CVEs from 2026
Total
14,777
critical
critical 1,334
high
high 5,000
medium
medium 4,821
low
low 503
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-11068 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11060 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11059 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11055 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11054 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11050 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11049 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11046 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11042 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11041 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11030 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11028 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11003 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11000 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10995 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10991 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10989 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10988 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10987 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10986 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10982 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10978 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10975 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10965 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10964 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10963 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10962 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10959 | high | 8.8 | 8.8 | 2d ago | Use after free in Input in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… | |||
| CVE-2026-10958 | high | 8.8 | 8.8 | 2d ago | Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafte… | |||
| CVE-2026-10957 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10956 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10955 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10954 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10952 | high | 8.8 | 8.8 | 2d ago | Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: … | |||
| CVE-2026-10951 | high | 8.8 | 8.8 | 2d ago | Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a… | |||
| CVE-2026-10948 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10947 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10945 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10943 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10941 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10939 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10936 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10935 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10932 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10928 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10926 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10923 | high | 8.8 | 8.8 | 2d ago | Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: High) | |||
| CVE-2026-10922 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10914 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10913 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10910 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10907 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10904 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10903 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10902 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10897 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10896 | high | 8.8 | 8.8 | 2d ago | Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | |||
| CVE-2026-10895 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10893 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10891 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10890 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10888 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-10885 | high | 8.8 | 8.8 | 2d ago | Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | |||
| CVE-2026-10883 | high | 8.8 | 8.8 | 2d ago | Type Confusion in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | |||
| CVE-2026-10882 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-5228 | high | 8.8 | 8.8 | 2d ago | Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mo… | |||
| CVE-2026-43985 | high | 8.8 | 8.8 | 2d ago | Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `configUpdate` as a state-changing administrator endpoint, but the route does not enforc… | |||
| CVE-2026-49194 | high | 8.8 | 8.8 | 2d ago | The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface. | |||
| CVE-2026-49190 | high | 8.8 | 8.8 | 2d ago | The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions. | |||
| CVE-2026-41860 | high | 8.8 | 8.8 | 3d ago | CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_endpoint and #send_http_get_request_synchronous hard-co… | |||
| CVE-2026-46264 | high | 8.8 | 8.8 | 3d ago | In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm_add_action_or_reset() failure the provided cleanup action will be run immedia… | |||
| CVE-2026-35085 | high | 8.8 | 8.8 | 3d ago | A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. | |||
| CVE-2026-35084 | high | 8.8 | 8.8 | 3d ago | A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root. | |||
| CVE-2026-35083 | high | 8.8 | 8.8 | 3d ago | A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root. | |||
| CVE-2026-35082 | high | 8.8 | 8.8 | 3d ago | The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input. | |||
| CVE-2026-36608 | high | 8.8 | 8.8 | 4d ago | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP (192.168.1.1) or local… | |||
| CVE-2026-36607 | high | 8.8 | 8.8 | 4d ago | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint (code=10), which lacks the rate limiting applied to th… | |||
| CVE-2026-49443 | high | 8.8 | 8.8 | 4d ago | authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an account in one of the configured… | |||
| CVE-2026-49143 | high | 8.8 | 8.8 | 4d ago | BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /_log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitti… | |||
| CVE-2026-1829 | high | 8.8 | 8.8 | 4d ago | The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.02 via the 'et_pb_text' shortcode 'cvdb_content_visibility_… | |||
| CVE-2026-30652 | high | 8.8 | 8.8 | 4d ago | A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an … | |||
| CVE-2026-30650 | high | 8.8 | 8.8 | 4d ago | A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-03… | |||
| CVE-2026-10591 | high | 8.8 | 8.8 | 4d ago | Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions… | |||
| CVE-2026-7201 | high | 8.8 | 8.8 | 4d ago | CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote authenti… | |||
| CVE-2026-1784 | high | 8.8 | 8.8 | 4d ago | The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was… | |||
| CVE-2026-25277 | high | 8.8 | 8.8 | 5d ago | Memory corruption while using Strongbox due to buffer overflow. | |||
| CVE-2026-25276 | high | 8.8 | 8.8 | 5d ago | Memory corruption while using Strongbox due to missing bounds check. | |||
| CVE-2026-24782 | high | 8.8 | 8.8 | 5d ago | Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure Data Forms could be exploited by an authenticated attacker with the FormBui… | |||
| CVE-2026-10293 | high | 8.8 | 8.8 | 5d ago | A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/formFireWall. This manipulation of the argument Profile causes stack-based buffer ov… | |||
| CVE-2026-10292 | high | 8.8 | 8.8 | 5d ago | A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based buffer overflow. The at… | |||
| CVE-2026-9614 | high | 8.8 | 8.8 | 5d ago | An Improper Access Control vulnerability in Ivanti Neurons for ITSM (cloud and on-premises) allows a remote authenticated attacker to gain administrative access. | |||
| CVE-2026-7770 | high | 8.8 | 8.8 | 5d ago | IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator. | |||
| CVE-2026-45284 | high | 8.8 | 8.8 | 5d ago | Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user … | |||
| CVE-2026-43623 | high | 8.8 | 8.8 | 5d ago | microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw_to_header() function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a cra… | |||
| CVE-2026-10259 | high | 8.8 | 8.8 | 5d ago | A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param… | |||
| CVE-2026-49298 | high | 8.8 | 8.8 | 5d ago | A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in … | |||
| CVE-2026-49157 | high | 8.8 | 8.8 | 5d ago | Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-ad… | |||
| CVE-2026-45505 | high | 8.8 | 8.8 | 5d ago | Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrapp… | |||
| CVE-2026-42359 | high | 8.8 | 8.8 | 5d ago | A bug in Apache Airflow's XCom PATCH endpoint `PATCH /api/v2/xcomEntries/{key}` allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names (… | |||
| CVE-2026-10206 | high | 8.8 | 8.8 | 6d ago | A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer o… |