VIR Vulnerability Intelligence Relay

Search

Found 49,666 results in 2937ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-44244 high 7.8 7.8 FIX slesdebian debian gitpython_project 1mo ago GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPath
CVE-2026-42215 high 8.8 8.8 FIX slesdebian debian gitpython_project 1mo ago GitPython has Command Injection via Git options bypass
CVE-2026-42214 high 7.8 7.8 dail8859 1mo ago Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua script…
CVE-2026-41906 high 7.1 7.1 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filte…
CVE-2026-41905 high 7.7 7.7 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl() in app/Misc/Helper.php follows HTTP redirects via curlGetLastR…
CVE-2026-41904 high 7.6 7.6 1mo ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user with updateAutoReply permission can store an XSS payload in the mailbox auto-reply …
CVE-2026-6973 high 7.2 8.7 KEV ivanti 1mo ago Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
CVE-2026-5786 high 8.8 8.8 ivanti 1mo ago An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote authenticated attacker to gain administrative access.
CVE-2025-65122 high 7.5 7.5 1mo ago youtube-regex vulnerable to Regex Denial of Service
CVE-2026-44349 high 8.0 1mo ago Daptin fuzzy search injects unvalidated column name into raw SQL
CVE-2026-41688 high 7.7 7.7 1mo ago Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the incomplete SSRF fix in Wallos validates webhook URLs via gethostbyname() but passes the origina…
CVE-2026-41654 high 8.1 8.1 weblate 1mo ago Weblate Vulnerable to Authenticated SSRF via Project Backup Import bypassing validate_repo_url
CVE-2026-41505 high 8.7 8.7 1mo ago RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's gen_ticket_code() functi…
CVE-2026-41422 high 8.3 8.3 1mo ago Daptin: SQL injection via unvalidated goqu.L() calls in aggregate API
CVE-2025-63705 high 8.8 8.8 1mo ago node-ts-ocr is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js
CVE-2026-41554 high 7.1 7.1 1mo ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 t…
CVE-2026-41490 high 8.3 8.3 1mo ago Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations
CVE-2026-30495 high 8.8 8.8 1mo ago The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes Android Debug Bridge (ADB) on TCP port 5555 over the network without requiring authentication. The device is con…
CVE-2025-14341 high 8.3 8.3 1mo ago Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDri…
CVE-2026-42011 high 7.4 7.4 FIX debian debian sleswindows windows 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-8093 high 8.1 8.1 FIX debian debian sles mozilla 1mo ago Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary …
CVE-2026-6002 high 8.8 8.8 1mo ago Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross-Site Scripting (XSS). This issue affec…
CVE-2026-5784 high 8.8 8.8 1mo ago Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyD…
CVE-2026-42285 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending…
CVE-2026-41644 high 7.1 7.1 monetr 1mo ago monetr: Server-side request forgery in Lunch Flow link creation and refresh
CVE-2026-41643 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP where a mal…
CVE-2026-41642 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil poin…
CVE-2026-3953 high 8.8 8.8 1mo ago Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software Industry and Trade Ltd. Co. Proticaret E-Commerce allows Cross-Site Scripting (XS…
CVE-2026-42010 high 7.1 7.1 FIX debian debian sles rhel gnuredhat 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-33588 high 8.1 8.1 lfnovo 1mo ago Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal.
CVE-2026-28201 high 7.8 7.8 lfnovo 1mo ago An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1.8.1 allows remote attacker to trick a legitimate user to alter or delete arbitrary data…
CVE-2026-6805 high 7.5 7.5 thalesgroup 1mo ago Vulnerability on the external sharing feature in Cryptobox allows an attacker knowing a sharing link URL to retrieve information from the server allowing an offline brute-force attack of the access c…
CVE-2026-44407 high 7.5 7.5 zte 1mo ago A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service.
CVE-2025-68060 high 7.6 7.6 1mo ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through …
CVE-2024-43384 high 8.0 8.0 1mo ago A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
CVE-2026-4430 high 7.8 7.8 FIX debian debian sles libreoffice 1mo ago Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2…
CVE-2026-44406 high 7.8 7.8 zte 1mo ago ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privi…
CVE-2026-7252 high 8.1 8.1 1mo ago The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validat…
CVE-2026-6692 high 8.8 8.8 1mo ago The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient fil…
CVE-2026-4348 high 7.5 7.5 1mo ago The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_docs` and `docs_sort_by_letter` AJAX actions in all versions up to, and including, 3.7.0. This is du…
CVE-2026-41641 high 7.2 7.2 nocobase 1mo ago @nocobase/plugin-collection-sql: SQL Validation Bypass Through Missing `checkSQL` Call
CVE-2026-41413 high 7.7 7.7 istiogoogle 1mo ago Istio: SSRF via RequestAuthentication jwksUri
CVE-2026-41143 high 8.8 8.8 1mo ago YesWiki vulnerable to authenticated SQL Injection via id_fiche in EntryManager::formatDataBeforeSave()
CVE-2026-41139 high 8.8 8.8 mathjs 1mo ago mathjs Allows Improperly Controlled Modification of Dynamically-Determined Object Attributes
CVE-2026-44602 high 7.5 7.5 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006.
CVE-2026-44601 high 7.5 7.5 FIX debian debian torproject 1mo ago Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.
CVE-2026-41675 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML node injection through unvalidated processing instruction serialization
CVE-2026-41674 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML injection through unvalidated DocumentType serialization
CVE-2026-41673 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom: Uncontrolled recursion in XML serialization leads to DoS
CVE-2026-41672 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML node injection through unvalidated comment serialization
CVE-2026-41640 high 8.8 8.8 nocobase 1mo ago @nocobase/database has SQL Injection via String Concatenation through Recursive Eager Loading
CVE-2026-41142 high 8.8 8.8 slesdebian debian openexr 1mo ago OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3…
CVE-2026-41002 high 8.1 8.1 vmware 1mo ago Spring Cloud Config Server Susceptible To TOCTOU Attack
CVE-2026-40981 high 7.5 7.5 vmware 1mo ago Spring Cloud Config has an Authorization Bypass Through User-Controlled Key
CVE-2026-40004 high 7.8 7.8 zte 1mo ago There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate privileges.
CVE-2026-44503 high 8.0 1mo ago Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect
CVE-2026-45137 high 8.2 8.2 1mo ago Anchor is a framework providing several convenient developer tools for writing Solana programs. From 1.0.0 to before 1.0.2, an logic error causes anchor programs to accept any program id when requiri…
CVE-2026-44511 high 7.4 7.4 1mo ago katalyst-koi: Session cookies can be replayed after user logout
CVE-2026-33636 high 8.0 FIX rheldebian debian sles 1mo ago Important: thunderbird security update
CVE-2026-33554 high 7.5 7.5 FIX rheldebian debian sles 1mo ago ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform m…
CVE-2026-44439 high 7.5 7.5 lookyloo 1mo ago PlaywrightCapture is a simple replacement for splash using playwright. Prior to 1.39.6, PlaywrightCapture did not sufficiently restrict navigations and resource requests initiated by rendered pages. …
CVE-2026-46689 high 8.0 1mo ago scim_proton and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion
CVE-2026-0897 high 8.0 debian debian 1mo ago Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (…
CVE-2026-42845 high 8.0 1mo ago Grav Form Plugin has an Anonymous Page Content Overwrite via Form File Upload filename Override
CVE-2026-44307 high 8.0 FIX debian debianwindows windows 1mo ago Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup
CVE-2026-42552 high 7.5 7.5 1mo ago Flight vulnerable to sensitive information disclosure via default error handler
CVE-2026-42551 high 7.5 7.5 1mo ago Flight: HTTP method override enabled by default, facilitating CSRF escalation and middleware bypass
CVE-2026-42550 high 8.8 8.8 1mo ago Flight vulnerable to SQL Injection via unvalidated identifiers in SimplePdo::insert / update / delete
CVE-2026-42548 high 8.0 1mo ago Flight has reflected XSS through an unvalidated JSONP callback in Flight::jsonp()
CVE-2026-42844 high 8.8 8.8 getgrav 1mo ago Low-privileged Grav API users can create super-admin accounts via blueprint-upload
CVE-2026-8032 high 7.3 7.3 1mo ago A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. The impacted element is an unknown function of the file /cdemos/echs/priv/echs.js. This manipulation of the argument ADMIN_KE…
CVE-2026-44118 high 7.8 7.8 openclaw 1mo ago OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens
CVE-2026-44116 high 8.6 8.6 openclaw 1mo ago OpenClaw validates Zalo outbound photo URLs through the SSRF guard
CVE-2026-44115 high 8.8 8.8 openclaw 1mo ago OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell ex…
CVE-2026-44114 high 7.8 7.8 openclaw 1mo ago OpenClaw: Workspace dotenv could override runtime-control environment variables
CVE-2026-44113 high 7.7 7.7 openclaw 1mo ago OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
CVE-2026-44110 high 8.8 8.8 openclaw 1mo ago OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries
CVE-2026-43584 high 8.8 8.8 openclaw 1mo ago OpenClaw: Exec environment denylist missed high-risk interpreter startup variables
CVE-2026-43580 high 7.7 7.7 openclaw 1mo ago OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage
CVE-2026-43576 high 7.7 7.7 openclaw 1mo ago OpenClaw: CDP /json/version WebSocket URL could pivot to untrusted second-hop targets
CVE-2026-40171 high 8.0 debian debian 1mo ago In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 an…
CVE-2026-40076 high 8.8 8.8 openmrs 1mo ago OpenMRS Module Upload Vulnerable to Path Traversal (Zip Slip)
CVE-2025-71261 high 8.0 1mo ago Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS
CVE-2026-44243 high 7.1 7.1 FIX slesdebian debian gitpython_project 1mo ago GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository
CVE-2026-44304 high 8.1 8.1 1mo ago Lemur: LDAP Filter Injection enables post-authentication privilege escalation
CVE-2026-8018 high 8.1 8.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security…
CVE-2026-8016 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-8007 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a cra…
CVE-2026-8002 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Audio in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-8001 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v…
CVE-2026-8000 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium se…
CVE-2026-7997 high 7.8 7.8 FIX debian debianmacos macoswindows windows google 1mo ago Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium …
CVE-2026-7995 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Mediu…
CVE-2026-7994 high 7.8 7.8 FIX debian debianwindows windows google 1mo ago Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium securit…
CVE-2026-7992 high 8.8 8.8 FIX debian debian linux-kernelwindows windows google 1mo ago Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute…
CVE-2026-7991 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch…
CVE-2026-7990 high 7.8 7.8 FIX debian debianwindows windows google 1mo ago Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chrom…
CVE-2026-7988 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7987 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7985 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…