VIR Vulnerability Intelligence Relay

Search

Found 33,080 results in 1398ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-43350 high 7.6 7.6 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parse_dacl() treats an ACE SID matching sid_unix_NFS_mode as an…
CVE-2026-43347 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: monaco: Reserve full Gunyah metadata region We observe spurious "Synchronous External Abort" exceptions (ESR=0x…
CVE-2026-43345 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to …
CVE-2026-43339 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UaF in addrconf_permanent_addr() The mentioned helper try to warn the user about an exceptional condition,…
CVE-2026-43336 high 7.5 7.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: lib/crypto: chacha: Zeroize permuted_state before it leaves scope Since the ChaCha permutation is invertible, the local variable …
CVE-2026-43334 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: force responder MITM requirements before building the pairing response smp_cmd_pairing_req() currently builds the…
CVE-2026-43332 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone device registration error path If thermal_zone_device_register_with_trips() fails after registeri…
CVE-2026-43330 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into th…
CVE-2026-43329 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: strictly check for maximum number of actions The maximum number of flowtable hardware offload actions in IP…
CVE-2026-43328 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreq_dbs_governor_init() error path When kobject_init_and_add() fails, cpufreq_dbs_gover…
CVE-2026-43324 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error ha…
CVE-2026-43322 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in le_read_features_complete This fixes the following backtrace caused by hci_conn being freed befor…
CVE-2026-43321 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Properly mark live registers for indirect jumps For a `gotox rX` instruction the rX register should be marked as used in the…
CVE-2026-43307 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N sam…
CVE-2026-43303 high 7.8 7.8 FIX sles rheldebian debian google 1mo ago In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: clear page->private in free_pages_prepare() Several subsystems (slub, shmem, ttm, etc.) use page->private but don'…
CVE-2026-43296 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs…
CVE-2026-43291 high 8.3 8.3 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fix parameter validation for packet data Since commit 9c328f54741b ("net: nfc: nci: Add parameter validation for p…
CVE-2026-43290 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on start_streaming() failure Return buffers if streaming fails to start due to uvc_pm_get(…
CVE-2026-41506 high 7.4 7.4 FIX debian debian sles go-git_project 1mo ago go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smar…
CVE-2026-41496 high 8.1 8.1 praison 1mo ago PraisonAI: SQL Injection via unvalidated `table_prefix` in 9 conversation store backends (incomplete fix for CVE-2026-40315)
CVE-2026-41491 high 8.1 8.1 linuxfoundation 1mo ago Dapr: Service Invocation path traversal ACL bypass
CVE-2026-39816 high 8.8 8.8 apache 1mo ago Apache NiFi is missing the Restricted annotation with the Execute Code Required Permission
CVE-2026-32803 low 3.3 3.3 1mo ago Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileg…
CVE-2026-25077 high 8.8 8.8 apache 1mo ago Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using the KVM hypervisor. Due to missing file name sanitization, an…
CVE-2025-66467 high 8.1 8.1 apache 1mo ago Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, th…
CVE-2025-66172 high 8.1 8.1 apache 1mo ago The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e…
CVE-2022-50994 high 8.1 8.1 1mo ago DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands…
CVE-2026-7330 high 7.2 7.2 1mo ago The Auto Affiliate Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.8.8 This is due to insufficient input sanitization on the 'url' POST par…
CVE-2026-5127 high 8.8 8.8 1mo ago The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to Deserialization of Untrusted Data in versions up to, and …
CVE-2026-4935 high 8.6 8.6 1mo ago The OttoKit: All-in-One Automation Platform WordPress plugin before 1.1.23 does not properly sanitize user input before using it in a SQL statement, which could allow unauthenticated attackers to per…
CVE-2026-44916 low 3.0 3.0 FIX debian debian 1mo ago In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing.
CVE-2025-67888 high 7.3 8.3 EXP 1mo ago An issue was discovered in Control Web Panel (CWP) before 0.9.8.1209. User input passed via the "key" GET parameter to /admin/index.php (when the "api" parameter is set) is not properly sanitized bef…
CVE-2024-53326 high 7.3 8.3 EXP 1mo ago LINQPad before 5.52.01 Pro edition is vulnerable to Unsafe Deserialization in LINQPad.AutoRefManager::PopulateFromCache(), leading to code execution.
CVE-2024-46508 high 7.5 7.5 yeti-platform 1mo ago yeti-platform yeti before 2.1.12 allows attackers to generate valid JWT tokens is the secret is not changed (by setting YETI_AUTH_SECRET_KEY to a value other than SECRET).
CVE-2024-46507 high 7.3 7.3 yeti-platform 1mo ago A SSTI (server side template injection) vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server.
CVE-2024-45257 high 7.3 8.3 EXP 1mo ago A Command Injection issue in the payload build page in BYOB (Build Your Own Botnet) 2.0 allows attackers to execute arbitrary commands on the server via a crafted build parameter. This occurs in free…
CVE-2024-33288 high 7.3 7.3 1mo ago Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page.
CVE-2024-27686 high 7.5 7.5 1mo ago Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445.
CVE-2026-8148 high 7.8 7.8 navercorp 1mo ago NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks.
CVE-2026-8138 high 8.8 8.8 1mo ago A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation results in stack-based buffer overflow.…
CVE-2026-8137 high 8.8 8.8 1mo ago A vulnerability has been found in Totolink X5000R 9.1.0u.6369_B20230113. This vulnerability affects the function sub_458E40 of the file /boafrm/formDdns. The manipulation of the argument submit-url l…
CVE-2023-42346 high 7.5 7.5 1mo ago Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host
CVE-2023-42344 high 7.3 7.3 1mo ago Alkacon OpenCms allows remote unauthenticated attackers to obtain sensitive information
CVE-2022-26522 high 7.8 7.8 1mo ago The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service…
CVE-2026-8136 low 2.4 2.4 1mo ago A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead…
CVE-2026-8133 high 7.3 7.3 1mo ago A security vulnerability has been detected in zyx0814 FilePress up to 2.2.0. Affected by this vulnerability is an unknown functionality of the file dzz/shares/admin.php of the component Shares Fileli…
CVE-2026-8132 high 7.3 7.3 1mo ago A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txt_username causes sql injection. T…
CVE-2026-8131 high 7.3 7.3 1mo ago A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql …
CVE-2026-8130 high 7.3 7.3 1mo ago A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injecti…
CVE-2026-8129 high 7.3 7.3 1mo ago A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can…
CVE-2026-43943 high 7.8 7.8 electerm_project 1mo ago Electerm Security Vulnerability: RCE via malicious SSH server filename in openFileWithEditor
CVE-2026-43940 high 8.4 8.4 electerm_project 1mo ago Electerm runWidget has a path traversal that leads to arbitrary code execution
CVE-2026-42275 high 8.7 8.7 netfoundry 1mo ago zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write
CVE-2026-42274 high 8.0 1mo ago Heimdall has an authorization bypass via path normalization mismatch
CVE-2026-42273 high 8.0 1mo ago Heimdall: Case-sensitive host matching may lead to policy bypass
CVE-2026-42272 high 8.0 1mo ago Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation
CVE-2026-42271 high 8.8 8.8 litellm 1mo ago LiteLLM: Authenticated command execution via MCP stdio test endpoints
CVE-2026-42261 high 7.1 7.1 legeling 1mo ago PromptHub is an all-in-one AI toolbox for prompt, skill, and agent management. From version 0.4.9 to before version 0.5.4, apps/web/src/routes/skills.ts exposes an authenticated endpoint POST /api/sk…
CVE-2026-42203 high 8.8 8.8 litellm 1mo ago LiteLLM: Server-Side Template Injection in /prompts/test endpoint
CVE-2026-41498 low 3.3 3.3 kimai 1mo ago Kimai has Missing Object-Level Authorization in the Team API
CVE-2026-8128 high 7.3 7.3 1mo ago A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid result…
CVE-2026-8126 high 7.3 7.3 1mo ago A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file post_comment.php. This manipulation of the argument Name causes sql injection. Remot…
CVE-2026-44837 high 7.5 7.5 debian debian viewcomponent 1mo ago view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file …
CVE-2026-6411 high 7.3 7.3 1mo ago This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to t…
CVE-2026-8112 high 8.8 8.8 8421bit 1mo ago A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation resul…
CVE-2026-7541 high 7.5 7.5 github 1mo ago A denial of service vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to cause service disruption by sending crafted requests with deeply nested JSON p…
CVE-2026-41105 high 8.1 8.1 windows windows microsoft 1mo ago Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
CVE-2026-40213 high 7.4 7.4 FIX debian debian 1mo ago OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless…
CVE-2026-35435 high 8.6 8.6 windows windows microsoft 1mo ago Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-34327 high 8.2 8.2 windows windows microsoft 1mo ago Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-33111 high 7.5 7.5 windows windows microsoft 1mo ago Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.
CVE-2026-32207 high 8.8 8.8 windows windows microsoft 1mo ago Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-26164 high 7.5 7.5 windows windows microsoft 1mo ago Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-26129 high 7.5 7.5 windows windows microsoft 1mo ago Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-8098 high 7.3 7.3 1mo ago A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sq…
CVE-2026-42449 high 8.5 8.5 n8n-mcp 1mo ago n8n-mcp's IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders
CVE-2026-42047 high 8.6 8.6 inngest 1mo ago Inngest TypeScript SDK exposes environment variables via serve() handler on unhandled HTTP methods
CVE-2026-8087 high 7.8 7.8 FIX debian debian osgeo 1mo ago A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldNam…
CVE-2026-43510 high 7.6 7.6 1mo ago manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. F…
CVE-2026-42501 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module pr…
CVE-2026-42499 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.
CVE-2026-42239 high 8.1 8.1 budibase 1mo ago Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.…
CVE-2026-39836 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).
CVE-2026-39820 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.
CVE-2026-33814 high 7.5 7.5 debian debian sleswindows windows golanggoogle 1mo ago When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
CVE-2026-33811 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
CVE-2026-27964 low 3.9 3.9 1mo ago FacturaScripts vulnerable to Reflected Cross-Site Scripting (XSS) via Cookie Manipulation
CVE-2026-27891 high 7.2 7.2 1mo ago FacturaScripts Vulnerable to Remote Code Execution (RCE) via Zip Slip in Plugin Upload Mechanism
CVE-2026-8086 high 7.8 7.8 FIX debian debian osgeo 1mo ago A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName lead…
CVE-2026-8083 high 7.3 7.3 1mo ago A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation of the argument ID results i…
CVE-2026-44244 high 7.8 7.8 FIX slesdebian debianubuntu ubuntu gitpython_project 1mo ago GitPython vulnerabilities
CVE-2026-42215 high 8.8 8.8 FIX slesdebian debianubuntu ubuntu gitpython_project 1mo ago GitPython vulnerabilities
CVE-2026-42214 high 7.8 7.8 dail8859 1mo ago Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua script…
CVE-2026-41906 high 7.1 7.1 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filte…
CVE-2026-41905 high 7.7 7.7 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl() in app/Misc/Helper.php follows HTTP redirects via curlGetLastR…
CVE-2026-41904 high 7.6 7.6 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user with updateAutoReply permission can store an XSS payload in the mailbox auto-reply …
CVE-2026-6973 high 7.2 8.7 KEV ivanti 1mo ago Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
CVE-2026-5786 high 8.8 8.8 ivanti 1mo ago An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote authenticated attacker to gain administrative access.
CVE-2025-65122 high 7.5 7.5 1mo ago youtube-regex vulnerable to Regex Denial of Service
CVE-2026-44349 high 8.0 1mo ago Daptin fuzzy search injects unvalidated column name into raw SQL