1257426 matches found
CVE-2026-15133 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-15126 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-15127 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-15123 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-15121 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-15112 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-15110 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-55772
creationtimestamp| type| source ---|---|--- 2026-07-13 20:01:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqkiaynjc32c 2026-07-13 22:10:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqkpi3vawq27...
Important: Red Hat Security Advisory: openexr security update
An update for openexr is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Security Bulletin: Vulnerability in undici bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage
Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the undici library, which is affected by a denial of service vulnerability. CVE-2026-22036 Vulnerability Details CVEID:CVE-2026-22036 DESCRIPTION: Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0,...
Next.js - Server Side Request Forgery (SSRF)
Next.Js, inferior to version 14.1.1, have its image optimization built-in component prone to SSRF. id: CVE-2024-34351 info: name: Next.js - Server Side Request Forgery SSRF author: righettod severity: high description: | Next.Js, inferior to version 14.1.1, have its image optimization built-in...
CVE-2026-61500
Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie signing key from the non-cryptographic Math.random generator and discloses outputs of the same generator to unauthenticated clients during login. A remote attacker can collect a small number of login responses, reconstruct the generator's...
CVE-2026-49970
Vulnerability summary: Laravel-Mediable before 7.0.0 contains a path traversal flaw in File::sanitizePath() that lets attackers write uploaded files to arbitrary locations via MediaUploader::toDestination(), due to a permissive regex allowing dot/slash and a weak trailing trim. This can enable re...
CVE-2026-58228
Summary: CVE-2026-58228 affects phoenix_live_view (Phoenix.LiveView.Utils) and enables XSS via due to scheme validation bypass. The root cause is the internal uri_scheme/1 helper in Phoenix.LiveView.Utils that only detects schemes when the first byte is an ASCII letter; inputs starting with ASCI...
Security Bulletin: IBM DataStage Flow Designer application is affected by an information disclosure vulnerability (CVE-2026-9836)
Summary An information disclosure vulnerability was addressed in IBM DataStage Flow Designer . Vulnerability Details CVEID:CVE-2026-9836 DESCRIPTION: IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability. CWE:CWE-200: Exposure of...
ROOT-APP-MAVEN-CVE-2026-22732 CVE-2026-22732 in io.root.org.springframework.security:spring-security-web - Patched by Root
Root has patched CVE-2026-22732 in the io.root.org.springframework.security:spring-security-web package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-22748 CVE-2026-22748 in io.root.org.springframework.security:spring-security-oauth2-jose - Patched by Root
Root has patched CVE-2026-22748 in the io.root.org.springframework.security:spring-security-oauth2-jose package for Root:Maven. Multiple fixed versions available...
CVE-2026-42127 vulnerabilities
Vulnerabilities for packages: grafana...
ROOT-APP-NPM-CVE-2026-42338 CVE-2026-42338 in @rootio/ip-address - Patched by Root
Root has patched CVE-2026-42338 in the @rootio/ip-address package for Root:npm. Multiple fixed versions available...
CVE-2026-40553
creationtimestamp| type| source ---|---|--- 2026-07-13 12:15:08+00:00| seen| https://cert.pl/en/posts/2026/07/CVE-2026-40467 2026-07-13 13:48:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjtfjqc2y26 2026-07-13 16:14:50+00:00| seen|...