-28996 medium 5.5 5.5 FIX iosmacos macos tvos 27d ago visionOS 26.5
CVE-2026-28994 medium 5.3 5.3 FIX iosmacos macos tvos 27d ago watchOS 26.5
CVE-2026-28993 medium 5.5 5.5 FIX iosmacos macos apple 27d ago visionOS 26.5
CVE-2026-28992 medium 4.7 4.7 FIX iosmacos macos tvos 27d ago visionOS 26.5
CVE-2026-28988 medium 5.5 5.5 FIX iosmacos macos watchos 27d ago visionOS 26.5
CVE-2026-28985 medium 6.2 6.2 FIX iosmacos macos tvos 27d ago A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to …
CVE-2026-28977 medium 6.2 6.2 FIX iosmacos macos tvos 27d ago visionOS 26.5
CVE-2026-28972 medium 6.5 6.5 FIX iosmacos macos tvos 27d ago visionOS 26.5
CVE-2026-28963 medium 4.6 4.6 FIX iosmacos macos 27d ago A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26.5 and iPadOS 26.5. An attacker with physical access may be able to use Visual Intelligence to access sensi…
CVE-2026-28961 medium 4.6 4.6 FIX macos macos 27d ago This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information.