CVEs from 2026
Total
14,769
critical
critical 1,335
high
high 5,011
medium
medium 4,834
low
low 504
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-10770 | unknown | — | — | 4d ago | This module provides spam protection using the CleanTalk cloud service. The module doesn't sufficiently sanitize API response messages before rendering them in HTML output. The `_cleantalk_die()` an… | |||
| CVE-2026-10769 | unknown | — | — | 4d ago | The module doesn't sufficiently sanitize customer comments in the order receipt email template; this could be exploited to achieve Cross-site Scripting (XSS). This vulnerability is mitigated by the … | |||
| CVE-2026-10768 | unknown | — | — | 4d ago | This module configures default editorial workflows for LocalGov Drupal content types. It provides a Drupal content moderation workflow, a content approvals dashboard, content scheduling and content p… | |||
| CVE-2026-46272 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf and sysfs mode simultaneously, the WAR… | |||
| CVE-2026-46269 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel trig… | |||
| CVE-2026-46268 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Fix p2pmem_alloc_mmap() warning condition Commit b7e282378773 has already changed the initial page refcount of p2pdma… | |||
| CVE-2026-46267 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llc_shdlc_deinit() purges SHDLC skb queues and frees the llc_shdlc s… | |||
| CVE-2026-46262 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put() This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix missing loc… | |||
| CVE-2026-46261 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() platform_get_resource_byname() can return NULL, which w… | |||
| CVE-2026-46258 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandle_create() In linehandle_create(), there is a statement like this: retain_and_nu… | |||
| CVE-2026-46257 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when read_current_timer is called on ARM32 platforms where the SP804 is not registere… | |||
| CVE-2026-46256 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfs_writepages LOCALIO is an NFS loopback mount optimization that avoi… | |||
| CVE-2026-46255 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove() The clocks in fsl_edma_engine::muxclk are allocated and enabled… | |||
| CVE-2026-46254 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: AppArmor: Allow apparmor to handle unaligned dfa tables The dfa tables can originate from kernel or userspace and 8-byte alignmen… | |||
| CVE-2026-46252 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix locking in regulator_resolve_supply() error path If late enabling of a supply regulator fails in regulator_r… | |||
| CVE-2026-46249 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state f… | |||
| CVE-2026-46248 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif->links_map When an arvif is initialized in non-AP STA mode but MLO connection pre… | |||
| CVE-2026-46247 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 ("clk: divider: remove round_rate() in favor of dete… | |||
| CVE-2026-46246 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler Using the `devm_` variant for requesting IRQ _before_ the… | |||
| CVE-2026-46245 | unknown | — | — | 4d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dc_link NULL handling in HPD init amdgpu_dm_hpd_init() may see connectors without a valid dc_link. The code… | |||
| CVE-2026-47325 | unknown | — | — | 4d ago | ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth (e.g., 12072000 for 12 July 2000). The a… | |||
| CVE-2026-47324 | unknown | — | — | 4d ago | ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting (XSS) in multiple attributes of students and teachers objects. An authorized attacker (e.g., a teacher or adm… | |||
| CVE-2026-10729 | unknown | — | — | 4d ago | An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross… | |||
| CVE-2026-28753 | unknown | — | — | 5d ago | nginx vulnerabilities | |||
| CVE-2026-50052 | unknown | — | — | 5d ago | In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack (request smuggling), which in turn can be… | |||
| CVE-2026-45057 | unknown | — | — | 5d ago | Incomplete message edit validation in matrix-sdk-ui | |||
| CVE-2026-36460 | unknown | — | — | 5d ago | Dovestones Softwares ADPhonebook before v4.0.1.1 is vulnerable to a Cross Site Scripting vulnerability. The /Admin/Save API allows an authenticated admin user to store malicious JavaScript payloads i… | |||
| CVE-2026-40108 | unknown | — | — | 5d ago | GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, a technician can store an XSS payload in a ITIL costs. This issue has been fixed in version 11.0.7. | |||
| CVE-2026-10719 | unknown | — | — | 5d ago | Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a val… | |||
| CVE-2026-10718 | unknown | — | — | 5d ago | Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 by… | |||
| CVE-2026-8936 | unknown | — | — | 5d ago | Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event… | |||
| CVE-2026-42029 | unknown | — | — | 5d ago | Rejected reason: This CVE is a duplicate of another CVE. | |||
| CVE-2026-10717 | unknown | — | — | 5d ago | Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defe… | |||
| CVE-2026-5385 | unknown | — | — | 5d ago | An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item. This issue affects glpi: before 11.0.7. | |||
| CVE-2026-48598 | unknown | — | — | 5d ago | Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.part_headers_fo… | |||
| CVE-2026-48597 | unknown | — | — | 5d ago | Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.open_conn/2 conv… | |||
| CVE-2026-48596 | unknown | — | — | 5d ago | Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in elixir-tesla tesla allows HTTP header injection via Tesla.Multipart.add_content_type_par… | |||
| CVE-2026-48595 | unknown | — | — | 5d ago | Improper Handling of Case Sensitivity vulnerability in elixir-tesla tesla allows credential leakage to a third-party origin on cross-origin redirects. Tesla.Middleware.FollowRedirects strips securit… | |||
| CVE-2026-48594 | unknown | — | — | 5d ago | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-tesla tesla allows a denial of service via decompression bomb in HTTP response bodies. When Tesla.Middleware.… | |||
| CVE-2026-40571 | unknown | — | — | 5d ago | NamelessMC is website software for Minecraft servers. In version 2.2.4, `core/classes/Misc/ProfilePostReactionContext.php` only verifies that the wall post exists and does not enforce blocked/private… | |||
| CVE-2026-40314 | unknown | — | — | 5d ago | NamelessMC is website software for Minecraft servers. In version 2.2.4,`core/classes/Misc/ProfilePostReactionContext.php` only verifies that the wall post exists and does not enforce blocked/private-… | |||
| CVE-2026-35447 | unknown | — | — | 5d ago | NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page (modules/Core/pages/profile.php) processes wall post submissions and replies before verifying whether the view… | |||
| CVE-2026-35443 | unknown | — | — | 5d ago | NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/classes/ForumPostReactionContext.php` only verifies that the caller can view the forum, but it does not re-enfor… | |||
| CVE-2026-49754 | unknown | — | — | 5d ago | HTTP/2 CONTINUATION flood in Mint client via unbounded header-block accumulation | |||
| CVE-2026-49753 | unknown | — | — | 5d ago | HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing | |||
| CVE-2026-48862 | unknown | — | — | 5d ago | Unbounded conn.streams growth in Mint HTTP/2 client via unenforced PUSH_PROMISE concurrency | |||
| CVE-2026-48861 | unknown | — | — | 5d ago | CRLF injection in HTTP/1 request line via unvalidated method in Mint | |||
| CVE-2026-45080 | unknown | — | — | 5d ago | Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in versio… | |||
| CVE-2026-33398 | unknown | — | — | 5d ago | NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/pages/forum/get_quotes.php` only checks whether the caller is logged in, then reads a post by attacker-controlle… | |||
| CVE-2026-10047 | unknown | — | — | 5d ago | The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled S… | |||
| CVE-2026-10046 | unknown | — | — | 5d ago | Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios_handlers.c. The handler comput… | |||
| CVE-2026-9844 | unknown | — | — | 5d ago | Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digita… | |||
| CVE-2026-43965 | unknown | — | — | 5d ago | Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.t… | |||
| CVE-2026-42795 | unknown | — | — | 5d ago | Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball. The file collection helpers (gleam_files, native_… | |||
| CVE-2026-32685 | unknown | — | — | 5d ago | Path traversal vulnerability in Gleam's handling of custom documentation pages allows arbitrary file read and file write outside the intended documentation output directory. The documentation.pages … | |||
| CVE-2026-10611 | unknown | — | — | 5d ago | An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments configured with LdapAuth.mixedAuth=true and Security.require_otp=t… | |||
| CVE-2026-40489 | unknown | — | — | 5d ago | EditorConfig vulnerability | |||
| CVE-2026-40960 | unknown | — | — | 5d ago | Luanti vulnerabilities | |||
| CVE-2026-34907 | unknown | — | — | 5d ago | Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting (XSS) due to insecure handling of the locale parameter across multiple endpoints. An attacker can craft a malicious URL with JavaScr… | |||
| CVE-2026-34906 | unknown | — | — | 5d ago | Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpoint redirectToUrl and parameter redirectUrlParameter… | |||
| CVE-2026-10549 | unknown | — | — | 5d ago | LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to th… | |||
| CVE-2026-34743 | unknown | — | — | 5d ago | XZ Utils vulnerability | |||
| CVE-2026-49139 | unknown | — | — | 6d ago | Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the Microsoft Teams channel handler that allows remote attackers to exfiltrate Bot Framework bearer tokens by su… | |||
| CVE-2026-8931 | unknown | — | — | 6d ago | A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3. | |||
| CVE-2026-42251 | unknown | — | — | 6d ago | Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malic… | |||
| CVE-2026-0826 | unknown | — | — | 6d ago | In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on the Linux p… | |||
| CVE-2026-2604 | unknown | — | — | 6d ago | Evolution Data Server vulnerability | |||
| CVE-2026-47191 | unknown | — | — | 6d ago | kas checks out SHA-like git branches as valid commits | |||
| CVE-2026-47412 | unknown | — | — | 6d ago | praisonai-platform: Any workspace member can delete the entire workspace via DELETE /workspaces/{id} | |||
| CVE-2026-47415 | unknown | — | — | 6d ago | praisonai-platform: Issue endpoints accept any issue_id without workspace ownership check, cross-workspace read/update/delete IDOR | |||
| CVE-2026-47413 | unknown | — | — | 6d ago | praisonai-platform: Any workspace member can add arbitrary user as owner via POST /workspaces/{id}/members | |||
| CVE-2026-47411 | unknown | — | — | 6d ago | praisonai-platform: Any workspace member can rewrite workspace name, description, and settings via PATCH /workspaces/{id} | |||
| CVE-2026-47417 | unknown | — | — | 6d ago | praisonai-platform: Comment endpoints accept any issue_id without workspace ownership check, cross-workspace comment read and post IDOR | |||
| CVE-2026-47418 | unknown | — | — | 6d ago | praisonai-platform: Project endpoints accept any project_id without workspace ownership check, cross-workspace read/update/delete IDOR | |||
| CVE-2026-47425 | unknown | — | — | 6d ago | rattler has an entry-point path traversal in noarch:python install (arbitrary file write) | |||
| CVE-2026-47428 | unknown | — | — | 6d ago | Vitest browser mode serves unsanitized otelCarrier query parameter as inline script | |||
| CVE-2026-47429 | unknown | — | — | 6d ago | When Vitest UI server is listening, arbitrary file can be read and executed | |||
| CVE-2026-47423 | unknown | — | — | 6d ago | DOMPurify XSS via selectedcontent re-clone | |||
| CVE-2026-6245 | unknown | — | — | 6d ago | SSSD vulnerability | |||
| CVE-2026-48119 | unknown | — | — | 6d ago | Nezha's authenticated agents can forge service-monitor results for other users' services | |||
| CVE-2026-10532 | unknown | — | — | 6d ago | Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core (HardenedObjectInputStream (logback-core) modules) allows Object Injection, albeit heavily restricted. More precis… | |||
| CVE-2026-40549 | unknown | — | — | 6d ago | SOPlanning is vulnerable to Cross‑Site Request Forgery (CSRF) in groupe_save create, modify and delete endpoints. An attacker can craft a malicious website that, when visited by an authenticated user… | |||
| CVE-2026-40548 | unknown | — | — | 6d ago | SOPlanning does not verify uploaded file extension. An authenticated attacker with access to the backup functionality can upload a crafted ZIP archive containing a legitimate user.csv file alongside … | |||
| CVE-2026-40547 | unknown | — | — | 6d ago | SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow reading and executing files p… | |||
| CVE-2026-40546 | unknown | — | — | 6d ago | SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database.… | |||
| CVE-2026-40545 | unknown | — | — | 6d ago | SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the … | |||
| CVE-2026-40544 | unknown | — | — | 6d ago | SOPlanning is vulnerable to Stored Cross-Site Scripting (XSS) via /process/upload_backup endpoint. An authenticated attacker with access to the backup functionality can upload a crafted ZIP archive c… | |||
| CVE-2026-40543 | unknown | — | — | 6d ago | SOPlanning does not enforce authorization for backup functionalities. An unauthenticated attacker can directly query backup-related endpoints and retrieve backup archives containing user databases wi… | |||
| CVE-2026-47416 | unknown | — | — | 9d ago | praisonai-platform: Any workspace member can promote themselves or others to owner via PATCH /workspaces/{id}/members/{user_id} | |||
| CVE-2026-47409 | unknown | — | — | 9d ago | praisonai-platform: Missing authorization on member removal enables full workspace takeover by any user regardless of role | |||
| CVE-2026-47414 | unknown | — | — | 9d ago | praisonai-platform: Label endpoints' unchecked label_id/issue_id enable cross-workspace label IDOR (edit, delete, link) | |||
| CVE-2026-47406 | unknown | — | — | 9d ago | praisonai-platform: IDOR in dependency endpoints allows cross-workspace issue linking, reading, and deletion due to missing ownership checks | |||
| CVE-2026-47410 | unknown | — | — | 9d ago | praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery for any user when PLATFORM_ENV is unset | |||
| CVE-2026-47405 | unknown | — | — | 9d ago | PraisonAI Platform: Missing role checks let any workspace member become owner and control workspace membership | |||
| CVE-2026-47399 | unknown | — | — | 9d ago | PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object ID | |||
| CVE-2026-47407 | unknown | — | — | 9d ago | PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation | |||
| CVE-2026-47408 | unknown | — | — | 9d ago | praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership | |||
| CVE-2026-48169 | unknown | — | — | 9d ago | PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API | |||
| CVE-2026-47397 | unknown | — | — | 9d ago | PraisonAI has an Arbitrary File Write in Python API | |||
| CVE-2026-47391 | unknown | — | — | 9d ago | PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution |