CVE정보

2026

CVE설명제출모더레이션항목
CVE-2026-49186The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any ...2026. 06. 04.2026. 06. 04.368243
CVE-2026-49185The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allo ...2026. 06. 04.2026. 06. 04.368247
CVE-2026-48681OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during depl ...2026. 06. 04.2026. 06. 04.368246
CVE-2026-44917OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read ...2026. 06. 04.2026. 06. 04.368248
CVE-2026-41283OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. ...2026. 06. 04.2026. 06. 04.368238
CVE-2026-41010ReleaseJob#unpack builds job_dir = File.join(@release_dir, 'jobs', name) and job_tgz = ...2026. 06. 04.2026. 06. 04.368244
CVE-2026-8829HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS ...2026. 06. 04.2026. 06. 04.368242
CVE-2026-41860CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token re ...2026. 06. 04.2026. 06. 04.368235
CVE-2026-41859A network man-in-the-middle between nats-sync and the BOSH director can steal the director crede ...2026. 06. 04.2026. 06. 04.368234
CVE-2026-41858Weak Randomness / Insecure Cryptographic Primitive (CWE-338) in Get-RandomPassword in BOSH-Ecosy ...2026. 06. 04.2026. 06. 04.368245
CVE-2026-41011PackagePersister.validate_tgz builds tar -tf #{tgz} 2 1 where tgz = File.join(release_dir, &# ...2026. 06. 04.2026. 06. 04.368241
CVE-2026-10597OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing ...2026. 06. 04.2026. 06. 04.368240
CVE-2026-8653The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the ...2026. 06. 04.2026. 06. 04.368236
CVE-2026-7764An out-of-bounds read vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaL ...2026. 06. 04.2026. 06. 04.368237
CVE-2026-10737The SP Project Document Manager plugin for WordPress is vulnerable to unauthorized access due ...2026. 06. 04.2026. 06. 04.368233
CVE-2026-8722Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections. The metric n ...2026. 06. 04.2026. 06. 04.368239
CVE-2026-10783A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_ ...2026. 06. 04.2026. 06. 04.368140
CVE-2026-2596Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.2026. 06. 04.2026. 06. 04.
 
CVE-2026-10777A vulnerability was identified in ealpha072 Student-Management-System up to 01451bd7a2f58cdda07b ...2026. 06. 04.2026. 06. 04.368139
CVE-2026-10775A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerabilit ...2026. 06. 04.2026. 06. 04.368138
CVE-2026-46447OpenStack Ironic through 35.0.x allows Boot Script Injection.2026. 06. 04.2026. 06. 04.368232
CVE-2026-22055Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authentic ...2026. 06. 04.2026. 06. 04.368231
CVE-2026-22054Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authe ...2026. 06. 04.2026. 06. 04.368230
CVE-2026-10771A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate.getForE ...2026. 06. 04.2026. 06. 04.368137
CVE-2026-50033Local privilege escalation due to DLL hijacking vulnerability. The following products are affect ...2026. 06. 03.2026. 06. 03.368228
CVE-2026-44682Local privilege escalation due to DLL hijacking vulnerability. The following products are affect ...2026. 06. 03.2026. 06. 03.368227
CVE-2026-44609Local privilege escalation due to EXE hijacking vulnerability. The following products are affect ...2026. 06. 03.2026. 06. 03.368226
CVE-2026-43924FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, ...2026. 06. 03.2026. 06. 03.368221
CVE-2026-42061Local privilege escalation due to excessive permissions assigned to child processes. The followi ...2026. 06. 03.2026. 06. 03.368225
CVE-2026-40495FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 ...2026. 06. 03.2026. 06. 03.368224
CVE-2026-37700Cross Site Scripting vulnerability in MaxSite CMS v.109.2 allows a remote attacker to obtain sen ...2026. 06. 03.2026. 06. 03.368229
CVE-2026-26825A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS fi ...2026. 06. 03.2026. 06. 03.368223
CVE-2026-26824libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE con ...2026. 06. 03.2026. 06. 03.368222
CVE-2026-10766A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils. ...2026. 06. 03.2026. 06. 03.368136
CVE-2026-8889Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL mat ...2026. 06. 03.2026. 06. 03.368218
CVE-2026-8888Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles serve ...2026. 06. 03.2026. 06. 03.368214
CVE-2026-8881Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a ...2026. 06. 03.2026. 06. 03.368212
CVE-2026-8879Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a conten ...2026. 06. 03.2026. 06. 03.368216
CVE-2026-8878Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints tha ...2026. 06. 03.2026. 06. 03.368203
CVE-2026-8876Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in s ...2026. 06. 03.2026. 06. 03.368219
CVE-2026-8874Version 3.0.7 of the Securly Chrome Extension downloads JSON files containing crisis alert keywo ...2026. 06. 03.2026. 06. 03.368202
CVE-2026-7888Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Wo ...2026. 06. 03.2026. 06. 03.368197
CVE-2026-45702OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kern ...2026. 06. 03.2026. 06. 03.368195
CVE-2026-45614OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kern ...2026. 06. 03.2026. 06. 03.368194
CVE-2026-42840An authenticated user can persist arbitrary HTML/JavaScript in the email_id or mobile_no fields ...2026. 06. 03.2026. 06. 03.368198
CVE-2026-42839An authenticated ERPNext user with Item record edit permissions can persist arbitrary HTML/JavaS ...2026. 06. 03.2026. 06. 03.368196
CVE-2026-26379An issue in Koha v.25.11 and before allows a remote attacker to execute arbitrary code via the Z ...2026. 06. 03.2026. 06. 03.368209
CVE-2026-26378Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute ...2026. 06. 03.2026. 06. 03.368220
CVE-2026-46273In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for pac ...2026. 06. 03.2026. 06. 03.368210
CVE-2026-46272In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race ...2026. 06. 03.2026. 06. 03.368215
CVE-2026-46271In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offload ...2026. 06. 03.2026. 06. 03.368211
CVE-2026-46270In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix u ...2026. 06. 03.2026. 06. 03.368213
CVE-2026-46269In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix N ...2026. 06. 03.2026. 06. 03.368181
CVE-2026-46268In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Fix p2pmem_alloc ...2026. 06. 03.2026. 06. 03.368170
CVE-2026-46267In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers ...2026. 06. 03.2026. 06. 03.368179
CVE-2026-46266In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPR ...2026. 06. 03.2026. 06. 03.368178
CVE-2026-46265In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQ_MEM_RECLAIM ...2026. 06. 03.2026. 06. 03.368169
CVE-2026-46264In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initial ...2026. 06. 03.2026. 06. 03.368183
CVE-2026-46263In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of- ...2026. 06. 03.2026. 06. 03.368168
CVE-2026-46262In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_xcvr: Revert fix m ...2026. 06. 03.2026. 06. 03.368156
CVE-2026-46261In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential ...2026. 06. 03.2026. 06. 03.368167
CVE-2026-46260In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound acces ...2026. 06. 03.2026. 06. 03.368154
CVE-2026-46259In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU prot ...2026. 06. 03.2026. 06. 03.368177
CVE-2026-46258In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL deref ...2026. 06. 03.2026. 06. 03.368176
CVE-2026-46257In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp ...2026. 06. 03.2026. 06. 03.368166
CVE-2026-46256In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct ...2026. 06. 03.2026. 06. 03.368182
CVE-2026-46255In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don&#03 ...2026. 06. 03.2026. 06. 03.368165
CVE-2026-46254In the Linux kernel, the following vulnerability has been resolved: AppArmor: Allow apparmor to ...2026. 06. 03.2026. 06. 03.368164
CVE-2026-46253In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overf ...2026. 06. 03.2026. 06. 03.368175
CVE-2026-46252In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix locking ...2026. 06. 03.2026. 06. 03.368162
CVE-2026-46251In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block_group_tree ...2026. 06. 03.2026. 06. 03.368160
CVE-2026-46250In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug w ...2026. 06. 03.2026. 06. 03.368163
CVE-2026-46249In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver ...2026. 06. 03.2026. 06. 03.368174
CVE-2026-46248In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale li ...2026. 06. 03.2026. 06. 03.368173
CVE-2026-46247In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent ...2026. 06. 03.2026. 06. 03.368159
CVE-2026-46246In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916_lbc: F ...2026. 06. 03.2026. 06. 03.368172
CVE-2026-46245In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dc_link ...2026. 06. 03.2026. 06. 03.368155
CVE-2026-46244In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IP ...2026. 06. 03.2026. 06. 03.368185
CVE-2026-40290OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kern ...2026. 06. 03.2026. 06. 03.368161
CVE-2026-39107A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Previ ...2026. 06. 03.2026. 06. 03.368208
CVE-2026-36618Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 responds to version.bind CHAOS TXT quer ...2026. 06. 03.2026. 06. 03.368180
CVE-2026-36616Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 contains hardcoded WiFi driver credenti ...2026. 06. 03.2026. 06. 03.368204
CVE-2026-36615Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 exposes an undocumented /agileconfigres ...2026. 06. 03.2026. 06. 03.368201
CVE-2026-36613Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 returns 128 bytes of uninitialized inte ...2026. 06. 03.2026. 06. 03.368200
CVE-2026-36612Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 enables WPS 2.0 by default with a weak ...2026. 06. 03.2026. 06. 03.368217
CVE-2026-36611Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 returns 128 bytes of uninitialized buff ...2026. 06. 03.2026. 06. 03.368199
CVE-2026-36610Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 transmits DDNS credentials over plainte ...2026. 06. 03.2026. 06. 03.368188
CVE-2026-36609Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 uses a static authentication non ...2026. 06. 03.2026. 06. 03.368190
CVE-2026-36608Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows UPnP AddPortMapping to fo ...2026. 06. 03.2026. 06. 03.368207
CVE-2026-36607Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-for ...2026. 06. 03.2026. 06. 03.368187
CVE-2026-36606Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 encrypts configuration backups w ...2026. 06. 03.2026. 06. 03.368193
CVE-2026-36605Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 is vulnerable to a HTTP denial o ...2026. 06. 03.2026. 06. 03.368206
CVE-2026-36604Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 does not validate the HTTP Host ...2026. 06. 03.2026. 06. 03.368189
CVE-2026-36603Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 exposes 15 of 18 UPnP IGD action ...2026. 06. 03.2026. 06. 03.368192
CVE-2026-36602Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 discloses kernel memory layout v ...2026. 06. 03.2026. 06. 03.368186
CVE-2026-36460Dovestones Softwares ADPhonebook before v4.0.1.1 is vulnerable to a Cross Site Scripting vulnera ...2026. 06. 03.2026. 06. 03.368205
CVE-2026-20233A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an un ...2026. 06. 03.2026. 06. 03.368184
CVE-2026-20230A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communica ...2026. 06. 03.2026. 06. 03.368153
CVE-2026-20175A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitra ...2026. 06. 03.2026. 06. 03.368158
CVE-2026-6657A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CO ...2026. 06. 03.2026. 06. 03.368151
CVE-2026-44281GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to v ...2026. 06. 03.2026. 06. 03.368152
CVE-2026-42321GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to ...2026. 06. 03.2026. 06. 03.368149
CVE-2026-42320GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to v ...2026. 06. 03.2026. 06. 03.368146
CVE-2026-42318GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to ...2026. 06. 03.2026. 06. 03.368145
CVE-2026-42317GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to v ...2026. 06. 03.2026. 06. 03.368144
CVE-2026-3276unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode in ...2026. 06. 03.2026. 06. 03.368143
CVE-2026-37462An integer underflow in the BGPUpdate.DecodeFromBytes function (/bgp/bgp.go) of gobgp v4.3.0 all ...2026. 06. 03.2026. 06. 03.368142
CVE-2026-36748RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting (XSS) via Social Media ...2026. 06. 03.2026. 06. 03.368150
CVE-2026-36576An OS command injection vulnerability in the app.py component of openlabs docker-wkhtmltopdf-aas ...2026. 06. 03.2026. 06. 03.368141
CVE-2026-36574A DLL hijacking vulnerability in Wassimulator (GitHub) CactusViewer v2.3.0 allows attackers to e ...2026. 06. 03.2026. 06. 03.368148
CVE-2026-24712Northern.tech CFEngine Enterprise and Community before 3.21.8, 3.24.3, and 3.27.0 allows Command ...2026. 06. 03.2026. 06. 03.363884
CVE-2026-8404An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cac ...2026. 06. 03.2026. 06. 03.368131
CVE-2026-7666An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.core.mail.back ...2026. 06. 03.2026. 06. 03.368130
CVE-2026-6873An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpReque ...2026. 06. 03.2026. 06. 03.368129
CVE-2026-5241A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 al ...2026. 06. 03.2026. 06. 03.368126
CVE-2026-48587An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.ha ...2026. 06. 03.2026. 06. 03.368128
CVE-2026-47325ProjectsAndPrograms school-management-system uses predictable credentials by generating student& ...2026. 06. 03.2026. 06. 03.368132
CVE-2026-47324ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting (XSS ...2026. 06. 03.2026. 06. 03.368135
CVE-2026-44546daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds ...2026. 06. 03.2026. 06. 03.368134
CVE-2026-44545daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayloadSize to Autobahn's ...2026. 06. 03.2026. 06. 03.368127
CVE-2026-37460Missing input validation in the rfapiRibBi2Ri() function (rfapi_rib.c) of FRRouting (FRR) stable ...2026. 06. 03.2026. 06. 03.368133
CVE-2026-35193An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cac ...2026. 06. 03.2026. 06. 03.368119
CVE-2026-10729An HTML injection vulnerability in the notification email for Slow Redirect and Cloned Websit ...2026. 06. 03.2026. 06. 03.368124
CVE-2026-35085A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig t ...2026. 06. 03.2026. 06. 03.368106
CVE-2026-35084A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to ...2026. 06. 03.2026. 06. 03.368105
CVE-2026-35083A remote attacker with user privileges can exploit a stack buffer overflow to gain full system a ...2026. 06. 03.2026. 06. 03.368104
CVE-2026-35082The ugw-logread method allows a remote attacker with user privileges to access arbitrary local f ...2026. 06. 03.2026. 06. 03.368115
CVE-2026-35081The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary proc ...2026. 06. 03.2026. 06. 03.368109
CVE-2026-35080The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary loc ...2026. 06. 03.2026. 06. 03.368114
CVE-2026-35079The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local f ...2026. 06. 03.2026. 06. 03.368113
CVE-2026-35078The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local ...2026. 06. 03.2026. 06. 03.368112
CVE-2026-35077The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary lo ...2026. 06. 03.2026. 06. 03.368111
CVE-2026-35076The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary loca ...2026. 06. 03.2026. 06. 03.368110
CVE-2026-35075An unauthenticated remote attacker can recover a default, hard coded password from a firmware im ...2026. 06. 03.2026. 06. 03.368108
CVE-2026-10722A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpe ...2026. 06. 03.2026. 06. 03.368091
CVE-2026-47065ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect ...2026. 06. 03.2026. 06. 03.368097
CVE-2026-41032It is possible for an unauthenticated adjacent attacker to download log files of the controller, ...2026. 06. 03.2026. 06. 03.368099
CVE-2026-4035A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environme ...2026. 06. 03.2026. 06. 03.368095
CVE-2026-5078Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username ...2026. 06. 03.2026. 06. 03.368093
CVE-2026-42506Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree ...2026. 06. 03.2026. 06. 03.365216
CVE-2026-42502Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree ...2026. 06. 03.2026. 06. 03.365215
CVE-2026-39821The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ...2026. 06. 03.2026. 06. 03.365210
CVE-2026-27136Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree ...2026. 06. 03.2026. 06. 03.365214
CVE-2026-25681Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree ...2026. 06. 03.2026. 06. 03.365213
CVE-2026-25680Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.2026. 06. 03.2026. 06. 03.365228
CVE-2026-50052In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsi ...2026. 06. 03.2026. 06. 03.368092
CVE-2026-50031ipmi-oem in FreeIPMI before 1.16.18 has exploitable buffer overflows on response messages. The I ...2026. 06. 03.2026. 06. 03.368086
CVE-2026-10705A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique_approx o ...2026. 06. 03.2026. 06. 03.368018
CVE-2026-10704A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this v ...2026. 06. 03.2026. 06. 03.368017
CVE-2026-10703A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the ...2026. 06. 03.2026. 06. 03.368016
CVE-2026-9516Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed in ...2026. 06. 03.2026. 06. 03.368088
CVE-2026-9334Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys wh ...2026. 06. 03.2026. 06. 03.368090
CVE-2026-10694A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this ...2026. 06. 03.2026. 06. 03.367963
CVE-2026-10693A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. ...2026. 06. 03.2026. 06. 03.367962
CVE-2026-9732The EmergencyWP Dead Man's switch legacy deliverance plugin for WordPress is vulnerable ...2026. 06. 03.2026. 06. 03.368087
CVE-2026-7421The Passeum Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all v ...2026. 06. 03.2026. 06. 03.368089
CVE-2026-10692A weakness has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the func ...2026. 06. 03.2026. 06. 03.367961
CVE-2026-10691A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impac ...2026. 06. 03.2026. 06. 03.367960
CVE-2026-10690A vulnerability was identified in wonderwhy-er DesktopCommanderMCP 0.2.37. This affects the func ...2026. 06. 03.2026. 06. 03.367959
CVE-2026-49448authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5 ...2026. 06. 03.2026. 06. 03.368063
CVE-2026-8936Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container cr ...2026. 06. 03.2026. 06. 03.368062
CVE-2026-42029This CVE is a duplicate of another CVE.2026. 06. 03.2026. 06. 03.
 
CVE-2026-35212OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observab ...2026. 06. 03.2026. 06. 03.368075
CVE-2026-10661A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfd ...2026. 06. 03.2026. 06. 03.367956
CVE-2026-10650A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ ...2026. 06. 03.2026. 06. 03.367955
CVE-2026-44654LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to an ...2026. 06. 03.2026. 06. 03.368046
CVE-2026-44653LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to an ...2026. 06. 03.2026. 06. 03.368045
CVE-2026-41412alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and ...2026. 06. 03.2026. 06. 03.368039
CVE-2026-40108GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, a te ...2026. 06. 03.2026. 06. 03.368050
CVE-2026-35482alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and ...2026. 06. 03.2026. 06. 03.368029
CVE-2026-32625LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to an ...2026. 06. 03.2026. 06. 03.368038
CVE-2026-10719Out of bounds write in openSeaChest s --showSupportedFormats in Seagate s openSeaChest v25.05.3 ...2026. 06. 03.2026. 06. 03.368044
CVE-2026-10688A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfd ...2026. 06. 03.2026. 06. 03.367958
CVE-2026-42507When returning errors, functions in the net/textproto package would include its input as part of ...2026. 06. 03.2026. 06. 03.368043
CVE-2026-42504Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume exc ...2026. 06. 03.2026. 06. 03.368051
CVE-2026-31942LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to an ...2026. 06. 03.2026. 06. 03.368037
CVE-2026-27145(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subje ...2026. 06. 03.2026. 06. 03.368042
CVE-2026-25861QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerab ...2026. 06. 03.2026. 06. 03.368027
CVE-2026-10718Out of bounds write in openSeaChest s Trim/Unmap operation in Seagate s openSeaChest v26.03.0 on ...2026. 06. 03.2026. 06. 03.368036
CVE-2026-10717Out of bounds write and reads in openSeaChest s --showSCSIDefects in Seagate s openSeaChest v25. ...2026. 06. 03.2026. 06. 03.368041
CVE-2026-10662A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b ...2026. 06. 03.2026. 06. 03.367957
CVE-2026-49443authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5 ...2026. 06. 02.2026. 06. 03.368035
CVE-2026-49144BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the _default HTTP h ...2026. 06. 02.2026. 06. 03.368034
CVE-2026-49143BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /_log HT ...2026. 06. 02.2026. 06. 03.368028
CVE-2026-47201authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026.2.3, and 2026.5 ...2026. 06. 02.2026. 06. 03.368032
CVE-2026-45289CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0. ...2026. 06. 02.2026. 06. 03.368040
CVE-2026-42849authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, due to ...2026. 06. 02.2026. 06. 03.368047
CVE-2026-41569authentik is an open-source identity provider. Prior to version 2026.2.3, the WS-Federation prov ...2026. 06. 02.2026. 06. 03.368033
CVE-2026-10624A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this ...2026. 06. 02.2026. 06. 02.367929
CVE-2026-10620A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown func ...2026. 06. 02.2026. 06. 02.367928
CVE-2026-10619A vulnerability was detected in sayan365 student-management-system up to 7f3c9ce7d410332335c2aff ...2026. 06. 02.2026. 06. 02.367927
CVE-2026-8036Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary sys ...2026. 06. 02.2026. 06. 03.368073
CVE-2026-8035Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to ca ...2026. 06. 02.2026. 06. 03.368055
CVE-2026-5385An unauthenticated user with write access to the knowledge base can store an XSS payload in a kn ...2026. 06. 02.2026. 06. 03.368085
CVE-2026-5076The ARMember Premium plugin for WordPress is vulnerable to an insecure password reset mechanism ...2026. 06. 02.2026. 06. 03.368058
CVE-2026-5074The ARMember Premium plugin for WordPress is vulnerable to SQL Injection via the 'sSortDir_ ...2026. 06. 02.2026. 06. 03.368056
CVE-2026-5073The ARMember Premium plugin for WordPress is vulnerable to SQL Injection via the 'order&#03 ...2026. 06. 02.2026. 06. 03.368058
CVE-2026-49120Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription w ...2026. 06. 02.2026. 06. 03.368072
CVE-2026-48682FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet par ...2026. 06. 02.2026. 06. 03.368074
CVE-2026-48598Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart par ...2026. 06. 02.2026. 06. 03.368070
CVE-2026-48597Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows ...2026. 06. 02.2026. 06. 03.368061
CVE-2026-48596Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting ...2026. 06. 02.2026. 06. 03.368069
CVE-2026-48595Improper Handling of Case Sensitivity vulnerability in elixir-tesla tesla allows credential leak ...2026. 06. 02.2026. 06. 03.368068
CVE-2026-48594Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-tesla t ...2026. 06. 02.2026. 06. 03.368066
CVE-2026-47265AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version ...2026. 06. 02.2026. 06. 03.368052
CVE-2026-42342React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and version ...2026. 06. 02.2026. 06. 03.368065
CVE-2026-42211React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, ...2026. 06. 02.2026. 06. 03.368057
CVE-2026-41577authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAM ...2026. 06. 02.2026. 06. 03.368064
CVE-2026-40181React Router is a router for React. In versions 7.0.0 through 7.14.0 and 6.7.0 through 6.30.3, c ...2026. 06. 02.2026. 06. 03.368067
CVE-2026-38967CrowCpp Crow through v1.3.1 HTTP is vulnerable to response header injection via unvalidated resp ...2026. 06. 02.2026. 06. 03.368083
CVE-2026-35202Pterodactyl is a free, open-source game server management panel. Prior to version 1.12.3, the Pt ...2026. 06. 02.2026. 06. 03.368060
CVE-2026-35049wire-ios is an iOS client for the Wire secure messaging application. Prior to version 4.16.0, up ...2026. 06. 02.2026. 06. 03.368082
CVE-2026-34993AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version ...2026. 06. 02.2026. 06. 03.368053
CVE-2026-34077React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router&#0 ...2026. 06. 02.2026. 06. 03.368080
CVE-2026-33553Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS.2026. 06. 02.2026. 06. 03.368084
CVE-2026-33245React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router&#0 ...2026. 06. 02.2026. 06. 03.368079
CVE-2026-30586Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain ...2026. 06. 02.2026. 06. 03.368071
CVE-2026-28299SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which whe ...2026. 06. 02.2026. 06. 03.368078
CVE-2026-1829The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code Execut ...2026. 06. 02.2026. 06. 03.368054
CVE-2026-10702JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Fire ...2026. 06. 02.2026. 06. 03.368076
CVE-2026-10701Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in F ...2026. 06. 02.2026. 06. 03.368081
CVE-2026-10617A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. This affects ...2026. 06. 02.2026. 06. 02.367926
CVE-2026-10616A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is ...2026. 06. 02.2026. 06. 02.367925
CVE-2026-10608A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of th ...2026. 06. 02.2026. 06. 02.367915
CVE-2026-10607A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dede_html ...2026. 06. 02.2026. 06. 02.367914
CVE-2026-10584Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missin ...2026. 06. 02.2026. 06. 03.368020
CVE-2026-49943CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the ...2026. 06. 02.2026. 06. 02.368011
CVE-2026-42074OpenClaude is an open-source coding-agent command line interface for cloud and local model provi ...2026. 06. 02.2026. 06. 02.368012
CVE-2026-42073OpenClaude is an open-source coding-agent command line interface for cloud and local model provi ...2026. 06. 02.2026. 06. 02.368013
CVE-2026-40715Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vuln ...2026. 06. 02.2026. 06. 02.368015
CVE-2026-40713Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vuln ...2026. 06. 02.2026. 06. 02.368014
CVE-2026-40571NamelessMC is website software for Minecraft servers. In version 2.2.4, `core/classes/Misc/Profi ...2026. 06. 02.2026. 06. 02.368010
CVE-2026-40314NamelessMC is website software for Minecraft servers. In version 2.2.4,`core/classes/Misc/Profil ...2026. 06. 02.2026. 06. 02.367997
CVE-2026-35447NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page (module ...2026. 06. 02.2026. 06. 02.367999
CVE-2026-35443NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/classes/F ...2026. 06. 02.2026. 06. 02.367998
CVE-2026-33244React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode ...2026. 06. 02.2026. 06. 02.368006
CVE-2026-24237NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization ...2026. 06. 02.2026. 06. 02.368001
CVE-2026-24221NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization ...2026. 06. 02.2026. 06. 02.368000
CVE-2026-1871TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling ...2026. 06. 02.2026. 06. 02.368002
CVE-2026-10606A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg o ...2026. 06. 02.2026. 06. 02.367913
CVE-2026-0611Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an una ...2026. 06. 02.2026. 06. 02.367996
CVE-2026-9590Improper access control in the permission validation component in Devolutions Server 2026.1.19 a ...2026. 06. 02.2026. 06. 02.367994
CVE-2026-9522Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and ...2026. 06. 02.2026. 06. 02.367982
CVE-2026-7299Appsmith s SQL query editor s autocomplete functionality fails to sanitize database object names ...2026. 06. 02.2026. 06. 02.367983
CVE-2026-49754Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows at ...2026. 06. 02.2026. 06. 02.367977
CVE-2026-49753Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulne ...2026. 06. 02.2026. 06. 02.367976
CVE-2026-48862Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows at ...2026. 06. 02.2026. 06. 02.367972
CVE-2026-48861Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in elixir-m ...2026. 06. 02.2026. 06. 02.367993
CVE-2026-44728Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0 ...2026. 06. 02.2026. 06. 02.365785
CVE-2026-47117OpenMed before 1.5.2 contains a remote code execution vulnerability in the PII privacy-filter mo ...2026. 06. 02.2026. 06. 02.367974
CVE-2026-45686OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367975
CVE-2026-45685OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367973
CVE-2026-45684OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367992
CVE-2026-45683OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367995
CVE-2026-45682OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367991
CVE-2026-45681OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367990
CVE-2026-45680OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367989
CVE-2026-45679OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367988
CVE-2026-45678OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.367987
CVE-2026-45676OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry stan ...2026. 06. 02.2026. 06. 02.368005
CVE-2026-45554NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve p ...2026. 06. 02.2026. 06. 02.367965
CVE-2026-45553NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructured_text() renders ...2026. 06. 02.2026. 06. 02.367968
CVE-2026-45080Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2. ...2026. 06. 02.2026. 06. 02.367966
CVE-2026-44367Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2. ...2026. 06. 02.2026. 06. 02.367967
CVE-2026-42654Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet Syste ...2026. 06. 02.2026. 06. 02.367981
CVE-2026-40780Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP ...2026. 06. 02.2026. 06. 02.367986
CVE-2026-40619A high security vulnerability affecting Security Center main server installations has been ident ...2026. 06. 02.2026. 06. 02.368004
CVE-2026-38978transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI ...2026. 06. 02.2026. 06. 02.368008
CVE-2026-35718A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-V ...2026. 06. 02.2026. 06. 02.367985
CVE-2026-35716A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136 ...2026. 06. 02.2026. 06. 02.367971
CVE-2026-34460NamelessMC is website software for Minecraft servers. In versions 2.2.4 and prior, the OAuth cal ...2026. 06. 02.2026. 06. 02.368003
CVE-2026-33398NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/pages/for ...2026. 06. 02.2026. 06. 02.367964
CVE-2026-30652A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the adm ...2026. 06. 02.2026. 06. 02.367970
CVE-2026-30650A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtas ...2026. 06. 02.2026. 06. 02.367969
CVE-2026-30649Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execu ...2026. 06. 02.2026. 06. 02.368007
CVE-2026-10629SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec ...2026. 06. 02.2026. 06. 02.367984
CVE-2026-10591Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before versio ...2026. 06. 02.2026. 06. 02.367980
CVE-2026-10047The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in th ...2026. 06. 02.2026. 06. 02.367978
CVE-2026-10046Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BI ...2026. 06. 02.2026. 06. 02.367979
CVE-2026-9844Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ ...2026. 06. 02.2026. 06. 02.367947
CVE-2026-7313CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version f ...2026. 06. 02.2026. 06. 02.367941
CVE-2026-7312CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version f ...2026. 06. 02.2026. 06. 02.367940
CVE-2026-7201CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity ...2026. 06. 02.2026. 06. 02.367939
CVE-2026-7198CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.86 ...2026. 06. 02.2026. 06. 02.367938
CVE-2026-7195CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, ...2026. 06. 02.2026. 06. 02.367937
CVE-2026-49782Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Inc ...2026. 06. 02.2026. 06. 02.367946
CVE-2026-43965Path traversal vulnerability in Gleam's dependency management allows arbitrary directory de ...2026. 06. 02.2026. 06. 02.367945
CVE-2026-42795Symlink following vulnerability in Gleam's Hex package export allows files outside the proj ...2026. 06. 02.2026. 06. 02.367951
CVE-2026-41918A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions V4.0). ...2026. 06. 02.2026. 06. 02.367944
CVE-2026-39555Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. ...2026. 06. 02.2026. 06. 02.367954
CVE-2026-39553Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.367934
CVE-2026-39552Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.367933
CVE-2026-35717A stack-based buffer overflow in the export_language.cgi binary in VIVOTEK FD8136 firmware FD813 ...2026. 06. 02.2026. 06. 02.367936
CVE-2026-32685Path traversal vulnerability in Gleam's handling of custom documentation pages allows arbit ...2026. 06. 02.2026. 06. 02.367950
CVE-2026-32250NamelessMC is website software for Minecraft servers. A Reflected Cross-Site Scripting (XSS) vul ...2026. 06. 02.2026. 06. 02.367935
CVE-2026-28116Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 02.2026. 06. 02.367953
CVE-2026-27351Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Co ...2026. 06. 02.2026. 06. 02.367943
CVE-2026-10622Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker ...2026. 06. 02.2026. 06. 02.367952
CVE-2026-10621Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files ...2026. 06. 02.2026. 06. 02.367942
CVE-2026-10611An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled ...2026. 06. 02.2026. 06. 02.367949
CVE-2026-8993D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing v ...2026. 06. 02.2026. 06. 02.367920
CVE-2026-42685Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 02.2026. 06. 02.367924
CVE-2026-42684Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') v ...2026. 06. 02.2026. 06. 02.367918
CVE-2026-42670Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reser ...2026. 06. 02.2026. 06. 02.367919
CVE-2026-42669Missing Authorization vulnerability in EventPrime allows Exploiting Incorrectly Configured Acces ...2026. 06. 02.2026. 06. 02.367923
CVE-2026-39551Deserialization of Untrusted Data vulnerability in Elated-Themes T bel allows Object Injection. ...2026. 06. 02.2026. 06. 02.367922
CVE-2026-39550Deserialization of Untrusted Data vulnerability in Elated-Themes Aperitif allows Object Injectio ...2026. 06. 02.2026. 06. 02.367921
CVE-2026-5422A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root ...2026. 06. 02.2026. 06. 02.367907
CVE-2026-5191The Tiled Gallery Carousel Without JetPack plugin for WordPress is vulnerable to stored cross-si ...2026. 06. 02.2026. 06. 02.367909
CVE-2026-46718Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vul ...2026. 06. 02.2026. 06. 02.367759
CVE-2026-41115An improper authorization vulnerability has been identified in Apache Kafka. The implementation ...2026. 06. 02.2026. 06. 02.367904
CVE-2026-34907Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting (XSS) due to insecure handl ...2026. 06. 02.2026. 06. 02.367911
CVE-2026-34906Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker t ...2026. 06. 02.2026. 06. 02.367905
CVE-2026-10549LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attack ...2026. 06. 02.2026. 06. 02.367906
CVE-2026-9730The Remove NoFollow Commenter URL plugin for WordPress is vulnerable to Cross-Site Request Forge ...2026. 06. 02.2026. 06. 02.367903
CVE-2026-9723The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in a ...2026. 06. 02.2026. 06. 02.367897
CVE-2026-9722The Laiser Tag plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions ...2026. 06. 02.2026. 06. 02.367902
CVE-2026-9599The Tectite Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versio ...2026. 06. 02.2026. 06. 02.367901
CVE-2026-9234The JTL-Connector for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in ...2026. 06. 02.2026. 06. 02.367896
CVE-2026-8885The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting ...2026. 06. 02.2026. 06. 02.367900
CVE-2026-8422The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request For ...2026. 06. 02.2026. 06. 02.367899
CVE-2026-4081The ZeM STL plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the [zemstl] s ...2026. 06. 02.2026. 06. 02.367898
CVE-2026-4080The Easy Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ad ...2026. 06. 02.2026. 06. 02.367895
CVE-2026-4071The BirdSeed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up ...2026. 06. 02.2026. 06. 02.367894
CVE-2026-3620The Word Replacer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the &#03 ...2026. 06. 02.2026. 06. 02.367893
CVE-2026-3514In version 3.6.19 of prefecthq/prefect, an authentication bypass vulnerability exists due to the ...2026. 06. 02.2026. 06. 02.367887
CVE-2026-2425The hiWeb Migration Simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting ...2026. 06. 02.2026. 06. 02.367892
CVE-2026-2382The FPW Category Thumbnails plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi ...2026. 06. 02.2026. 06. 02.367891
CVE-2026-1784The Route OpenShift resource allows to define routes to make pods reachable at a subdomain throu ...2026. 06. 02.2026. 06. 02.367886
CVE-2026-1451The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'a ...2026. 06. 02.2026. 06. 02.367890
CVE-2026-1450The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'm ...2026. 06. 02.2026. 06. 02.367889
CVE-2026-37630An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the js_mapped_a ...2026. 06. 02.2026. 06. 02.362912
CVE-2026-8293The Really Simple Security WordPress plugin before 9.5.10.1 does not enforce the second-factor ...2026. 06. 02.2026. 06. 02.367885
CVE-2026-10201A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FB ...2026. 06. 02.2026. 06. 02.367481
CVE-2026-10200A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue ...2026. 06. 02.2026. 06. 02.367480
CVE-2026-10199A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glT ...2026. 06. 02.2026. 06. 02.367479
CVE-2026-10198A flaw has been found in Assimp up to 6.0.4. Affected by this vulnerability is the function Assi ...2026. 06. 02.2026. 06. 02.367478
CVE-2026-10197A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::Impo ...2026. 06. 02.2026. 06. 02.367477
CVE-2026-8206The Kirki Freeform Page Builder, Website Builder Customizer plugin for WordPress is vulnerab ...2026. 06. 02.2026. 06. 02.367793
CVE-2026-3198MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for ...2026. 06. 02.2026. 06. 02.367794
CVE-2026-10583A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. Affected by ...2026. 06. 02.2026. 06. 02.367710
CVE-2026-10581A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64_d ...2026. 06. 02.2026. 06. 02.367676
CVE-2026-3871A buffer overflow vulnerability in the UPnP DeletePortMapping() command in Zyxel VMG4005-B50B fi ...2026. 06. 02.2026. 06. 02.367792
CVE-2026-3870A buffer overflow vulnerability in the UPnP AddPortMapping() command in Zyxel VMG4005-B50B firmw ...2026. 06. 02.2026. 06. 02.367791
CVE-2026-3722The Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image S ...2026. 06. 02.2026. 06. 02.367790
CVE-2026-10568A vulnerability was detected in itsourcecode Fees Management System 1.0. Affected is an unknown ...2026. 06. 02.2026. 06. 02.367675
CVE-2026-10567A security vulnerability has been detected in 1Panel-dev CordysCRM up to 1.4.1. This impacts the ...2026. 06. 02.2026. 06. 02.367674
CVE-2026-10566A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the functio ...2026. 06. 02.2026. 06. 02.367673
CVE-2026-10565A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function ...2026. 06. 02.2026. 06. 02.367672
CVE-2026-10510Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle applic ...2026. 06. 02.2026. 06. 02.367788
CVE-2026-10100The Simple Custom Login Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting v ...2026. 06. 02.2026. 06. 02.367767
CVE-2026-9050The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerab ...2026. 06. 02.2026. 06. 02.367789
CVE-2026-45104MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msS ...2026. 06. 02.2026. 06. 02.366515
CVE-2026-9048The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in ve ...2026. 06. 02.2026. 06. 02.367787
CVE-2026-10302A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unk ...2026. 06. 02.2026. 06. 02.367595
CVE-2026-10301A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is ...2026. 06. 02.2026. 06. 02.367594
CVE-2026-10528A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects th ...2026. 06. 02.2026. 06. 02.367636
CVE-2026-10514A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown func ...2026. 06. 02.2026. 06. 02.367596
CVE-2026-10559A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an ...2026. 06. 02.2026. 06. 02.367649
CVE-2026-10558A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unkn ...2026. 06. 02.2026. 06. 02.367648
CVE-2026-10550A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown c ...2026. 06. 02.2026. 06. 02.367646
CVE-2026-10548A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects t ...2026. 06. 02.2026. 06. 02.367645
CVE-2026-10529A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8 ...2026. 06. 02.2026. 06. 02.367637
CVE-2026-28511eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an ...2026. 06. 02.2026. 06. 02.367817
CVE-2026-25879Langroid is a framework for building large-language-model-powered applications. Prior to version ...2026. 06. 02.2026. 06. 02.367762
CVE-2026-25277Memory corruption while using Strongbox due to buffer overflow.2026. 06. 02.2026. 06. 02.367814
CVE-2026-25276Memory corruption while using Strongbox due to missing bounds check.2026. 06. 02.2026. 06. 02.367813
CVE-2026-25260Memory Corruption when accessing shared buffers without validation of concurrent user-mode input ...2026. 06. 02.2026. 06. 02.367812
CVE-2026-25259Memory corruption while processing multiple IOCTL command for escape operations.2026. 06. 02.2026. 06. 02.367811
CVE-2026-25258Memory corruption while processing IOCTL calls for escape operations.2026. 06. 02.2026. 06. 02.367810
CVE-2026-24782Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerab ...2026. 06. 02.2026. 06. 02.367808
CVE-2026-24761Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Ref ...2026. 06. 02.2026. 06. 02.367807
CVE-2026-24756Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Ref ...2026. 06. 02.2026. 06. 02.367806
CVE-2026-24755Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Ref ...2026. 06. 02.2026. 06. 02.367805
CVE-2026-24754Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in ...2026. 06. 02.2026. 06. 02.367809
CVE-2026-24753Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Ref ...2026. 06. 02.2026. 06. 02.367796
CVE-2026-24752Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability ...2026. 06. 02.2026. 06. 02.367797
CVE-2026-24092Memory Corruption when processing fastboot commands to set display mode.2026. 06. 02.2026. 06. 02.367804
CVE-2026-24091Memory corruption while processing fastboot commands with improperly formatted input.2026. 06. 02.2026. 06. 02.367803
CVE-2026-24090Cryptographic issue while processing partition table entries allows unauthorized modification of ...2026. 06. 02.2026. 06. 02.367802
CVE-2026-24089Memory corruption while processing fastboot commands with invalid input.2026. 06. 02.2026. 06. 02.367801
CVE-2026-24088Cryptographic Issue while processing a specific partition which allows unauthorized write access ...2026. 06. 02.2026. 06. 02.367800
CVE-2026-24087Memory corruption while processing fastboot OEM commands.2026. 06. 02.2026. 06. 02.367799
CVE-2026-24085Memory Corruption when processing display command line information due to improper initializatio ...2026. 06. 02.2026. 06. 02.367798
CVE-2026-10300A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown functi ...2026. 06. 02.2026. 06. 02.367593
CVE-2026-10299A weakness has been identified in code-projects Online Hospital Management System 1.0. This issu ...2026. 06. 02.2026. 06. 02.367592
CVE-2026-10298A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affe ...2026. 06. 02.2026. 06. 02.367591
CVE-2026-10297A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unkno ...2026. 06. 02.2026. 06. 02.367590
CVE-2026-10296A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issu ...2026. 06. 02.2026. 06. 02.367589
CVE-2026-10295A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerabil ...2026. 06. 02.2026. 06. 02.367588
CVE-2026-49491Pixa Bank 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to e ...2026. 06. 02.2026. 06. 02.367850
CVE-2026-40965Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. T ...2026. 06. 02.2026. 06. 02.367855
CVE-2026-40964Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an u ...2026. 06. 02.2026. 06. 02.367854
CVE-2026-28586In multiple functions of AppOpsService.java, there is a possible missing permission check due to ...2026. 06. 02.2026. 06. 02.367860
CVE-2026-28581In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an ...2026. 06. 02.2026. 06. 02.367883
CVE-2026-28580In multiple functions, there is a possible desync in persistence due to an incorrect bounds chec ...2026. 06. 02.2026. 06. 02.367882
CVE-2026-28578In multiple functions of DevicePolicyManagerService.java, there is a possible desync from persis ...2026. 06. 02.2026. 06. 02.367881
CVE-2026-28577In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjack ...2026. 06. 02.2026. 06. 02.367880
CVE-2026-10294A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function g_file_test o ...2026. 06. 02.2026. 06. 02.367587
CVE-2026-10293A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy o ...2026. 06. 02.2026. 06. 02.367586
CVE-2026-10292A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function s ...2026. 06. 02.2026. 06. 02.367585
CVE-2026-10291A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impact ...2026. 06. 02.2026. 06. 02.367584
CVE-2026-10290A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The af ...2026. 06. 02.2026. 06. 02.367583
CVE-2026-0100In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow ...2026. 06. 02.2026. 06. 02.367879
CVE-2026-0099In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity fro ...2026. 06. 02.2026. 06. 02.367878
CVE-2026-0098In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restri ...2026. 06. 02.2026. 06. 02.367877
CVE-2026-0097In multiple locations, there is a possible way to bypass user interaction when pairing an LE dev ...2026. 06. 02.2026. 06. 02.367853
CVE-2026-0096In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forge ...2026. 06. 02.2026. 06. 02.367876
CVE-2026-0095In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruptio ...2026. 06. 02.2026. 06. 02.367875
CVE-2026-0094In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into ...2026. 06. 02.2026. 06. 02.367874
CVE-2026-0093In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to ...2026. 06. 02.2026. 06. 02.367873
CVE-2026-0091In multiple locations, there is a possible way to execute code in the launcher process due to an ...2026. 06. 02.2026. 06. 02.367872
CVE-2026-0089In multiple functions of PackageInstallerService.java, there is a possible way to install unveri ...2026. 06. 02.2026. 06. 02.367871
CVE-2026-0088In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive securit ...2026. 06. 02.2026. 06. 02.367870
CVE-2026-0087In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to ...2026. 06. 02.2026. 06. 02.367884
CVE-2026-0086In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data ...2026. 06. 02.2026. 06. 02.367869
CVE-2026-0085In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large con ...2026. 06. 02.2026. 06. 02.367868
CVE-2026-0080In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash du ...2026. 06. 02.2026. 06. 02.367852
CVE-2026-0079In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of se ...2026. 06. 02.2026. 06. 02.367867
CVE-2026-0078In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence ...2026. 06. 02.2026. 06. 02.367866
CVE-2026-0077In resumeConfigurationDispatch of ActivityRecord.java, there is a possible background applicatio ...2026. 06. 02.2026. 06. 02.367865
CVE-2026-0076In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect ...2026. 06. 02.2026. 06. 02.367858
CVE-2026-0075In multiple functions, there is a possible way to access the contacts database due to a SQL inje ...2026. 06. 02.2026. 06. 02.367864
CVE-2026-0074In getPreferredSize of LauncherProcessImageListener.kt, there is a possible denial of service d ...2026. 06. 02.2026. 06. 02.367859
CVE-2026-0070In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a syst ...2026. 06. 02.2026. 06. 02.367863
CVE-2026-0069In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resourc ...2026. 06. 02.2026. 06. 02.367857
CVE-2026-0067In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a permanen ...2026. 06. 02.2026. 06. 02.367862
CVE-2026-0061In multiple functions of WindowState.java, there is a possible way to trick a user into acceptin ...2026. 06. 02.2026. 06. 02.367861
CVE-2026-0060In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible pe ...2026. 06. 02.2026. 06. 02.367856
CVE-2026-0059In multiple functions of sdp_discovery.cc, there is a possible way to achieve code execution due ...2026. 06. 02.2026. 06. 02.367851
CVE-2026-0056In setTo of ResourceTypes.cpp, there is a possible read out of bounds due to an incorrect bounds ...2026. 06. 02.2026. 06. 02.367825
CVE-2026-0055In createSessionInternal of PackageInstallerService.java, there is a possible to update a Device ...2026. 06. 02.2026. 06. 02.367849
CVE-2026-0052In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash du ...2026. 06. 02.2026. 06. 02.367824
CVE-2026-0051In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system c ...2026. 06. 02.2026. 06. 02.367823
CVE-2026-0050In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disc ...2026. 06. 02.2026. 06. 02.367836
CVE-2026-0048In hide of WindowState.java, there is a possible way to trick the user into approving permission ...2026. 06. 02.2026. 06. 02.367848
CVE-2026-0046In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a ...2026. 06. 02.2026. 06. 02.367835
CVE-2026-0045In bta_jv_rfcomm_connect of bta_jv_act.cc, there is a possible bypass of bonding for a secure co ...2026. 06. 02.2026. 06. 02.367847
CVE-2026-0044In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause the system ...2026. 06. 02.2026. 06. 02.367822
CVE-2026-0043In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of se ...2026. 06. 02.2026. 06. 02.367846
CVE-2026-0042In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of se ...2026. 06. 02.2026. 06. 02.367834
CVE-2026-0041In multiple functions of ubsan_throwing_runtime.cpp, there is a possible UBSan failure due to an ...2026. 06. 02.2026. 06. 02.367821
CVE-2026-0040In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash du ...2026. 06. 02.2026. 06. 02.367820
CVE-2026-0039In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of se ...2026. 06. 02.2026. 06. 02.367818
CVE-2026-0036In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjac ...2026. 06. 02.2026. 06. 02.367845
CVE-2026-0018In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial ...2026. 06. 02.2026. 06. 02.367844
CVE-2026-0016In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way t ...2026. 06. 02.2026. 06. 02.367833
CVE-2026-0009In multiple locations, there is a possible tapjacking due to a logic error in the code. This cou ...2026. 06. 02.2026. 06. 02.367843
CVE-2026-5419A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not const ...2026. 06. 01.2026. 06. 02.367764
CVE-2026-49433The DeepAI endpoint 'https://api.deepai.org/change_user_email' accepts POST requests w ...2026. 06. 01.2026. 06. 02.367776
CVE-2026-49140Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel ...2026. 06. 01.2026. 06. 02.367772
CVE-2026-49139Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the Micro ...2026. 06. 01.2026. 06. 02.367766
CVE-2026-49138Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_f ...2026. 06. 01.2026. 06. 02.367775
CVE-2026-49136Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability ...2026. 06. 01.2026. 06. 02.367773
CVE-2026-49135CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows ...2026. 06. 01.2026. 06. 02.367777
CVE-2026-49134CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that ...2026. 06. 01.2026. 06. 02.367774
CVE-2026-37234FlexRIC v2.0.0 allows a single SCTP connection to bind multiple xapp_ids by sending multiple E42 ...2026. 06. 01.2026. 06. 02.367763
CVE-2026-24751Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability ...2026. 06. 01.2026. 06. 02.367771
CVE-2026-10289A security flaw has been discovered in code-projects Hotel and Tourism Reservation System 1.0. I ...2026. 06. 01.2026. 06. 01.367582
CVE-2026-10288A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This i ...2026. 06. 01.2026. 06. 01.367581
CVE-2026-10287A vulnerability was determined in SourceCodester SEO Meta Tag Extractor 1.0. This vulnerability ...2026. 06. 01.2026. 06. 01.367580
CVE-2026-10286A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the f ...2026. 06. 01.2026. 06. 01.367579
CVE-2026-10285A vulnerability has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by ...2026. 06. 01.2026. 06. 01.367578
CVE-2026-10284A flaw has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this vuln ...2026. 06. 01.2026. 06. 01.367577
CVE-2026-9614An Improper Access Control vulnerability in Ivanti Neurons for ITSM (cloud and on-premises) allo ...2026. 06. 01.2026. 06. 01.367758
CVE-2026-9330IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supp ...2026. 06. 01.2026. 06. 01.367713
CVE-2026-9319IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution d ...2026. 06. 01.2026. 06. 01.367716
CVE-2026-9311IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by t ...2026. 06. 01.2026. 06. 01.367717
CVE-2026-8644IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.2026. 06. 01.2026. 06. 01.367718
CVE-2026-7770IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable t ...2026. 06. 01.2026. 06. 01.367719
CVE-2026-49121AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthenticated remote code executi ...2026. 06. 01.2026. 06. 01.367725
CVE-2026-47294Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker t ...2026. 06. 01.2026. 06. 01.367715
CVE-2026-45810Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31 ...2026. 06. 01.2026. 06. 01.367745
CVE-2026-45729Thor Vector Graphics (ThorVG) is a production-ready vector graphics engine. Prior to version 1.0 ...2026. 06. 01.2026. 06. 01.367752
CVE-2026-45727CloakBrowser is a tool to bypass bot detection tests. Prior to version 0.3.28, the cloakserve CD ...2026. 06. 01.2026. 06. 01.367751
CVE-2026-45722Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, ...2026. 06. 01.2026. 06. 01.367755
CVE-2026-45691Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32 ...2026. 06. 01.2026. 06. 01.367744
CVE-2026-45690Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32 ...2026. 06. 01.2026. 06. 01.367743
CVE-2026-45545Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, ...2026. 06. 01.2026. 06. 01.367754
CVE-2026-45544Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version ...2026. 06. 01.2026. 06. 01.367742
CVE-2026-45543Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version ...2026. 06. 01.2026. 06. 01.367724
CVE-2026-45302parse-nested-form-data is a tiny node module for parsing FormData by name into objects and array ...2026. 06. 01.2026. 06. 01.367750
CVE-2026-45286Nextcloud is an open source content collaboration platform. From versions 5.5.13 to before 5.5.1 ...2026. 06. 01.2026. 06. 01.367741
CVE-2026-45285Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0. ...2026. 06. 01.2026. 06. 01.367740
CVE-2026-45284Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version ...2026. 06. 01.2026. 06. 01.367739
CVE-2026-45283Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32 ...2026. 06. 01.2026. 06. 01.367753
CVE-2026-45282Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32 ...2026. 06. 01.2026. 06. 01.367738
CVE-2026-45281Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32 ...2026. 06. 01.2026. 06. 01.367737
CVE-2026-45279Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31 ...2026. 06. 01.2026. 06. 01.367736
CVE-2026-45278Nextcloud is an open source content collaboration platform. From version 6.1.0 to before version ...2026. 06. 01.2026. 06. 01.367735
CVE-2026-45277Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticate ...2026. 06. 01.2026. 06. 01.367734
CVE-2026-45275Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege ...2026. 06. 01.2026. 06. 01.367757
CVE-2026-43958A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcach ...2026. 06. 01.2026. 06. 01.367756
CVE-2026-43625CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network att ...2026. 06. 01.2026. 06. 01.367733
CVE-2026-43624F5-TTS through version 1.1.20 contains a path traversal vulnerability in the finetune Gradio han ...2026. 06. 01.2026. 06. 01.367732
CVE-2026-43623microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw_to_header ...2026. 06. 01.2026. 06. 01.367749
CVE-2026-41013Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release al ...2026. 06. 01.2026. 06. 01.367731
CVE-2026-40990OOM error is possible while attempting to add infinite amount of functions to Function Registry. ...2026. 06. 01.2026. 06. 01.367748
CVE-2026-40989Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Sp ...2026. 06. 01.2026. 06. 01.367747
CVE-2026-37235FlexRIC v2.0.0 trusts the xapp_id field from E42 message payloads without binding it to the send ...2026. 06. 01.2026. 06. 01.367730
CVE-2026-37233FlexRIC v2.0.0 contains an authorization bypass in the iApp's xApp isolation mechanism. The ...2026. 06. 01.2026. 06. 01.367746
CVE-2026-37232An issue was discovered in OpenAirInterface5G 2.4.0 (nr-softmodem) in the E2SM-KPM RAN Function& ...2026. 06. 01.2026. 06. 01.367723
CVE-2026-37231FlexRIC v2.0.0 uses a uint16_t counter for xapp_id assignment but stores the value in uint32_t m ...2026. 06. 01.2026. 06. 01.367729
CVE-2026-37230FlexRIC v2.0.0 crashes when the near-RT RIC receives a RIC_INDICATION message with a ran_func_id ...2026. 06. 01.2026. 06. 01.367728
CVE-2026-37229FlexRIC v2.0.0 contains a reachable assertion in e2ap_create_pdu() triggered when ASN.1 PER deco ...2026. 06. 01.2026. 06. 01.367727
CVE-2026-37228FlexRIC v2.0.0 contains a reachable assertion in e2ap_recv_sctp_msg() (src/lib/ep/e2ap_ep.c). Th ...2026. 06. 01.2026. 06. 01.367722
CVE-2026-37226FlexRIC v2.0.0 crashes when the iApp receives an E42_RIC_SUBSCRIPTION_REQUEST referencing a non- ...2026. 06. 01.2026. 06. 01.367721
CVE-2026-30963Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespac ...2026. 06. 01.2026. 06. 01.367714
CVE-2026-23638Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Ref ...2026. 06. 01.2026. 06. 01.367726
CVE-2026-22872Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller run ...2026. 06. 01.2026. 06. 01.367720
CVE-2026-10283A vulnerability was detected in Bottelet DaybydayCRM up to 2.2.1. Affected is an unknown functio ...2026. 06. 01.2026. 06. 01.367576
CVE-2026-10282A security vulnerability has been detected in Bottelet DaybydayCRM up to 2.2.1. This impacts the ...2026. 06. 01.2026. 06. 01.367575
CVE-2026-10281A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the funct ...2026. 06. 01.2026. 06. 01.367574
CVE-2026-10280A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unkn ...2026. 06. 01.2026. 06. 01.367573
CVE-2026-10279A vulnerability was identified in hiraishikentaro wezterm-mcp 0.1.0. The affected element is an ...2026. 06. 01.2026. 06. 01.367572
CVE-2026-10278A vulnerability was determined in ishayoyo excel-mcp up to 1.0.2. Impacted is an unknown functio ...2026. 06. 01.2026. 06. 01.367571
CVE-2026-10277A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a2 ...2026. 06. 01.2026. 06. 01.367570
CVE-2026-10276A vulnerability has been found in hekmon8 Jenkins-server-mcp 0.1.0. This vulnerability affects t ...2026. 06. 01.2026. 06. 01.367569
CVE-2026-0072In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is ...2026. 06. 01.2026. 06. 01.367712
CVE-2026-8643pip would treat console_scripts and gui_scripts as paths instead of file names without sanitizin ...2026. 06. 01.2026. 06. 01.366890
CVE-2026-8501Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Securi ...2026. 06. 01.2026. 06. 01.367705
CVE-2026-46243In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspac ...2026. 06. 01.2026. 06. 01.367678
CVE-2026-45701Sulu is an open-source PHP content management system based on the Symfony framework. Prior to ve ...2026. 06. 01.2026. 06. 01.367677
CVE-2026-45267Nextcloud is an open source content collaboration platform. Prior to version 5.2.6, a missing pe ...2026. 06. 01.2026. 06. 01.367697
CVE-2026-45266Nextcloud is an open source content collaboration platform. Prior to versions 21.1.10, 22.0.11, ...2026. 06. 01.2026. 06. 01.367696
CVE-2026-45264Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0. ...2026. 06. 01.2026. 06. 01.367695
CVE-2026-45159Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15. ...2026. 06. 01.2026. 06. 01.367694
CVE-2026-45157Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32 ...2026. 06. 01.2026. 06. 01.367693
CVE-2026-45156Nextcloud is an open source content collaboration platform. From versions 0.3.0 to before 3.1.0, ...2026. 06. 01.2026. 06. 01.367692
CVE-2026-45155Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32 ...2026. 06. 01.2026. 06. 01.367691
CVE-2026-45154Nextcloud is an open source content collaboration platform. From version 2.6.0 to before version ...2026. 06. 01.2026. 06. 01.367690
CVE-2026-45153Nextcloud is an open source content collaboration platform. From version 33.0.0 to before versio ...2026. 06. 01.2026. 06. 01.367706
CVE-2026-45132CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a ...2026. 06. 01.2026. 06. 01.367685
CVE-2026-45131CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a ...2026. 06. 01.2026. 06. 01.367684
CVE-2026-44740Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, ...2026. 06. 01.2026. 06. 01.367683
CVE-2026-44211Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13 ...2026. 06. 01.2026. 06. 01.367704
CVE-2026-42679Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnera ...2026. 06. 01.2026. 06. 01.367689
CVE-2026-42678Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 01.2026. 06. 01.367707
CVE-2026-42677Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorr ...2026. 06. 01.2026. 06. 01.367703
CVE-2026-42676Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 01.2026. 06. 01.367709
CVE-2026-42675Missing Authorization vulnerability in Themefic Hydra Booking allows Exploiting Incorrectly Conf ...2026. 06. 01.2026. 06. 01.367702
CVE-2026-42674Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL ...2026. 06. 01.2026. 06. 01.367708
CVE-2026-42673Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activ ...2026. 06. 01.2026. 06. 01.367701
CVE-2026-42672Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') v ...2026. 06. 01.2026. 06. 01.367700
CVE-2026-42671Missing Authorization vulnerability in Paolo GeoDirectory allows Exploiting Incorrectly Configur ...2026. 06. 01.2026. 06. 01.367699
CVE-2026-38950An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted ...2026. 06. 01.2026. 06. 01.367698
CVE-2026-37227FlexRIC v2.0.0 contains reachable assert(0) calls in stub message handlers for whitelisted but u ...2026. 06. 01.2026. 06. 01.367688
CVE-2026-37225FlexRIC v2.0.0 crashes when the iApp receives an E42_RIC_SUBSCRIPTION_REQUEST with an empty ricE ...2026. 06. 01.2026. 06. 01.367687
CVE-2026-37224FlexRIC v2.0.0 crashes when receiving a duplicate E2_SETUP_REQUEST from the same or spoofed E2 N ...2026. 06. 01.2026. 06. 01.367682
CVE-2026-37223FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher val ...2026. 06. 01.2026. 06. 01.367681
CVE-2026-37222FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element (IE) counts in decoded ...2026. 06. 01.2026. 06. 01.367686
CVE-2026-10275A flaw has been found in OpenSC up to 0.26.1. This affects the function test_kpgen_certwrite of ...2026. 06. 01.2026. 06. 01.367568
CVE-2026-10274A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b ...2026. 06. 01.2026. 06. 01.367553
CVE-2026-10273A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the fil ...2026. 06. 01.2026. 06. 01.367552
CVE-2026-10272A vulnerability has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b526 ...2026. 06. 01.2026. 06. 01.367551
CVE-2026-10271A flaw has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca84 ...2026. 06. 01.2026. 06. 01.367550
CVE-2026-10270A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function s ...2026. 06. 01.2026. 06. 01.367549
CVE-2026-10269A security vulnerability has been detected in decolua 9router up to 0.4.0. This issue affects th ...2026. 06. 01.2026. 06. 01.367548
CVE-2026-10268A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the ...2026. 06. 01.2026. 06. 01.367547
CVE-2026-10118A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerab ...2026. 06. 01.2026. 06. 01.367680
CVE-2026-8931A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 t ...2026. 06. 01.2026. 06. 01.367665
CVE-2026-48879Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This is ...2026. 06. 01.2026. 06. 01.367671
CVE-2026-48866Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnera ...2026. 06. 01.2026. 06. 01.367662
CVE-2026-48865Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 01.2026. 06. 01.367670
CVE-2026-48839Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 01.2026. 06. 01.367669
CVE-2026-48559Lightweight Music Server (LMS) though 3.76.0 contains a stored cross-site scripting vulnerabilit ...2026. 06. 01.2026. 06. 01.367666
CVE-2026-42683Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 01.2026. 06. 01.367668
CVE-2026-42682Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Confi ...2026. 06. 01.2026. 06. 01.367664
CVE-2026-42681Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 01.2026. 06. 01.367667
CVE-2026-42680Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Cont ...2026. 06. 01.2026. 06. 01.367663
CVE-2026-42251Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server ...2026. 06. 01.2026. 06. 01.367661
CVE-2026-37221FlexRIC v2.0.0 crashes when receiving a RIC_SUBSCRIPTION_RESPONSE with an unknown ric_id that ha ...2026. 06. 01.2026. 06. 01.367660
CVE-2026-37220FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2_SETUP_REQUEST is sent. Th ...2026. 06. 01.2026. 06. 01.367658
CVE-2026-10533A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do no ...2026. 06. 01.2026. 06. 01.367659
CVE-2026-10267A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function ...2026. 06. 01.2026. 06. 01.367546
CVE-2026-10265A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this i ...2026. 06. 01.2026. 06. 01.367545
CVE-2026-10264A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is ...2026. 06. 01.2026. 06. 01.367544
CVE-2026-10263A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Af ...2026. 06. 01.2026. 06. 01.367543
CVE-2026-10262A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown ...2026. 06. 01.2026. 06. 01.367542
CVE-2026-10261A flaw has been found in CodeAstro Online Job Portal 1.0. This affects an unknown function of th ...2026. 06. 01.2026. 06. 01.367541
CVE-2026-10260A vulnerability was detected in CodeAstro Online Job Portal 1.0. The impacted element is an unkn ...2026. 06. 01.2026. 06. 01.367540
CVE-2026-10259A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element i ...2026. 06. 01.2026. 06. 01.367539
CVE-2026-0826In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a ...2026. 06. 01.2026. 06. 01.367652
CVE-2026-44724systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on ...2026. 06. 01.2026. 06. 01.363657
CVE-2026-26318systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 a ...2026. 06. 01.2026. 06. 01.346969
CVE-2026-26280systeminformation is a System and OS information library for node.js. In versions prior to 5.30. ...2026. 06. 01.2026. 06. 01.346968
CVE-2026-47337Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in ...2026. 06. 01.2026. 06. 01.366877
CVE-2026-47336Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppA ...2026. 06. 01.2026. 06. 01.366880
CVE-2026-47335Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling ...2026. 06. 01.2026. 06. 01.366854
CVE-2026-47334Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while hold ...2026. 06. 01.2026. 06. 01.366853
CVE-2026-47333Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly ...2026. 06. 01.2026. 06. 01.366879
CVE-2026-47332Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the siz ...2026. 06. 01.2026. 06. 01.366871
CVE-2026-47331Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a l ...2026. 06. 01.2026. 06. 01.366870
CVE-2026-47330Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumsta ...2026. 06. 01.2026. 06. 01.366876
CVE-2026-47329Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the ...2026. 06. 01.2026. 06. 01.366875
CVE-2026-47328Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free ...2026. 06. 01.2026. 06. 01.366867
CVE-2026-47327Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in ...2026. 06. 01.2026. 06. 01.366847
CVE-2026-47326Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big r ...2026. 06. 01.2026. 06. 01.366866
CVE-2026-9309Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious p ...2026. 06. 01.2026. 06. 01.367644
CVE-2026-9308Firefox for iOS Reader View replaced page content in its HTML template before replacing other in ...2026. 06. 01.2026. 06. 01.367643
CVE-2026-34193Kernel software installed and running inside a Guest/Host VM may post improper commands to the G ...2026. 06. 01.2026. 06. 01.367639
CVE-2026-10532Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core (HardenedObj ...2026. 06. 01.2026. 06. 01.367638
CVE-2026-10258A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unk ...2026. 06. 01.2026. 06. 01.367538
CVE-2026-10257A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue af ...2026. 06. 01.2026. 06. 01.367537
CVE-2026-10256A vulnerability was identified in itsourcecode Content Management System 1.0. This vulnerability ...2026. 06. 01.2026. 06. 01.367536
CVE-2026-10255A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affect ...2026. 06. 01.2026. 06. 01.367533
CVE-2026-10254A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unk ...2026. 06. 01.2026. 06. 01.367532
CVE-2026-10253A vulnerability was detected in itsourcecode Online House Rental System 1.0. This impacts an unk ...2026. 06. 01.2026. 06. 01.367531
CVE-2026-10252A security vulnerability has been detected in itsourcecode Online House Rental System 1.0. This ...2026. 06. 01.2026. 06. 01.367530
CVE-2026-10251A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted elem ...2026. 06. 01.2026. 06. 01.367529
CVE-2026-49328Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubatin ...2026. 06. 01.2026. 06. 01.367640
CVE-2026-25600The PDBM application relies on a static, hard‑coded secret embedded in the PDBM.exe executabl ...2026. 06. 01.2026. 06. 01.367641
CVE-2026-25599Missing authentication and clear‑text transmission of data from the heat pumps to the control ...2026. 06. 01.2026. 06. 01.367642
CVE-2026-10250A security flaw has been discovered in itsourcecode Online Blood Bank Management System 1.0. The ...2026. 06. 01.2026. 06. 01.367528
CVE-2026-10249A vulnerability was identified in itsourcecode Online Blood Bank Management System 1.0. Impacted ...2026. 06. 01.2026. 06. 01.367527
CVE-2026-10248A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. ...2026. 06. 01.2026. 06. 01.367526
CVE-2026-10247A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulner ...2026. 06. 01.2026. 06. 01.367525
CVE-2026-10246A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This a ...2026. 06. 01.2026. 06. 01.367524
CVE-2026-10245A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by thi ...2026. 06. 01.2026. 06. 01.367523
CVE-2026-10244A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected ...2026. 06. 01.2026. 06. 01.367522
CVE-2026-9024A Stored Cross-site Scripting (XSS) vulnerability affecting Process Experience Studio in DELMIA ...2026. 06. 01.2026. 06. 01.367635
CVE-2026-8474A vulnerability was discovered on Stormshield Network Security * 4.3.0 to 4.3.41, * 4.8. ...2026. 06. 01.2026. 06. 01.367631
CVE-2026-7858A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release ...2026. 06. 01.2026. 06. 01.367625
CVE-2026-49361Apache Fluss versions prior to 0.9.1 configure the Netty LengthFieldBasedFrameDecoder with Integ ...2026. 06. 01.2026. 06. 01.367622
CVE-2026-49298A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authe ...2026. 06. 01.2026. 06. 01.367621
CVE-2026-49270Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apac ...2026. 06. 01.2026. 06. 01.367620
CVE-2026-49267Apache Airflow's EmailOperator and the underlying `airflow.utils.email` helpers established ...2026. 06. 01.2026. 06. 01.367619
CVE-2026-49157Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache Active ...2026. 06. 01.2026. 06. 01.367618
CVE-2026-48827Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git ...2026. 06. 01.2026. 06. 01.367617
CVE-2026-48726A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens va ...2026. 06. 01.2026. 06. 01.367567
CVE-2026-46764The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched a ...2026. 06. 01.2026. 06. 01.367566
CVE-2026-46605Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows aut ...2026. 06. 01.2026. 06. 01.367616
CVE-2026-45505Improper Input Validation, Improper Control of Generation of Code ('Code Injection') v ...2026. 06. 01.2026. 06. 01.367615
CVE-2026-45426Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid ...2026. 06. 01.2026. 06. 01.367565
CVE-2026-45360Apache Airflow's scheduler-side deadline-reference decoder (`SerializedCustomReference.dese ...2026. 06. 01.2026. 06. 01.367564
CVE-2026-44825Hardcoded credentials in the Basic Authentication setup tool (bin/solr auth enable) in Apache So ...2026. 06. 01.2026. 06. 01.367397
CVE-2026-42588Improper Input Validation, Improper Control of Generation of Code ('Code Injection') v ...2026. 06. 01.2026. 06. 01.367613
CVE-2026-42360A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key mask ...2026. 06. 01.2026. 06. 01.367563
CVE-2026-42359A bug in Apache Airflow's XCom PATCH endpoint `PATCH /api/v2/xcomEntries/{key}` allowed an ...2026. 06. 01.2026. 06. 01.367562
CVE-2026-42358A bug in Apache Airflow's Variable response masker caused nested-key redaction (triggered b ...2026. 06. 01.2026. 06. 01.367561
CVE-2026-42253Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 01.2026. 06. 01.367612
CVE-2026-42252Apache Airflow's official documentation at `core-concepts/dag-run.html` ( Passing Parameter ...2026. 06. 01.2026. 06. 01.367560
CVE-2026-41084A bug in Apache Airflow's bulk Task Instances API (`PATCH/DELETE /api/v2/dags/{dag_id}/dagR ...2026. 06. 01.2026. 06. 01.367559
CVE-2026-41017Apache Airflow's `JWTRefreshMiddleware` set the JWT auth cookie without the `Secure` flag, ...2026. 06. 01.2026. 06. 01.367558
CVE-2026-41014The partitioned_dag_runs endpoints in the Airflow UI enforced only asset-level access control, n ...2026. 06. 01.2026. 06. 01.367557
CVE-2026-40963The structure_data endpoint in the Airflow UI returned external dependency graph nodes for linke ...2026. 06. 01.2026. 06. 01.367556
CVE-2026-40961A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs th ...2026. 06. 01.2026. 06. 01.367555
CVE-2026-40861A Dag author could either (a) create a symlink under their task's log directory pointing to ...2026. 06. 01.2026. 06. 01.367554
CVE-2026-40549SOPlanning is vulnerable to Cross‑Site Request Forgery (CSRF) in groupe_save create, modify an ...2026. 06. 01.2026. 06. 01.367634
CVE-2026-40548SOPlanning does not verify uploaded file extension. An authenticated attacker with access to the ...2026. 06. 01.2026. 06. 01.367623
CVE-2026-40547SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated remote attacker i ...2026. 06. 01.2026. 06. 01.367627
CVE-2026-40546SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker wit ...2026. 06. 01.2026. 06. 01.367628
CVE-2026-40545SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a mali ...2026. 06. 01.2026. 06. 01.367632
CVE-2026-40544SOPlanning is vulnerable to Stored Cross-Site Scripting (XSS) via /process/upload_backup endpoin ...2026. 06. 01.2026. 06. 01.367633
CVE-2026-40543SOPlanning does not enforce authorization for backup functionalities. An unauthenticated attacke ...2026. 06. 01.2026. 06. 01.367626
CVE-2026-32325Privilege chaining issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this ...2026. 06. 01.2026. 06. 01.367630
CVE-2026-27788Incorrect permission assignment for critical resource issue exists in ServerView Agents for Wind ...2026. 06. 01.2026. 06. 01.367629
CVE-2026-10517A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-suppli ...2026. 06. 01.2026. 06. 01.367624
CVE-2026-10243A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected i ...2026. 06. 01.2026. 06. 01.367521
CVE-2026-10242A weakness has been identified in itsourcecode Content Management System 1.0. This impacts an un ...2026. 06. 01.2026. 06. 01.367520
CVE-2026-10241A security flaw has been discovered in jeecgboot The server processes these URLs up to 3.9.1. Th ...2026. 06. 01.2026. 06. 01.367519
CVE-2026-10240A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown func ...2026. 06. 01.2026. 06. 01.367518
CVE-2026-10239A vulnerability was determined in JeecgBoot up to 3.9.2. The affected element is the function Wo ...2026. 06. 01.2026. 06. 01.367517
CVE-2026-10237A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an ...2026. 06. 01.2026. 06. 01.367516
CVE-2026-10236A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue ...2026. 06. 01.2026. 06. 01.367515
CVE-2026-48501GitHub CLI (gh) is GitHub\u2019s official command line tool. Prior to 2.93.0, GitHub CLI incorre ...2026. 06. 01.2026. 06. 01.367274
CVE-2026-45192A bug in the GET `/api/v2/connections/{connection_id}` REST API endpoint in Apache Airflow allow ...2026. 06. 01.2026. 06. 01.367614
CVE-2026-35563It was identified that the LDAP client implementation in version 2.1.7 does not verify if the se ...2026. 06. 01.2026. 06. 01.367611
CVE-2026-10235A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability a ...2026. 06. 01.2026. 06. 01.367514
CVE-2026-10234A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of t ...2026. 06. 01.2026. 06. 01.367513
CVE-2026-10233A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the ...2026. 06. 01.2026. 06. 01.367512
CVE-2026-10232A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the func ...2026. 06. 01.2026. 06. 01.367511
CVE-2026-10231A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader ...2026. 06. 01.2026. 06. 01.367510
CVE-2026-10230A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::Hal ...2026. 06. 01.2026. 06. 01.367509
CVE-2026-10229A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::re ...2026. 06. 01.2026. 06. 01.367508
CVE-2026-10228A vulnerability was found in raisulislamg4 student_management_system_by_php up to 310d950e09013d ...2026. 06. 01.2026. 06. 01.367507
CVE-2026-47104libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parse_iad_a ...2026. 06. 01.2026. 06. 01.366388
CVE-2026-23679libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attac ...2026. 06. 01.2026. 06. 01.366169
CVE-2026-8796Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. ...2026. 06. 01.2026. 06. 01.367601
CVE-2026-10227A vulnerability has been found in raisulislamg4 student_management_system_by_php up to 310d950e0 ...2026. 06. 01.2026. 06. 01.367506
CVE-2026-10226A flaw has been found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133 ...2026. 06. 01.2026. 06. 01.367505
CVE-2026-10225A vulnerability was detected in raisulislamg4 student_management_system_by_php up to 310d950e090 ...2026. 06. 01.2026. 06. 01.367504
CVE-2026-10224A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vu ...2026. 06. 01.2026. 06. 01.367503
CVE-2026-10223A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the fu ...2026. 06. 01.2026. 06. 01.367502
CVE-2026-10222A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by th ...2026. 06. 01.2026. 06. 01.367501

2025

CVE설명제출모더레이션항목
CVE-2025-71314In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from pa ...2026. 06. 03.2026. 06. 03.368157
CVE-2025-71313In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing N ...2026. 06. 03.2026. 06. 03.368171
CVE-2025-70101An out-of-bounds read in the ext4_ext_binsearch_idx function in src/ext4_extent.c of the lwext4 ...2026. 06. 03.2026. 06. 03.368122
CVE-2025-70100A divide-by-zero vulnerability in the ext4_block_set_lb_size function in src/ext4_blockdev.c of ...2026. 06. 03.2026. 06. 03.368121
CVE-2025-60477A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ex function (/filter_core/ ...2026. 06. 03.2026. 06. 03.368120
CVE-2025-41259SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TOCTOU) race condition that ...2026. 06. 03.2026. 06. 03.368107
CVE-2025-15656Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Esca ...2026. 06. 03.2026. 06. 03.368098
CVE-2025-15655Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') v ...2026. 06. 03.2026. 06. 03.368096
CVE-2025-14774Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.2026. 06. 03.2026. 06. 03.368102
CVE-2025-14773Improper neutralization of input during web page generation ('cross-site scripting') v ...2026. 06. 03.2026. 06. 03.368103
CVE-2025-14772Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue aff ...2026. 06. 03.2026. 06. 03.368101
CVE-2025-14771Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue ...2026. 06. 03.2026. 06. 03.368100
CVE-2025-15654Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 03.2026. 06. 03.368094
CVE-2025-15653Dr ger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations contain a loca ...2026. 06. 03.2026. 06. 03.368077
CVE-2025-64390A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13. ...2026. 06. 02.2026. 06. 03.368026
CVE-2025-69369Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.341190
CVE-2025-68886Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.367932
CVE-2025-58897Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.367931
CVE-2025-58707Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.367930
CVE-2025-58705Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.367917
CVE-2025-58024Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.326142
CVE-2025-53440Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File ...2026. 06. 02.2026. 06. 02.367916
CVE-2025-53346Missing Authorization vulnerability in ThimPress Thim Core allows Exploiting Incorrectly Configu ...2026. 06. 02.2026. 06. 02.320510
CVE-2025-53345Missing Authorization vulnerability in ThimPress Thim Core. This issue affects Thim Core: from n ...2026. 06. 02.2026. 06. 02.367912
CVE-2025-53302Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality ...2026. 06. 02.2026. 06. 02.314588
CVE-2025-53209Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Esc ...2026. 06. 02.2026. 06. 02.315590
CVE-2025-52766Missing Authorization vulnerability in Printeers Printeers Print Ship allows Exploiting Incorr ...2026. 06. 02.2026. 06. 02.367908
CVE-2025-52759Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') v ...2026. 06. 02.2026. 06. 02.367910
CVE-2025-5085The WP Nano AD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blogro ...2026. 06. 02.2026. 06. 02.367888
CVE-2025-59614Memory Corruption when sending random number generator command with insufficient output buffer size.2026. 06. 02.2026. 06. 02.367795
CVE-2025-48652In performPreInstallChecks of InstallRepository.kt, there is a possible way to bypass MDM policy ...2026. 06. 02.2026. 06. 02.367842
CVE-2025-48649In multiple locations, there is a possible way to reset user-selected permissions selections due ...2026. 06. 02.2026. 06. 02.367841
CVE-2025-48648In isSameApp of NotificationManagerService.java, there is a possible persistent dos due to resou ...2026. 06. 02.2026. 06. 02.367832
CVE-2025-48616In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown ...2026. 06. 02.2026. 06. 02.367831
CVE-2025-48595In multiple locations, there is a possible way to achieve code execution due to an integer overf ...2026. 06. 02.2026. 06. 02.367830
CVE-2025-48570In multiple functions of PipTaskOrganizer.java, there is a possible way to launch an activity fr ...2026. 06. 02.2026. 06. 02.367840
CVE-2025-32348In multiple locations, there is a possible background activity launch due to a missing permissio ...2026. 06. 02.2026. 06. 02.367839
CVE-2025-26418In setUserDisclaimerAcknowledged of CarDevicePolicyService.java, there is a possible way to bypa ...2026. 06. 02.2026. 06. 02.367829
CVE-2025-22426In many functions of ComputerEngine.java, there is a possible way to access URIs across users du ...2026. 06. 02.2026. 06. 02.367838
CVE-2025-22424In multiple locations, there is a possible way to reveal images across users due to improper inp ...2026. 06. 02.2026. 06. 02.367837
CVE-2025-59613Memory Corruption when output buffer size is smaller than input buffer size during data copying ...2026. 06. 02.2026. 06. 02.367781
CVE-2025-59612Memory corruption in windows drivers while sending incorrect trusted application request2026. 06. 02.2026. 06. 02.367786
CVE-2025-59611Memory corruption in diagnostic services due to absence of input validation2026. 06. 02.2026. 06. 02.367785
CVE-2025-59610Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent ...2026. 06. 02.2026. 06. 02.367784
CVE-2025-59609Information Disclosure when processing advertisement frames with malformed MBSSID elements of in ...2026. 06. 02.2026. 06. 02.367780
CVE-2025-59606Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion ...2026. 06. 02.2026. 06. 02.367783
CVE-2025-59605Memory Corruption when processing device identifier strings that exceed the expected maximum length.2026. 06. 02.2026. 06. 02.367782
CVE-2025-59604Memory Corruption when running a memory copy operation due to invalid writes caused by a null po ...2026. 06. 02.2026. 06. 02.367779
CVE-2025-59601Information Disclosure when resetting device to factory default settings through powerline inter ...2026. 06. 02.2026. 06. 02.367778
CVE-2025-70099A NULL pointer dereference in the ext4_dir_en_get_name_len function in include/ext4_dir.h of lwe ...2026. 06. 01.2026. 06. 02.367770
CVE-2025-60495A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of ...2026. 06. 01.2026. 06. 01.367650
CVE-2025-60486A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box ...2026. 06. 01.2026. 06. 01.367657
CVE-2025-60485A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of GP ...2026. 06. 01.2026. 06. 01.367651
CVE-2025-60483A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/a ...2026. 06. 01.2026. 06. 01.367656
CVE-2025-60481A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Pr ...2026. 06. 01.2026. 06. 01.367655
CVE-2025-55664A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v ...2026. 06. 01.2026. 06. 01.367654
CVE-2025-68154systeminformation is a System and OS information library for node.js. In versions prior to 5.27. ...2026. 06. 01.2026. 06. 01.336918

2024

CVE설명제출모더레이션항목
CVE-2024-47273An improper limitation of a pathname to a restricted directory ('Path Traversal') vuln ...2026. 06. 03.2026. 06. 03.368117
CVE-2024-47263An improper limitation of a pathname to a restricted directory ('Path Traversal') vuln ...2026. 06. 03.2026. 06. 03.368118
CVE-2024-14036Dr ger Core 1.0.5 and Dr ger M540 Converter Service 1.0.9 contain a denial of service vulnerabil ...2026. 06. 03.2026. 06. 03.368031
CVE-2024-42206HCL iReflection Third party vulnerable and outdated components issue was detected in the web app ...2026. 06. 02.2026. 06. 02.368009
CVE-2024-52011launch-editor allows users to open files with line numbers in editor from Node.js. Prior to vers ...2026. 06. 01.2026. 06. 01.367711
CVE-2024-40646Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching vide ...2026. 06. 01.2026. 06. 01.367653
CVE-2024-56334systeminformation is a System and OS information library for node.js. In affected versions SSIDs ...2026. 06. 01.2026. 06. 01.289114

2023

CVE설명제출모더레이션항목
CVE-2023-52951A cleartext transmission of sensitive information vulnerability in Synology Note Station Client ...2026. 06. 03.2026. 06. 03.368125
CVE-2023-42810systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 hav ...2026. 06. 01.2026. 06. 01.240145

2022

CVE설명제출모더레이션항목
CVE-2022-31114backpack/crud provides Create, Read, Update Delete (CRUD) functions for Backpack, a collection ...2026. 06. 03.2026. 06. 03.368147
CVE-2022-49042An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component ...2026. 06. 03.2026. 06. 03.368123
CVE-2022-49036An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configurati ...2026. 06. 03.2026. 06. 03.368116
CVE-2022-4992Dr ger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1 ...2026. 06. 03.2026. 06. 03.368030
CVE-2022-4991Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory tha ...2026. 06. 01.2026. 06. 01.367679

2021

CVE설명제출모더레이션항목
CVE-2021-4481Dr ger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerabi ...2026. 06. 03.2026. 06. 03.368049
CVE-2021-4480Dr ger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerabi ...2026. 06. 03.2026. 06. 03.368048
CVE-2021-4479Dr ger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulner ...2026. 06. 02.2026. 06. 03.368019
CVE-2021-4478Dr ger CC-Vision Basic before 7.5.3 and Dr ger CC-Vision E-Cal before 7.2.5.0 contain an out-of- ...2026. 06. 02.2026. 06. 03.368024
CVE-2021-46747Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker w ...2026. 06. 01.2026. 06. 02.367769
CVE-2021-21388systeminformation is an open source system and OS information library for node.js. A command inj ...2026. 06. 01.2026. 06. 01.174348
CVE-2021-21315The System Information Library for Node.JS (npm package \ systeminformation\ ) is an open source ...2026. 06. 01.2026. 06. 01.169997

2020

CVE설명제출모더레이션항목
CVE-2020-7778This affects the package systeminformation before 4.30.2. The attacker can overwrite the propert ...2026. 06. 01.2026. 06. 01.165370
CVE-2020-7752This affects the package systeminformation before 4.27.11. This package is vulnerable to Command ...2026. 06. 01.2026. 06. 01.163659
CVE-2020-26300systeminformation is an npm package that provides system and OS information library for node.js. ...2026. 06. 01.2026. 06. 01.182316
CVE-2020-26274In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerabil ...2026. 06. 01.2026. 06. 01.166472
CVE-2020-26245npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading ...2026. 06. 01.2026. 06. 01.165413

2019

CVE설명제출모더레이션항목
CVE-2019-25720Dr ger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a deni ...2026. 06. 03.2026. 06. 03.368191
CVE-2019-25724Dr ger Infinity M300 patient worn monitors with software version VG2.x and earlier contain a net ...2026. 06. 02.2026. 06. 03.368023
CVE-2019-25723Dr ger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vuln ...2026. 06. 02.2026. 06. 03.368022
CVE-2019-25722Dr ger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain hard-c ...2026. 06. 02.2026. 06. 03.368025
CVE-2019-25721Dr ger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a n ...2026. 06. 02.2026. 06. 03.368021
CVE-2019-25719Dr ger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software ...2026. 06. 02.2026. 06. 02.367948
CVE-2019-25717Dr ger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vu ...2026. 06. 02.2026. 06. 02.91695
CVE-2019-25716Dr ger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerab ...2026. 06. 02.2026. 06. 02.91696
CVE-2019-25718Dr ger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attacker ...2026. 06. 02.2026. 06. 02.91697

2018

CVE설명제출모더레이션항목
CVE-2018-25435ZeusCart 4.0 contains a cross-site request forgery vulnerability that allows attackers to perfor ...2026. 06. 02.2026. 06. 02.367828
CVE-2018-25434WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attacker ...2026. 06. 02.2026. 06. 02.367761
CVE-2018-25433Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauth ...2026. 06. 02.2026. 06. 02.367765
CVE-2018-25432Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute a ...2026. 06. 02.2026. 06. 02.367827
CVE-2018-25431No-Cms 1.0 contains an SQL injection vulnerability in the order_by parameter of the manage_privi ...2026. 06. 02.2026. 06. 02.367826
CVE-2018-25430Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to e ...2026. 06. 02.2026. 06. 02.367816
CVE-2018-25429Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to e ...2026. 06. 02.2026. 06. 02.367815
CVE-2018-25428Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to ...2026. 06. 02.2026. 06. 02.367768
CVE-2018-25427Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers ...2026. 06. 02.2026. 06. 02.367819
CVE-2018-1337In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it pos ...2026. 06. 01.2026. 06. 01.121144

이전개요다음

Might our Artificial Intelligence support you?

Check our Alexa App!