VIR Vulnerability Intelligence Relay

Search

Found 28,678 results in 1430ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-42203 high 8.8 8.8 litellm 1mo ago LiteLLM: Server-Side Template Injection in /prompts/test endpoint
CVE-2026-8128 high 7.3 7.3 1mo ago A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid result…
CVE-2026-8126 high 7.3 7.3 1mo ago A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file post_comment.php. This manipulation of the argument Name causes sql injection. Remot…
CVE-2026-44837 high 7.5 7.5 debian debian viewcomponent 1mo ago view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file …
CVE-2026-6411 high 7.3 7.3 1mo ago This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to t…
CVE-2026-8112 high 8.8 8.8 8421bit 1mo ago A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation resul…
CVE-2026-7541 high 7.5 7.5 github 1mo ago A denial of service vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to cause service disruption by sending crafted requests with deeply nested JSON p…
CVE-2026-41105 high 8.1 8.1 windows windows microsoft 1mo ago Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
CVE-2026-40213 high 7.4 7.4 FIX debian debian 1mo ago OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless…
CVE-2026-35435 high 8.6 8.6 windows windows microsoft 1mo ago Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-34327 high 8.2 8.2 windows windows microsoft 1mo ago Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-33111 high 7.5 7.5 windows windows microsoft 1mo ago Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.
CVE-2026-32207 high 8.8 8.8 windows windows microsoft 1mo ago Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-26164 high 7.5 7.5 windows windows microsoft 1mo ago Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-26129 high 7.5 7.5 windows windows microsoft 1mo ago Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-8098 high 7.3 7.3 1mo ago A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sq…
CVE-2026-42449 high 8.5 8.5 n8n-mcp 1mo ago n8n-mcp's IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders
CVE-2026-42047 high 8.6 8.6 inngest 1mo ago Inngest TypeScript SDK exposes environment variables via serve() handler on unhandled HTTP methods
CVE-2026-8087 high 7.8 7.8 FIX debian debian osgeo 1mo ago A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldNam…
CVE-2026-43510 high 7.6 7.6 1mo ago manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. F…
CVE-2026-42501 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module pr…
CVE-2026-42499 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.
CVE-2026-42239 high 8.1 8.1 budibase 1mo ago Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.…
CVE-2026-39836 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).
CVE-2026-39820 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.
CVE-2026-33814 high 7.5 7.5 debian debian sleswindows windows golanggoogle 1mo ago When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
CVE-2026-33811 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
CVE-2026-27891 high 7.2 7.2 1mo ago FacturaScripts Vulnerable to Remote Code Execution (RCE) via Zip Slip in Plugin Upload Mechanism
CVE-2026-8086 high 7.8 7.8 FIX debian debian osgeo 1mo ago A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName lead…
CVE-2026-8083 high 7.3 7.3 1mo ago A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation of the argument ID results i…
CVE-2026-44244 high 7.8 7.8 FIX slesdebian debianubuntu ubuntu gitpython_project 1mo ago GitPython vulnerabilities
CVE-2026-42215 high 8.8 8.8 FIX slesdebian debianubuntu ubuntu gitpython_project 1mo ago GitPython vulnerabilities
CVE-2026-42214 high 7.8 7.8 dail8859 1mo ago Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua script…
CVE-2026-41906 high 7.1 7.1 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filte…
CVE-2026-41905 high 7.7 7.7 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl() in app/Misc/Helper.php follows HTTP redirects via curlGetLastR…
CVE-2026-41904 high 7.6 7.6 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user with updateAutoReply permission can store an XSS payload in the mailbox auto-reply …
CVE-2026-6973 high 7.2 8.7 KEV ivanti 1mo ago Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
CVE-2026-5786 high 8.8 8.8 ivanti 1mo ago An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote authenticated attacker to gain administrative access.
CVE-2025-65122 high 7.5 7.5 1mo ago youtube-regex vulnerable to Regex Denial of Service
CVE-2026-44349 high 8.0 1mo ago Daptin fuzzy search injects unvalidated column name into raw SQL
CVE-2026-41688 high 7.7 7.7 1mo ago Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the incomplete SSRF fix in Wallos validates webhook URLs via gethostbyname() but passes the origina…
CVE-2026-41654 high 8.1 8.1 weblate 1mo ago Weblate Vulnerable to Authenticated SSRF via Project Backup Import bypassing validate_repo_url
CVE-2026-41505 high 8.7 8.7 1mo ago RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's gen_ticket_code() functi…
CVE-2026-41422 high 8.3 8.3 1mo ago Daptin: SQL injection via unvalidated goqu.L() calls in aggregate API
CVE-2025-63705 high 8.8 8.8 1mo ago node-ts-ocr is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js
CVE-2026-41554 high 7.1 7.1 1mo ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 t…
CVE-2026-41490 high 8.3 8.3 1mo ago Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations
CVE-2026-30495 high 8.8 8.8 1mo ago The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes Android Debug Bridge (ADB) on TCP port 5555 over the network without requiring authentication. The device is con…
CVE-2025-14341 high 8.3 8.3 1mo ago Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDri…
CVE-2026-42011 high 7.4 7.4 FIX debian debian sleswindows windows 1mo ago GnuTLS vulnerabilities
CVE-2026-8093 high 8.1 8.1 FIX debian debian sles mozilla 1mo ago Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary …
CVE-2026-6002 high 8.8 8.8 1mo ago Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross-Site Scripting (XSS). This issue affec…
CVE-2026-5784 high 8.8 8.8 1mo ago Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyD…
CVE-2026-42285 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending…
CVE-2026-41644 high 7.1 7.1 monetr 1mo ago monetr: Server-side request forgery in Lunch Flow link creation and refresh
CVE-2026-41643 high 7.5 7.5 FIX debian debianubuntu ubuntu osrg 1mo ago GoBGP vulnerabilities
CVE-2026-41642 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil poin…
CVE-2026-3953 high 8.8 8.8 1mo ago Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software Industry and Trade Ltd. Co. Proticaret E-Commerce allows Cross-Site Scripting (XS…
CVE-2026-42010 high 7.1 7.1 FIX debian debian sles rhel gnuredhat 1mo ago GnuTLS vulnerabilities
CVE-2026-33588 high 8.1 8.1 lfnovo 1mo ago Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal.
CVE-2026-28201 high 7.8 7.8 lfnovo 1mo ago An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1.8.1 allows remote attacker to trick a legitimate user to alter or delete arbitrary data…
CVE-2026-6805 high 7.5 7.5 thalesgroup 1mo ago Vulnerability on the external sharing feature in Cryptobox allows an attacker knowing a sharing link URL to retrieve information from the server allowing an offline brute-force attack of the access c…
CVE-2026-44407 high 7.5 7.5 zte 1mo ago A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service.
CVE-2025-68060 high 7.6 7.6 1mo ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through …
CVE-2024-43384 high 8.0 8.0 1mo ago A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
CVE-2026-4430 high 7.8 7.8 FIX debian debian slesubuntu ubuntu libreoffice 1mo ago LibreOffice vulnerability
CVE-2026-44406 high 7.8 7.8 zte 1mo ago ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privi…
CVE-2026-7252 high 8.1 8.1 1mo ago The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validat…
CVE-2026-6692 high 8.8 8.8 1mo ago The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient fil…
CVE-2026-4348 high 7.5 7.5 1mo ago The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_docs` and `docs_sort_by_letter` AJAX actions in all versions up to, and including, 3.7.0. This is du…
CVE-2026-41641 high 7.2 7.2 nocobase 1mo ago @nocobase/plugin-collection-sql: SQL Validation Bypass Through Missing `checkSQL` Call
CVE-2026-41413 high 7.7 7.7 istiogoogle 1mo ago Istio: SSRF via RequestAuthentication jwksUri
CVE-2026-41143 high 8.8 8.8 1mo ago YesWiki vulnerable to authenticated SQL Injection via id_fiche in EntryManager::formatDataBeforeSave()
CVE-2026-41139 high 8.8 8.8 mathjs 1mo ago mathjs Allows Improperly Controlled Modification of Dynamically-Determined Object Attributes
CVE-2026-44602 high 7.5 7.5 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006.
CVE-2026-44601 high 7.5 7.5 FIX debian debian torproject 1mo ago Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.
CVE-2026-41675 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML node injection through unvalidated processing instruction serialization
CVE-2026-41674 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML injection through unvalidated DocumentType serialization
CVE-2026-41673 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom: Uncontrolled recursion in XML serialization leads to DoS
CVE-2026-41672 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML node injection through unvalidated comment serialization
CVE-2026-41640 high 8.8 8.8 nocobase 1mo ago @nocobase/database has SQL Injection via String Concatenation through Recursive Eager Loading
CVE-2026-41142 high 8.8 8.8 slesdebian debian openexr 1mo ago OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3…
CVE-2026-41002 high 8.1 8.1 vmware 1mo ago Spring Cloud Config Server Susceptible To TOCTOU Attack
CVE-2026-40981 high 7.5 7.5 vmware 1mo ago Spring Cloud Config has an Authorization Bypass Through User-Controlled Key
CVE-2026-40004 high 7.8 7.8 zte 1mo ago There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate privileges.
CVE-2026-44503 high 8.0 1mo ago Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect
CVE-2026-45137 high 8.2 8.2 1mo ago Anchor is a framework providing several convenient developer tools for writing Solana programs. From 1.0.0 to before 1.0.2, an logic error causes anchor programs to accept any program id when requiri…
CVE-2026-44511 high 7.4 7.4 1mo ago katalyst-koi: Session cookies can be replayed after user logout
CVE-2026-33636 high 8.0 FIX rheldebian debian sles 1mo ago libpng vulnerabilities
CVE-2026-33554 high 7.5 7.5 FIX rheldebian debian sles 1mo ago ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform m…
CVE-2026-44439 high 7.5 7.5 lookyloo 1mo ago PlaywrightCapture is a simple replacement for splash using playwright. Prior to 1.39.6, PlaywrightCapture did not sufficiently restrict navigations and resource requests initiated by rendered pages. …
CVE-2026-46689 high 8.0 1mo ago scim_proton and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion
CVE-2026-0897 high 8.0 debian debian 1mo ago Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (…
CVE-2026-42845 high 8.0 1mo ago Grav Form Plugin has an Anonymous Page Content Overwrite via Form File Upload filename Override
CVE-2026-44307 high 8.0 FIX debian debianwindows windows 1mo ago Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup
CVE-2026-42552 high 7.5 7.5 1mo ago Flight vulnerable to sensitive information disclosure via default error handler
CVE-2026-42551 high 7.5 7.5 1mo ago Flight: HTTP method override enabled by default, facilitating CSRF escalation and middleware bypass
CVE-2026-42550 high 8.8 8.8 1mo ago Flight vulnerable to SQL Injection via unvalidated identifiers in SimplePdo::insert / update / delete
CVE-2026-42548 high 8.0 1mo ago Flight has reflected XSS through an unvalidated JSONP callback in Flight::jsonp()
CVE-2026-42844 high 8.8 8.8 getgrav 1mo ago Low-privileged Grav API users can create super-admin accounts via blueprint-upload