CVEs from 2026
Total
14,797
critical
critical 1,335
high
high 5,010
medium
medium 4,834
low
low 504
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-2005 | high | — | 8.0 | 3mo ago | RHSA-2026:4064: postgresql:12 security update (Important) | |||
| CVE-2026-2004 | high | — | 8.0 | 3mo ago | RHSA-2026:4064: postgresql:12 security update (Important) | |||
| CVE-2026-2003 | high | — | 8.0 | 3mo ago | RHSA-2026:4063: postgresql:16 security update (Important) | |||
| CVE-2026-21863 | high | — | 8.0 | 3mo ago | Important: valkey security update | |||
| CVE-2026-27509 | high | 8.0 | 8.0 | 3mo ago | Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handle… | |||
| CVE-2026-22695 | high | — | 8.0 | 3mo ago | RHSA-2026:4728: libpng security update (Important) | |||
| CVE-2026-22801 | high | — | 8.0 | 3mo ago | RHSA-2026:4728: libpng security update (Important) | |||
| CVE-2026-2762 | high | — | 8.0 | 3mo ago | Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2780 | high | — | 8.0 | 3mo ago | Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2757 | high | — | 8.0 | 3mo ago | Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2787 | high | — | 8.0 | 3mo ago | Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2766 | high | — | 8.0 | 3mo ago | Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2761 | high | — | 8.0 | 3mo ago | Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2778 | high | — | 8.0 | 3mo ago | Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunder… | |||
| CVE-2026-2767 | high | — | 8.0 | 3mo ago | Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2760 | high | — | 8.0 | 3mo ago | Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thun… | |||
| CVE-2026-2776 | high | — | 8.0 | 3mo ago | Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 14… | |||
| CVE-2026-2447 | high | — | 8.0 | 3mo ago | Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2. | |||
| CVE-2026-2781 | high | — | 8.0 | 3mo ago | Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35. | |||
| CVE-2026-2777 | high | — | 8.0 | 3mo ago | Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2783 | high | — | 8.0 | 3mo ago | Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2789 | high | — | 8.0 | 3mo ago | Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2764 | high | — | 8.0 | 3mo ago | JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2779 | high | — | 8.0 | 3mo ago | Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2784 | high | — | 8.0 | 3mo ago | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2758 | high | — | 8.0 | 3mo ago | Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2759 | high | — | 8.0 | 3mo ago | Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2775 | high | — | 8.0 | 3mo ago | Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2763 | high | — | 8.0 | 3mo ago | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2773 | high | — | 8.0 | 3mo ago | Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2772 | high | — | 8.0 | 3mo ago | Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2771 | high | — | 8.0 | 3mo ago | Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2793 | high | — | 8.0 | 3mo ago | Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume tha… | |||
| CVE-2026-2782 | high | — | 8.0 | 3mo ago | Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2791 | high | — | 8.0 | 3mo ago | Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2770 | high | — | 8.0 | 3mo ago | Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2788 | high | — | 8.0 | 3mo ago | Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2785 | high | — | 8.0 | 3mo ago | Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2774 | high | — | 8.0 | 3mo ago | Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2765 | high | — | 8.0 | 3mo ago | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2790 | high | — | 8.0 | 3mo ago | Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2769 | high | — | 8.0 | 3mo ago | Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-2792 | high | — | 8.0 | 3mo ago | Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort… | |||
| CVE-2026-2768 | high | — | 8.0 | 3mo ago | Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-25646 | high | — | 8.0 | 4mo ago | RHSA-2026:9686: java-17-openjdk security update (Important) | |||
| CVE-2026-23074 | high | — | 8.0 | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root … | |||
| CVE-2026-25506 | high | — | 8.0 | 4mo ago | RHSA-2026:3032: munge security update (Important) | |||
| CVE-2026-22859 | high | — | 8.0 | 4mo ago | RHSA-2026:3334: freerdp security update (Important) | |||
| CVE-2026-22855 | high | — | 8.0 | 4mo ago | RHSA-2026:3334: freerdp security update (Important) | |||
| CVE-2026-22858 | high | — | 8.0 | 4mo ago | RHSA-2026:3334: freerdp security update (Important) | |||
| CVE-2026-21721 | high | — | 8.0 | 4mo ago | Important: grafana security update | |||
| CVE-2026-21637 | high | — | 8.0 | 4mo ago | Important: nodejs:24 security update | |||
| CVE-2026-26157 | high | 7.0 | 8.0 | 4mo ago | A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may wr… | |||
| CVE-2026-1761 | high | — | 8.0 | 4mo ago | RHSA-2026:2215: libsoup security update (Important) | |||
| CVE-2026-0719 | high | — | 8.0 | 4mo ago | RHSA-2026:2215: libsoup security update (Important) | |||
| CVE-2026-23534 | high | — | 8.0 | 4mo ago | RHSA-2026:2081: freerdp security update (Important) | |||
| CVE-2026-23530 | high | — | 8.0 | 4mo ago | RHSA-2026:2081: freerdp security update (Important) | |||
| CVE-2026-23883 | high | — | 8.0 | 4mo ago | RHSA-2026:2081: freerdp security update (Important) | |||
| CVE-2026-23533 | high | — | 8.0 | 4mo ago | RHSA-2026:2081: freerdp security update (Important) | |||
| CVE-2026-23531 | high | — | 8.0 | 4mo ago | RHSA-2026:2081: freerdp security update (Important) | |||
| CVE-2026-23884 | high | — | 8.0 | 4mo ago | RHSA-2026:2081: freerdp security update (Important) | |||
| CVE-2026-23532 | high | — | 8.0 | 4mo ago | RHSA-2026:2081: freerdp security update (Important) | |||
| CVE-2026-24049 | high | — | 8.0 | 4mo ago | RHSA-2026:2090: python3.12-wheel security update (Important) | |||
| CVE-2026-0994 | high | — | 8.0 | 5mo ago | Important: protobuf security update | |||
| CVE-2026-23490 | high | — | 8.0 | 5mo ago | Important: fence-agents security update | |||
| CVE-2026-0885 | high | — | 8.0 | 5mo ago | Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0883 | high | — | 8.0 | 5mo ago | Information disclosure in the Networking component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0879 | high | — | 8.0 | 5mo ago | Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140… | |||
| CVE-2026-0890 | high | — | 8.0 | 5mo ago | Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0886 | high | — | 8.0 | 5mo ago | Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0882 | high | — | 8.0 | 5mo ago | Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0878 | high | — | 8.0 | 5mo ago | Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0891 | high | — | 8.0 | 5mo ago | Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort… | |||
| CVE-2026-0887 | high | — | 8.0 | 5mo ago | Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0880 | high | — | 8.0 | 5mo ago | Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0877 | high | — | 8.0 | 5mo ago | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0884 | high | — | 8.0 | 5mo ago | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-20931 | high | 8.0 | 8.0 | 5mo ago | External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network. | |||
| CVE-2026-22029 | high | 8.0 | 8.0 | 5mo ago | React Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from l… | |||
| CVE-2026-21441 | high | — | 8.0 | 5mo ago | Important: fence-agents security update | |||
| CVE-2026-35266 | high | 7.9 | 7.9 | 10d ago | Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Difficult to exploit vulnerability allows low privileged attacker with network a… | |||
| CVE-2026-44711 | high | 7.9 | 7.9 | 11d ago | pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption… | |||
| CVE-2026-46076 | high | 7.9 | 7.9 | 11d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a #UD for VMMCALL if L2 is active, L1 doe… | |||
| CVE-2026-41217 | high | 7.9 | 7.9 | 25d ago | A vulnerability exists in an undisclosed BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system comman… | |||
| CVE-2026-43133 | high | 7.9 | 7.9 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation Commit cc3ed80ae69f ("KVM: nSVM: always use vmcb01 to for vmsave/vmload o… | |||
| CVE-2026-50264 | high | 7.8 | 7.8 | 2d ago | An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFro… | |||
| CVE-2026-50261 | high | 7.8 | 7.8 | 2d ago | A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via … | |||
| CVE-2026-50260 | high | 7.8 | 7.8 | 2d ago | A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroy… | |||
| CVE-2026-50259 | high | 7.8 | 7.8 | 2d ago | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function Ch… | |||
| CVE-2026-50258 | high | 7.8 | 7.8 | 2d ago | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify o… | |||
| CVE-2026-50257 | high | 7.8 | 7.8 | 2d ago | A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attack… | |||
| CVE-2026-50256 | high | 7.8 | 7.8 | 2d ago | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow… | |||
| CVE-2026-21031 | high | 7.8 | 7.8 | 2d ago | Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vulnerability. | |||
| CVE-2026-21030 | high | 7.8 | 7.8 | 2d ago | Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions. | |||
| CVE-2026-21029 | high | 7.8 | 7.8 | 2d ago | Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations. | |||
| CVE-2026-11332 | high | 7.8 | 7.8 | 2d ago | A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument deli… | |||
| CVE-2026-20245 | high | 7.8 | 7.8 | 3d ago | A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to… | |||
| CVE-2026-11103 | high | 7.8 | 7.8 | 3d ago | Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security… | |||
| CVE-2026-11072 | high | 7.8 | 7.8 | 3d ago | Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: Medium) | |||
| CVE-2026-10942 | high | 7.8 | 7.8 | 3d ago | Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High) |