VIR Vulnerability Intelligence Relay

Search

Found 62,672 results in 2336ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-41702 high 7.0 7.0 vmware 23d ago VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges…
CVE-2026-43490 high 8.8 8.8 FIX slesdebian debianwindows windows 23d ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smb_inherit_dacl() walks the parent directory DACL loaded from the security descriptor x…
CVE-2026-28761 high 8.1 8.1 23d ago Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a user views a malicious page while logged-in to the affected pr…
CVE-2025-54518 unknown slesdebian debianwindows windows google 23d ago <p>This vulnerability was found and addressed by AMD. We are documenting it in the Security Update Guide to encourage customers to install the May 2026 version of Windows as soon as possible.</p> <p>…
CVE-2024-36333 high 7.8 7.8 amd 23d ago A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVE-2026-2652 high 8.6 8.6 lfprojects 23d ago MLflow: unauthenticated access to certain FastAPI routes
CVE-2026-44671 high 7.5 7.5 zitadel 24d ago ZITADEL has LDAP Filter Injection in Login Flow
CVE-2026-44700 high 8.0 24d ago ex_webrtc client-role handshake is missing DTLS peer fingerprint validation
CVE-2026-44673 high 7.5 7.5 debian debian sleswindows windows 24d ago libyang is a YANG data modeling language library. Prior to SO 5.2.15, lyb_read_string() in src/parser_lyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciou…
CVE-2026-42327 high 8.0 FIX debian debian 24d ago rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocsp_responders returns OCSP responder URLs from a certificate's AIA extension as Open…
CVE-2026-45370 high 7.7 7.7 24d ago python-utcp: Full Process Environment Exposed to CLI Subprocess - Secrets Leakage via Command Injection
CVE-2026-45369 high 8.3 8.3 24d ago utcp-cli Vulnerable to Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol
CVE-2026-46509 high 8.2 8.2 24d ago deepobj provides get, set, delete deep objects in javascript. Prior to 1.0.3, prototype pollution is possible when property paths contain __proto__/constructor/prototype. The property path must not b…
CVE-2026-45288 critical 9.8 9.8 24d ago Marten is a .NET Transactional Document DB and Event Store on PostgreSQL. Prior to 8.36.1, Marten's full-text search APIs interpolated the user-supplied regConfig parameter directly into the generate…
CVE-2026-45787 critical 9.1 9.1 electerm_project 24d ago electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confid…
CVE-2026-45353 high 7.8 7.8 electerm_project 24d ago electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From 3.0.6 to 3.8.8, This vulnerability is fixed in 3.9.0.
CVE-2026-45374 critical 9.6 9.6 24d ago CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.26, the task_create tool spawns durable sub-agents that inherit two insecure defaults, allow_shell defaults to true (config.rs:14…
CVE-2026-45373 high 7.4 7.4 24d ago CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.26, although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in‌‌ URL‌ as htt…
CVE-2026-45311 critical 9.6 9.6 24d ago CodeWhale is a DeepSeek + MiMo coding agent in terminal. From 0.3.0 to 0.8.23, the run_tests tool executes cargo test in the workspace with ApprovalRequirement::Auto, meaning it runs without any user…
CVE-2026-45310 high 7.4 7.4 24d ago CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.22, the fetch_url tool validates the initial URL's resolved IP address against a restricted-IP blocklist (is_restricted_ip()) to …
CVE-2026-45672 high 8.8 8.8 openwebui 24d ago Open WebUI: Jupyter code execution works despite `ENABLE_CODE_EXECUTION=false` — feature gate bypassed
CVE-2026-45671 high 8.0 8.0 openwebui 24d ago Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion
CVE-2026-45398 high 7.5 7.5 openwebui 24d ago Open WebUI Vulnerable to IDOR: Retrieval API Bypasses Knowledge Base Access Controls
CVE-2026-45350 high 7.1 7.1 openwebui 24d ago Open WebUI's chat completion API allows tool restrictions to be bypassed
CVE-2026-45348 high 8.7 8.7 24d ago pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the packages.js template at src/pyload/webui/app/themes/modern/templates/js/packages.js:172 interpolates …
CVE-2026-42570 high 8.0 24d ago Svelte devalue: DoS via sparse array deserialization
CVE-2026-45338 high 7.7 7.7 openwebui 24d ago Open WebUI Vulnerable to SSRF via OAuth Profile Picture URL in _process_picture_url (oauth.py)
CVE-2026-45331 high 8.5 8.5 openwebui 24d ago Open WebUI has a full SSRF Vulnerability in the RAG Web Search Feature
CVE-2026-8634 critical 9.1 9.1 24d ago Crabbox: environment variable exposure vulnerability
CVE-2026-8629 high 8.1 8.1 24d ago Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent tickets by sending POST requests t…
CVE-2026-8597 high 7.2 7.2 aws 24d ago Amazon SageMaker Python SDK is missing integrity verification in its Triton inference handler
CVE-2026-8587 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 24d ago Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome E…
CVE-2026-8585 high 7.5 7.5 FIX debian debianmacos macoswindows windows google 24d ago Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a …
CVE-2026-8581 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8580 critical 9.6 9.6 FIX debian debianwindows windows google 24d ago Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8577 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8575 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…
CVE-2026-8574 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM…
CVE-2026-8573 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:…
CVE-2026-8571 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v…
CVE-2026-8569 high 8.3 8.3 FIX debian debianmacos macoswindows windows google 24d ago Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: …
CVE-2026-8558 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8557 high 7.5 7.5 FIX debian debianwindows windows google 24d ago Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (C…
CVE-2026-8555 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8551 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page…
CVE-2026-8549 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8548 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
CVE-2026-8547 high 7.5 7.5 FIX debian debianwindows windows google 24d ago Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via…
CVE-2026-8544 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8542 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM…
CVE-2026-8540 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8534 high 8.3 8.3 FIX debian debian linux-kernelwindows windows google 24d ago Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a…
CVE-2026-8533 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …
CVE-2026-8532 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8531 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity…
CVE-2026-8530 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …
CVE-2026-8529 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Hig…
CVE-2026-8527 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severi…
CVE-2026-8526 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8525 high 8.3 8.3 FIX debian debianmacos macoswindows windows google 24d ago Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: H…
CVE-2026-8524 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hig…
CVE-2026-8523 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-8522 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 24d ago Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8521 high 7.5 7.5 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
CVE-2026-8520 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8519 high 8.8 8.8 FIX debian debianwindows windows google 24d ago Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: …
CVE-2026-8518 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8517 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 24d ago Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a cra…
CVE-2026-8515 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted H…
CVE-2026-8514 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-8513 high 8.3 8.3 FIX debian debianwindows windows google 24d ago Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
CVE-2026-8512 high 8.3 8.3 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a cr…
CVE-2026-8511 critical 9.6 9.6 FIX debian debianmacos macos linux-kernel google 24d ago Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8510 high 7.5 7.5 FIX debian debianwindows windows google 24d ago Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted …
CVE-2026-8509 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 24d ago Heap buffer overflow in WebML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Criti…
CVE-2026-46356 high 7.5 7.5 fleetdm 24d ago Fleet: IP spoofing allows bypassing API rate limiting
CVE-2026-44637 high 7.1 7.1 FIX debian debian sles saitoha 24d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-boun…
CVE-2026-44636 high 7.8 7.8 FIX debian debian sles saitoha 24d ago libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap bu…
CVE-2026-43909 high 8.8 8.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t…
CVE-2026-43908 high 8.8 8.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t…
CVE-2026-43907 high 8.3 8.3 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGB…
CVE-2026-43906 high 7.8 7.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the H…
CVE-2026-43905 high 7.8 7.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer…
CVE-2026-43904 high 7.8 7.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 (mixed RLE) an…
CVE-2026-43903 high 7.8 7.8 debian debian openimageio 24d ago OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIO_DASSERT…
CVE-2026-26191 critical 9.8 9.8 fleetdm 24d ago Fleet vulnerable to OS command injection in software packages
CVE-2026-24899 high 7.5 7.5 fleetdm 24d ago Fleet Windows MDM Azure AD JWT Authentication Bypass
CVE-2026-45303 high 7.7 7.7 openwebui 24d ago Open WebUI has stored XSS via the HTML renedering view
CVE-2026-45058 critical 9.5 24d ago electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync…
CVE-2026-8621 high 8.8 8.8 24d ago Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers
CVE-2026-45375 critical 9.0 9.0 24d ago SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution
CVE-2026-45371 high 8.0 24d ago SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs
CVE-2026-44670 critical 9.5 24d ago SiYuan Affected by Stored XSS via Attribute View Name to Electron Renderer RCE
CVE-2026-44633 high 8.1 8.1 24d ago Live Helper Chat is an open-source application that enables live support websites. In 4.84v, the Live Helper Chat REST API chat update endpoint allows a REST user with lhchat/use to update a chat in …
CVE-2026-44592 critical 9.4 9.4 24d ago Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto can register as a worker with…
CVE-2026-44588 critical 9.5 24d ago SiYuan: Electron Renderer RCE via decodeURIComponent-driven tooltip XSS in aria-label sink (incomplete fix for CVE-2026-34585)
CVE-2026-44586 high 8.3 8.3 24d ago SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML wit…
CVE-2026-44523 critical 10.0 10.0 24d ago Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery
CVE-2026-44522 high 8.0 24d ago Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leads to Remote Code Execution
CVE-2026-41315 critical 9.8 9.8 midoks 24d ago mdserver-web is a simple Linux panel. From 0.18.0 to 0.18.4, mdserver-web has a front-end unauthorized remote command execution vulnerability. Due to the lack of authentication on the /modify_crond a…