CVEs from 2026
Total
14,797
critical
critical 1,335
high
high 5,010
medium
medium 4,834
low
low 504
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-22016 | high | — | 8.0 | 1mo ago | RHSA-2026:22139: java-1.8.0-ibm security update (Important) | |||
| CVE-2026-34268 | high | — | 8.0 | 1mo ago | RHSA-2026:22139: java-1.8.0-ibm security update (Important) | |||
| CVE-2026-32283 | high | — | 8.0 | 1mo ago | Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls | |||
| CVE-2026-32172 | high | 8.0 | 8.0 | 2mo ago | Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network. | |||
| CVE-2026-34587 | high | — | 8.0 | 2mo ago | Kirby has Server-Side Template Injection (SSTI) via double template resolution in option rendering | |||
| CVE-2026-35368 | high | — | 8.0 | 2mo ago | A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam() after entering the chroot but before drop… | |||
| CVE-2026-35341 | high | — | 8.0 | 2mo ago | A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target pa… | |||
| CVE-2026-35338 | high | — | 8.0 | 2mo ago | A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not … | |||
| CVE-2026-22753 | high | — | 8.0 | 2mo ago | Spring Security Doesn't Correctly Include Servlet Path in Path Matching of HttpSecurity#securityMatchers | |||
| CVE-2026-22754 | high | — | 8.0 | 2mo ago | Spring Security Doesn't Correctly Include Servlet Path in Path Matching of XML Authorization Rules | |||
| CVE-2026-26740 | high | — | 8.0 | 2mo ago | Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without valida… | |||
| CVE-2026-22008 | high | — | 8.0 | 2mo ago | Important: java-25-openjdk security update | |||
| CVE-2026-31019 | high | — | 8.0 | 2mo ago | Dolibarr user with permission to edit PHP content can bypass filtering to restrict dangerous PHP functions | |||
| CVE-2026-34839 | high | — | 8.0 | 2mo ago | Glances: Cross-Origin Information Disclosure via Unauthenticated REST API (/api/4) due to Permissive CORS | |||
| CVE-2026-34403 | high | — | 8.0 | 2mo ago | Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints | |||
| CVE-2026-27622 | high | — | 8.0 | 2mo ago | RHSA-2026:8863: OpenEXR security update (Important) | |||
| CVE-2026-25917 | high | — | 8.0 | 2mo ago | Apache Airflow allows code execution through crafted XCom payloads | |||
| CVE-2026-40897 | high | — | 8.0 | 2mo ago | Unsafe object property setter in mathjs | |||
| CVE-2026-33412 | high | — | 8.0 | 2mo ago | Important: vim security update | |||
| CVE-2026-40926 | high | — | 8.0 | 2mo ago | WWBN AVideo has Multiple CSRF Vulnerabilities in Admin JSON Endpoints (Category CRUD, Plugin Update Script) | |||
| CVE-2026-27912 | high | 8.0 | 8.0 | 2mo ago | Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network. | |||
| CVE-2026-33826 | high | 8.0 | 8.0 | 2mo ago | Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network. | |||
| CVE-2026-32201 | medium | 6.5 | 8.0 | 2mo ago | Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2026-34984 | high | — | 8.0 | 2mo ago | External Secrets Operator has DNS-based secret exfiltration via getHostByName in External Secrets v2 template engine | |||
| CVE-2026-5734 | high | — | 8.0 | 2mo ago | Important: thunderbird security update | |||
| CVE-2026-5731 | high | — | 8.0 | 2mo ago | Important: thunderbird security update | |||
| CVE-2026-5732 | high | — | 8.0 | 2mo ago | Important: thunderbird security update | |||
| CVE-2026-5295 | high | 8.0 | 8.0 | 2mo ago | A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wc_PKCS7_DecryptOri() function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipie… | |||
| CVE-2026-29129 | high | — | 8.0 | 2mo ago | Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.… | |||
| CVE-2026-24880 | high | — | 8.0 | 2mo ago | Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through … | |||
| CVE-2026-1526 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-2581 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-1528 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-2229 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-21716 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-1525 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-25547 | high | — | 8.0 | 2mo ago | RHSA-2026:7123: nodejs:22 security update (Important) | |||
| CVE-2026-27904 | high | — | 8.0 | 2mo ago | RHSA-2026:8339: nodejs:20 security update (Important) | |||
| CVE-2026-1527 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-21711 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-21714 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-21715 | high | — | 8.0 | 2mo ago | RHSA-2026:7670: nodejs:24 security update (Important) | |||
| CVE-2026-26996 | high | — | 8.0 | 2mo ago | RHSA-2026:8339: nodejs:20 security update (Important) | |||
| CVE-2026-21710 | high | — | 8.0 | 2mo ago | RHSA-2026:8339: nodejs:20 security update (Important) | |||
| CVE-2026-40070 | high | — | 8.0 | 2mo ago | bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths) | |||
| CVE-2026-30818 | high | 8.0 | 8.0 | 2mo ago | An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file… | |||
| CVE-2026-30815 | high | 8.0 | 8.0 | 2mo ago | An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration fil… | |||
| CVE-2026-30814 | high | 8.0 | 8.0 | 2mo ago | A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via … | |||
| CVE-2026-34588 | high | — | 8.0 | 2mo ago | Important: openexr security update | |||
| CVE-2026-35611 | high | — | 8.0 | 2mo ago | Addressable has a Regular Expression Denial of Service in Addressable templates | |||
| CVE-2026-27784 | high | — | 8.0 | 2mo ago | Important: nginx security update | |||
| CVE-2026-27654 | high | — | 8.0 | 2mo ago | Important: nginx security update | |||
| CVE-2026-27651 | high | — | 8.0 | 2mo ago | Important: nginx security update | |||
| CVE-2026-32647 | high | — | 8.0 | 2mo ago | Important: nginx security update | |||
| CVE-2026-5684 | high | 8.0 | 8.0 | 2mo ago | A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the ar… | |||
| CVE-2026-5683 | high | 8.0 | 8.0 | 2mo ago | A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument pag… | |||
| CVE-2026-34827 | high | — | 8.0 | 2mo ago | Rack's multipart header parsing allows Denial of Service via escape-heavy quoted parameters | |||
| CVE-2026-34785 | high | — | 8.0 | 2mo ago | Rack::Static prefix matching can expose unintended files under the static root | |||
| CVE-2026-34829 | high | — | 8.0 | 2mo ago | Rack's multipart parsing without Content-Length header allows unbounded chunked file uploads | |||
| CVE-2026-34230 | high | — | 8.0 | 2mo ago | Rack has quadratic complexity in Rack::Utils.select_best_encoding via wildcard Accept-Encoding header | |||
| CVE-2026-4177 | high | — | 8.0 | 2mo ago | RHSA-2026:6470: perl-YAML-Syck security update (Important) | |||
| CVE-2026-34825 | high | — | 8.0 | 2mo ago | NocoBase Has SQL Injection via template variable substitution in workflow SQL node | |||
| CVE-2026-23948 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-24676 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-24679 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-24491 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-24681 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-23732 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-22852 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-22856 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-22854 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-24683 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-24675 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-31806 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-24684 | high | — | 8.0 | 2mo ago | RHSA-2026:6918: freerdp security update (Important) | |||
| CVE-2026-32748 | high | — | 8.0 | 2mo ago | RHSA-2026:8317: squid:4 security update (Important) | |||
| CVE-2026-33526 | high | — | 8.0 | 2mo ago | RHSA-2026:8317: squid:4 security update (Important) | |||
| CVE-2026-3889 | high | — | 8.0 | 2mo ago | RHSA-2026:6917: thunderbird security update (Important) | |||
| CVE-2026-4371 | high | — | 8.0 | 2mo ago | RHSA-2026:6917: thunderbird security update (Important) | |||
| CVE-2026-26965 | high | — | 8.0 | 2mo ago | RHSA-2026:6005: freerdp security update (Important) | |||
| CVE-2026-26955 | high | — | 8.0 | 2mo ago | RHSA-2026:6005: freerdp security update (Important) | |||
| CVE-2026-34040 | high | — | 8.0 | 2mo ago | Moby has AuthZ plugin bypass when provided oversized request bodies | |||
| CVE-2026-28377 | high | — | 8.0 | 2mo ago | Grafana Tempo has Inadequate Encryption Strength | |||
| CVE-2026-4717 | high | — | 8.0 | 2mo ago | Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4713 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4702 | high | — | 8.0 | 2mo ago | JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4709 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4685 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4686 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4687 | high | — | 8.0 | 2mo ago | Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 14… | |||
| CVE-2026-4712 | high | — | 8.0 | 2mo ago | Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4715 | high | — | 8.0 | 2mo ago | Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4714 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4695 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4707 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4706 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4705 | high | — | 8.0 | 2mo ago | Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4704 | high | — | 8.0 | 2mo ago | Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4710 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||
| CVE-2026-4708 | high | — | 8.0 | 2mo ago | Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. |