CVEs from 2026
Total
14,786
critical
critical 1,335
high
high 5,004
medium
medium 4,828
low
low 503
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-31476 | high | 8.2 | 8.2 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: ksmbd: do not expire session on binding failure When a multichannel session binding request fails (e.g. wrong password), the erro… | |||
| CVE-2026-41145 | high | 8.2 | 8.2 | 2mo ago | MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads | |||
| CVE-2026-40344 | high | 8.2 | 8.2 | 2mo ago | MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads | |||
| CVE-2026-41059 | high | 8.2 | 8.2 | 2mo ago | OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex | |||
| CVE-2026-6823 | high | 8.2 | 8.2 | 2mo ago | HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote senders to pass ad… | |||
| CVE-2026-4740 | high | 8.2 | 8.2 | 2mo ago | A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed c… | |||
| CVE-2026-23459 | high | 8.2 | 8.2 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: ip_tunnel: adapt iptunnel_xmit_stats() to NETDEV_PCPU_STAT_DSTATS Blamed commits forgot that vxlan/geneve use udp_tunnel[6]_xmit_… | |||
| CVE-2026-23456 | high | 8.2 | 8.2 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case In decode_int(), the CONS case calls get_bits(bs, 2) to read… | |||
| CVE-2026-4984 | high | 8.2 | 8.2 | 2mo ago | The Twilio integration webhook handler accepts any POST request without validating Twilio's 'X-Twilio-Signature'. When processing media messages, it fetches user-controlled URLs ('MediaUrlN' paramet… | |||
| CVE-2026-24031 | high | 8.2 | 8.2 | 2mo ago | Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear auth_… | |||
| CVE-2026-31921 | high | 8.2 | 8.2 | 2mo ago | Missing Authorization vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.Thi… | |||
| CVE-2026-24063 | high | 8.2 | 8.2 | 3mo ago | When a plugin is installed using the Arturia Software Center (MacOS), it also installs an uninstall.sh bash script in a root owned path. This script is written to disk with the file permissions 777, … | |||
| CVE-2026-28135 | high | 8.2 | 8.2 | 3mo ago | Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This i… | |||
| CVE-2026-11416 | high | 8.1 | 8.1 | 22h ago | MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage download handlers where the local destination path is constructed by concatenating the configured down… | |||
| CVE-2026-45749 | high | 8.1 | 8.1 | 1d ago | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The `POST /users/totp/disable` and `POST /users/totp/backup-codes` endpoints in Termix pr… | |||
| CVE-2026-45743 | high | 8.1 | 8.1 | 1d ago | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do not verify that the request… | |||
| CVE-2026-11231 | high | 8.1 | 8.1 | 2d ago | Inappropriate implementation in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a malicious file. (Chromium security severity: Low) | |||
| CVE-2026-11224 | high | 8.1 | 8.1 | 2d ago | Use after free in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Low) | |||
| CVE-2026-11185 | high | 8.1 | 8.1 | 2d ago | Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome … | |||
| CVE-2026-11170 | high | 8.1 | 8.1 | 2d ago | Inappropriate implementation in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. (Chromium… | |||
| CVE-2026-11169 | high | 8.1 | 8.1 | 2d ago | Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted XML file. (Chromium security severity: M… | |||
| CVE-2026-11111 | high | 8.1 | 8.1 | 2d ago | Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-10930 | high | 8.1 | 8.1 | 2d ago | Out of bounds read in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-10887 | high | 8.1 | 8.1 | 2d ago | Use after free in Chromoting in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical) | |||
| CVE-2026-48681 | high | 8.1 | 8.1 | 3d ago | OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image. | |||
| CVE-2026-35081 | high | 8.1 | 8.1 | 3d ago | The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input. | |||
| CVE-2026-35080 | high | 8.1 | 8.1 | 3d ago | The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | |||
| CVE-2026-35079 | high | 8.1 | 8.1 | 3d ago | The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | |||
| CVE-2026-35078 | high | 8.1 | 8.1 | 3d ago | The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | |||
| CVE-2026-35077 | high | 8.1 | 8.1 | 3d ago | The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | |||
| CVE-2026-35076 | high | 8.1 | 8.1 | 3d ago | The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | |||
| CVE-2026-36603 | high | 8.1 | 8.1 | 4d ago | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. UPnP is enabl… | |||
| CVE-2026-44654 | high | 8.1 | 8.1 | 4d ago | LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, a shared-agent editor can delete file records through `DELETE /api/files` that the o… | |||
| CVE-2026-42211 | high | 8.1 | 8.1 | 4d ago | React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution (RCE) through extern… | |||
| CVE-2026-7195 | high | 8.1 | 8.1 | 4d ago | CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.… | |||
| CVE-2026-39555 | high | 8.1 | 8.1 | 4d ago | Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. This issue affects Askka: from n/a through 1.3.1. | |||
| CVE-2026-39553 | high | 8.1 | 8.1 | 4d ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes WaveRide allows PHP Local File Inclusion. This issue affects Wa… | |||
| CVE-2026-39552 | high | 8.1 | 8.1 | 4d ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects… | |||
| CVE-2026-39551 | high | 8.1 | 8.1 | 4d ago | Deserialization of Untrusted Data vulnerability in Elated-Themes Töbel allows Object Injection. This issue affects Töbel: from n/a through 1.8.1. | |||
| CVE-2026-39550 | high | 8.1 | 8.1 | 4d ago | Deserialization of Untrusted Data vulnerability in Elated-Themes Aperitif allows Object Injection. This issue affects Aperitif: from n/a through 1.6. | |||
| CVE-2026-5422 | high | 8.1 | 8.1 | 4d ago | A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the _get_os_path() function within jupyter_server/services/contents/fileio.… | |||
| CVE-2026-49121 | high | 8.1 | 8.1 | 5d ago | AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv() function within shm_broadcast.py that allows unauthenticate… | |||
| CVE-2026-45281 | high | 8.1 | 8.1 | 5d ago | Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users’ principal URL an… | |||
| CVE-2026-41013 | high | 8.1 | 8.1 | 5d ago | Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the … | |||
| CVE-2026-45156 | high | 8.1 | 8.1 | 5d ago | Nextcloud is an open source content collaboration platform. From versions 0.3.0 to before 3.1.0, 5.0.0 to before 5.1.0, and 6.0.0 to before 6.4.0, a missing signature verification in User OIDC allowe… | |||
| CVE-2026-44825 | high | 8.1 | 8.1 | 5d ago | Hardcoded credentials in the Basic Authentication setup tool (bin/solr auth enable) in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access… | |||
| CVE-2026-42588 | high | 8.1 | 8.1 | 5d ago | Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes th… | |||
| CVE-2026-8796 | high | 8.1 | 8.1 | 6d ago | Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srl_decoder.c, srl_read_object() and srl_read_hash() process a COPY tag, a back-refere… | |||
| CVE-2026-49490 | high | 8.1 | 8.1 | 6d ago | OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable… | |||
| CVE-2026-47740 | high | 8.1 | 8.1 | 8d ago | Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user withou… | |||
| CVE-2026-44237 | high | 8.1 | 8.1 | 8d ago | FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation does not sufficiently validate client credentials during token issuance. Knowledge of a valid client_… | |||
| CVE-2026-6075 | high | 8.1 | 8.1 | 8d ago | The Media Library Assistant plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.35 This is due to missing nonce verification on the bulk action handle… | |||
| CVE-2026-9964 | high | 8.1 | 8.1 | 9d ago | Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Ex… | |||
| CVE-2026-45344 | high | 8.1 | 8.1 | 9d ago | LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fie… | |||
| CVE-2026-46828 | high | 8.1 | 8.1 | 9d ago | Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all… | |||
| CVE-2026-35277 | high | 8.1 | 8.1 | 9d ago | Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network acc… | |||
| CVE-2026-44394 | high | 8.1 | 8.1 | 9d ago | An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federate… | |||
| CVE-2026-9095 | high | 8.1 | 8.1 | 9d ago | Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse() function in object/saml_sp.go calls sp.RetrieveAssertionInfo() and immedia… | |||
| CVE-2026-46232 | high | 8.1 | 8.1 | 9d ago | In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp num_touch_reports A device would never lie about the number of touch reports would it? If it does the lo… | |||
| CVE-2026-46138 | high | 8.1 | 8.1 | 9d ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt hci_le_create_big_complete_evt() iterates … | |||
| CVE-2026-6455 | high | 8.1 | 8.1 | 10d ago | The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Deletion via SQL Injection and PHP Object Injection in versions up to and i… | |||
| CVE-2026-46402 | high | 8.1 | 8.1 | 10d ago | Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled task_name value directly when constructing se… | |||
| CVE-2026-48064 | high | 8.1 | 8.1 | 10d ago | pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage… | |||
| CVE-2026-48149 | high | 8.1 | 8.1 | 10d ago | Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/… | |||
| CVE-2026-48152 | high | 8.1 | 8.1 | 10d ago | Budibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT routes are guarded by generic TABLE READ, not by Builder/Admin permission or datasource-specific owner… | |||
| CVE-2026-42790 | high | 8.1 | 8.1 | 10d ago | Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verific… | |||
| CVE-2026-44838 | high | 8.1 | 8.1 | 10d ago | RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrat… | |||
| CVE-2026-46099 | high | 8.1 | 8.1 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6_input_core() and rpl_input() call ip6_route_input() which sets a NORE… | |||
| CVE-2026-46010 | high | 8.1 | 8.1 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgk_extract_token() Fix a missing bit of error handling in rxgk_extract_token(): in the event that … | |||
| CVE-2026-48906 | high | 8.1 | 8.1 | 10d ago | The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites. | |||
| CVE-2026-8994 | high | 8.1 | 8.1 | 11d ago | The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.3.3. The `ajaxLoginWithNear()` function — registered as a `wp_ajax_nopriv` acti… | |||
| CVE-2026-8962 | high | 8.1 | 8.1 | 11d ago | Important: thunderbird security update | |||
| CVE-2026-44900 | high | 8.1 | 8.1 | 11d ago | epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.1, in SignedPublicKeysTrustValidatorImpl.isTrusted(), the ECDSA signature verification at line 45… | |||
| CVE-2026-45574 | high | 8.1 | 8.1 | 11d ago | epa4all-client: TLS Certificate Validation Disabled in Production | |||
| CVE-2026-48695 | high | 8.1 | 8.1 | 11d ago | FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The _log() function in src/mikrotik_plugin/fastnetmon_mikrotik.php… | |||
| CVE-2026-48694 | high | 8.1 | 8.1 | 11d ago | FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniper_plugin/fastnetmon_juniper.php, the $IP_ATTACK vari… | |||
| CVE-2026-8855 | high | 8.1 | 8.1 | 11d ago | IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication). | |||
| CVE-2026-48692 | high | 8.1 | 8.1 | 11d ago | FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials() (src/fastnetmon.c… | |||
| CVE-2026-43935 | high | 8.1 | 8.1 | 11d ago | e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the Host header to generate password reset l… | |||
| CVE-2026-48132 | high | 8.1 | 8.1 | 11d ago | The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used (4500/UDP). As a result, a specially crafted or malformed packet can cause the VPN processing… | |||
| CVE-2026-48131 | high | 8.1 | 8.1 | 11d ago | The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, r… | |||
| CVE-2026-8046 | high | 8.1 | 8.1 | 12d ago | The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including tho… | |||
| CVE-2026-8092 | high | 8.1 | 8.1 | 12d ago | Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of th… | |||
| CVE-2026-48842 | high | 8.1 | 8.1 | 12d ago | Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuser_query plugin via a preg_replace() backslash escape bypass. | |||
| CVE-2026-45361 | high | 8.1 | 8.1 | 12d ago | Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attac… | |||
| CVE-2026-25193 | high | 8.1 | 8.1 | 13d ago | Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Co… | |||
| CVE-2026-9397 | high | 8.1 | 8.1 | 13d ago | A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulati… | |||
| CVE-2026-41076 | high | 8.1 | 8.1 | 15d ago | RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations… | |||
| CVE-2026-41071 | high | 8.1 | 8.1 | 15d ago | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chun… | |||
| CVE-2026-40172 | high | 8.1 | 8.1 | 15d ago | authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/{pk}/ API allows a caller with change_user on a target us… | |||
| CVE-2026-46727 | high | 8.1 | 8.1 | 15d ago | An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler (rb_getaddrinfo in ext/socket/raddrinfo.c) allows a remot… | |||
| CVE-2026-9256 | high | 8.1 | 8.1 | 15d ago | NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Co… | |||
| CVE-2026-9277 | high | 8.1 | 8.1 | 15d ago | shell-quote's `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which … | |||
| CVE-2026-48242 | high | 8.1 | 8.1 | 16d ago | Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials (host, username, password, database name) in import_mdb.php. The credentials are embedded in source code commi… | |||
| CVE-2026-48241 | high | 8.1 | 8.1 | 16d ago | Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing database utility) that are committed to the source repository. Any actor with access to th… | |||
| CVE-2026-45760 | high | 8.1 | 8.1 | 16d ago | (Externally Controlled Reference to a Resource in Another Sphere), (Authorization Bypass Through User-Controlled Key) vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can c… | |||
| CVE-2026-44051 | high | 8.1 | 8.1 | 17d ago | An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink c… | |||
| CVE-2026-24218 | high | 8.1 | 8.1 | 17d ago | NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cr… | |||
| CVE-2026-9087 | high | 8.1 | 8.1 | 17d ago | A flaw was found in Keycloak. The cross-session verification proof is keyed only by (local userId, idpAlias) and is not bound to the upstream identity that was actually verified, so a second upstream… | |||
| CVE-2026-45584 | high | 8.1 | 8.1 | 17d ago | Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network. |