CVEs from 2026
Total
14,755
critical
critical 1,330
high
high 4,991
medium
medium 4,796
low
low 502
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-20020 | medium | 5.7 | 5.7 | 3mo ago | A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpe… | |||
| CVE-2026-10222 | medium | 5.6 | 5.6 | 5d ago | A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function _sanitize_env_lines of the file hermes_cli/config.py. The manipulation results… | |||
| CVE-2026-24198 | medium | 5.6 | 5.6 | 11d ago | NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive informati… | |||
| CVE-2026-48134 | medium | 5.6 | 5.6 | 11d ago | When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to… | |||
| CVE-2026-9371 | medium | 5.6 | 5.6 | 13d ago | A security vulnerability has been detected in ItzCrazyKns Vane up to 1.12.1. Affected by this issue is some unknown functionality of the file route.ts of the component API. The manipulation leads to … | |||
| CVE-2026-9365 | medium | 5.6 | 5.6 | 13d ago | A vulnerability has been found in Ettercap up to 0.8.3. The affected element is the function FUNC_DECODER of the file src/dissectors/ec_gg.c of the component GG Dissector. The manipulation of the arg… | |||
| CVE-2026-41966 | medium | 5.6 | 5.6 | 22d ago | Permission control vulnerability in the smart sensing service. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2026-41965 | medium | 5.6 | 5.6 | 22d ago | Use-After-Free (UAF) vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2026-7669 | medium | 5.6 | 5.6 | 1mo ago | SGLang has an Improper Input Validation/Injection Issue | |||
| CVE-2026-7306 | medium | 5.6 | 5.6 | 1mo ago | A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/Open… | |||
| CVE-2026-7292 | medium | 5.6 | 5.6 | 1mo ago | A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorizati… | |||
| CVE-2026-7141 | medium | 5.6 | 5.6 | 1mo ago | vLLM makes Use of Uninitialized Resource | |||
| CVE-2026-7113 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The man… | |||
| CVE-2026-7112 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function _check_auth of the file gateway/platforms/api_server.py of the component API_SERVER_K… | |||
| CVE-2026-7018 | medium | 5.6 | 5.6 | 1mo ago | A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/… | |||
| CVE-2026-6878 | medium | 5.6 | 5.6 | 1mo ago | verl's math_equal() Vulnerable to Arbitrary Code Execution via Unsafe eval() | |||
| CVE-2026-6578 | medium | 5.6 | 5.6 | 2mo ago | A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of… | |||
| CVE-2026-6572 | medium | 5.6 | 5.6 | 2mo ago | A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileU… | |||
| CVE-2026-40602 | medium | 5.6 | 5.6 | 2mo ago | The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-cli an unrestricted environment was used to handle Jninja2 templates inste… | |||
| CVE-2026-40190 | medium | 5.6 | 5.6 | 2mo ago | LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.5.18, the LangSmith JavaScript/TypeScript SDK (langsmith) contains an incomplete prototype pollution fix in… | |||
| CVE-2026-5618 | medium | 5.6 | 5.6 | 2mo ago | A vulnerability was detected in kalcaddle kodbox up to 1.64. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results … | |||
| CVE-2026-4830 | medium | 5.6 | 5.6 | 2mo ago | A vulnerability was identified in kalcaddle kodbox 1.64. This issue affects the function Add of the file app/controller/explorer/userShare.class.php of the component Public Share Handler. Such manipu… | |||
| CVE-2026-4592 | medium | 5.6 | 5.6 | 3mo ago | A security vulnerability has been detected in kalcaddle kodbox 1.64. This impacts the function loginAfter/tfaVerify of the file /workspace/source-code/plugins/client/controller/tfa/index.class.php of… | |||
| CVE-2026-2711 | medium | 5.6 | 5.6 | 4mo ago | A vulnerability has been found in zhutoutoutousan worldquant-miner up to 1.0.9. The impacted element is an unknown function of the file worldquant-miner-master/agent-dify-api/core/helper/ssrf_proxy.p… | |||
| CVE-2026-50263 | medium | 5.5 | 5.5 | 17h ago | A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, le… | |||
| CVE-2026-50262 | medium | 5.5 | 5.5 | 17h ago | An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding … | |||
| CVE-2026-21028 | medium | 5.5 | 5.5 | 18h ago | Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information. | |||
| CVE-2026-21026 | medium | 5.5 | 5.5 | 18h ago | Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information. | |||
| CVE-2026-21025 | medium | 5.5 | 5.5 | 18h ago | Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information. | |||
| CVE-2026-21017 | medium | 5.5 | 5.5 | 18h ago | Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files. | |||
| CVE-2026-22005 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-22002 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-22004 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-22015 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-22017 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34267 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-21998 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-22009 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-35237 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34278 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34304 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34293 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34271 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-35238 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34303 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-35240 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34276 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-35239 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-35236 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34308 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-34270 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-22001 | medium | — | 5.5 | 2d ago | Moderate: mysql security update | |||
| CVE-2026-45702 | medium | 5.5 | 5.5 | 2d ago | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior t… | |||
| CVE-2026-35177 | medium | — | 5.5 | 3d ago | Moderate: vim security update | |||
| CVE-2026-10688 | medium | 5.5 | 5.5 | 3d ago | A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function execute_blender_code of the file /src/blender_mcp/server.py… | |||
| CVE-2026-8035 | medium | 5.5 | 5.5 | 3d ago | Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability aff… | |||
| CVE-2026-28578 | medium | 5.5 | 5.5 | 4d ago | In multiple functions of DevicePolicyManagerService.java, there is a possible desync from persistence due to improper input validation. This could lead to local denial of service with no additional e… | |||
| CVE-2026-0085 | medium | 5.5 | 5.5 | 4d ago | In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no addition… | |||
| CVE-2026-0079 | medium | 5.5 | 5.5 | 4d ago | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local denial of service with no additional executi… | |||
| CVE-2026-0074 | medium | 5.5 | 5.5 | 4d ago | In getPreferredSize of LauncherProcessImageListener.kt, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution priv… | |||
| CVE-2026-0070 | medium | 5.5 | 5.5 | 4d ago | In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with n… | |||
| CVE-2026-0069 | medium | 5.5 | 5.5 | 4d ago | In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed… | |||
| CVE-2026-0067 | medium | 5.5 | 5.5 | 4d ago | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with n… | |||
| CVE-2026-0060 | medium | 5.5 | 5.5 | 4d ago | In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible persistent dos issue due to an unusual root cause. This could lead to local denial of service with no add… | |||
| CVE-2026-0043 | medium | 5.5 | 5.5 | 4d ago | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional e… | |||
| CVE-2026-0042 | medium | 5.5 | 5.5 | 4d ago | In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional executi… | |||
| CVE-2026-0018 | medium | 5.5 | 5.5 | 4d ago | In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additi… | |||
| CVE-2026-8643 | medium | 5.5 | 5.5 | 5d ago | pip would treat console_scripts and gui_scripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed out… | |||
| CVE-2026-20456 | medium | 5.5 | 5.5 | 5d ago | In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed fo… | |||
| CVE-2026-47335 | medium | 5.5 | 5.5 | 8d ago | Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a … | |||
| CVE-2026-47334 | medium | 5.5 | 5.5 | 8d ago | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user an… | |||
| CVE-2026-47332 | medium | 5.5 | 5.5 | 8d ago | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can… | |||
| CVE-2026-47326 | medium | 5.5 | 5.5 | 8d ago | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory … | |||
| CVE-2026-48735 | medium | 5.5 | 5.5 | 9d ago | pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP me… | |||
| CVE-2026-48155 | medium | 5.5 | 5.5 | 9d ago | pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in l… | |||
| CVE-2026-45703 | medium | — | 5.5 | 9d ago | Pimcore has a WordExport Authorization Bypass for Unauthorized Document Export | |||
| CVE-2026-45309 | medium | — | 5.5 | 9d ago | AsyncSSH `AuthorizedKeysFile %u` path traversal allows attacker-selected authorized keys to authenticate a traversal username | |||
| CVE-2026-44981 | medium | — | 5.5 | 9d ago | CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression | |||
| CVE-2026-9759 | medium | 5.5 | 5.5 | 9d ago | ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service | |||
| CVE-2026-45046 | medium | 5.5 | 5.5 | 9d ago | Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions… | |||
| CVE-2026-45334 | medium | — | 5.5 | 10d ago | Kirby CMS's content locks disclose IDs and emails of inaccessible users from `users.access/list` permissions | |||
| CVE-2026-48927 | medium | 5.5 | 5.5 | 10d ago | Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs or views. | |||
| CVE-2026-47104 | medium | 5.5 | 5.5 | 10d ago | libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parse_iad_array() in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed US… | |||
| CVE-2026-6053 | medium | 5.5 | 5.5 | 10d ago | IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables. | |||
| CVE-2026-5515 | medium | 5.5 | 5.5 | 10d ago | IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user. | |||
| CVE-2026-40830 | medium | 5.5 | 5.5 | 10d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the admin.mbnetj.php files UpdateParam function due to improper neutralization of special elements in a… | |||
| CVE-2026-40829 | medium | 5.5 | 5.5 | 10d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQ… | |||
| CVE-2026-40828 | medium | 5.5 | 5.5 | 10d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE comma… | |||
| CVE-2026-40827 | medium | 5.5 | 5.5 | 10d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _RemoveRequest function due to improper neutralization of special elements in a SQL DELETE command … | |||
| CVE-2026-40825 | medium | 5.5 | 5.5 | 10d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UP… | |||
| CVE-2026-40824 | medium | 5.5 | 5.5 | 10d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPD… | |||
| CVE-2026-40823 | medium | 5.5 | 5.5 | 10d ago | A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL UPDATE command … | |||
| CVE-2026-44979 | medium | — | 5.5 | 10d ago | @hapi/wreck leaks sensitive `Proxy-Authorization` header across cross-hostname redirects | |||
| CVE-2026-44646 | medium | — | 5.5 | 10d ago | LiquidJS's `{% render %}` tag silently bypasses per-render `ownPropertyOnly:true` via `Context.spawn()` | |||
| CVE-2026-44645 | medium | — | 5.5 | 10d ago | LiquidJS has a renderLimit DoS guard bypass via empty `{% for %}` body | |||
| CVE-2026-44644 | medium | — | 5.5 | 10d ago | LiquidJS's strip_html filter bypass via newline characters in HTML tags enables XSS | |||
| CVE-2026-44587 | medium | — | 5.5 | 10d ago | CarrierWave has a denylisted_content_type bypass via | |||
| CVE-2026-44210 | medium | — | 5.5 | 10d ago | Kata Containers have VM Escape via virtiofsd Argument Injection through Default-Enabled Pod Annotations | |||
| CVE-2026-44176 | medium | — | 5.5 | 10d ago | Kirby CMS's `pages.access` permission is not checked during rendering of page drafts | |||
| CVE-2026-44844 | medium | — | 5.5 | 10d ago | eml_parser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.get_raw_body_text() recurse… |