Lucene search
+L

23526 matches found

NVD
NVD
added yesterday6 views

CVE-2026-44722

pyzipper is a replacement for Python's zipfile that can read and write AES encrypted zip files. Prior to 0.4.0, a Python operator precedence bug in pyzipper/zipfileaes.py caused the AE-2 format to never be automatically selected during encryption, causing encrypted entries to be written in AE-1...

6.2CVSS0.00009EPSS
Exploits0References3
NVD
NVD
added 2 days ago10 views

CVE-2026-53598

Prompty is a markdown file format .prompty for LLM prompts. Prior to 2.0.0-beta.2, Prompty loaders expanded $file:... references in .prompty frontmatter without enforcing that resolved paths stayed within the prompt directory or allowed roots, allowing an attacker-controlled prompt file to read...

7.5CVSS0.01057EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago6 views

Malicious code in time-format-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 168d334d742003cf94d8b87ba56cd72694081ade01f6814062e58ebdc47d8594 On npm install, the package's postinstall script decodes base64-encoded shell payloads and executes them via an obfuscated childprocess.exec lookup...

6.1AI score
Exploits0References3
CVE
CVE
added 2 days ago16 views

CVE-2026-11386

Summary: CVE-2026-11386 affects Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools). The package builds APT source files by interpolating contract server data from directives.suites[] and directives.aptURL without escaping or validation, allowing newline characters to inject attacker-co...

9CVSS6.4AI score0.00317EPSS
Exploits0References1
Nuclei
Nuclei
added 2 days ago24 views

osTicket - Arbitrary File Read

Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...

8.7CVSS6.3AI score0.73125EPSS
Exploits3References3
RedhatCVE
RedhatCVE
added 2 days ago7 views

CVE-2026-61863

A flaw was found in ImageMagick. When processing a Tagged Image File Format TIFF image, a small memory leak can occur if the TIFF encoder is unable to create a temporary file. This can lead to a gradual consumption of system memory, potentially impacting the availability of the application...

7.5CVSS6AI score0.00187EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-44723

Composer is a dependency Manager for the PHP language. Prior to 1.10.28, 2.2.28, and 2.9.8, Composer\IO\BaseIO::loadConfiguration validates GitHub OAuth tokens with the regex ^.A-Za-z0-9+$ and interpolates rejected tokens into an UnexpectedValueException; GitHub Actions GITHUBTOKEN values using t...

7.5CVSS6AI score0.00519EPSS
Exploits0References9
NVD
NVD
added 3 days ago6 views

CVE-2026-61869

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the MIFF encoder that occurs when a memory allocation fails during MIFF image processing, which can lead to denial of service...

2.9CVSS0.00102EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-61872 ImageMagick before 7.1.2-26 Memory Leak via TIFF Encoder

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the TIFF encoder when an invalid tiff:tile-geometry is specified. Supplying malformed tile geometry parameters causes allocated memory not to be released, which can lead to increased memory consumption...

2.5CVSS0.00096EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-44616

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the TIFF encoder when memory allocation fails. Attackers can trigger allocation failures during TIFF image processing to cause memory exhaustion and denial of service...

2.9CVSS6.1AI score0.00102EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-44612

ImageMagick before 7.1.2-26 and 6.x before 6.9.13-51 contains a memory leak in the TIFF encoder that occurs when a temporary file cannot be created, resulting in a small memory leak...

2.9CVSS6.1AI score0.00187EPSS
Exploits0References2
NVD
NVD
added 4 days ago5 views

CVE-2026-50498

Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...

7.8CVSS0.00343EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-49790

Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...

7.3CVSS0.00314EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-50498

CVE-2026-50498 affects the Windows Universal Disk Format File System Driver (UDFS) and is an Elevation of Privilege vulnerability in the UDFS component. The root cause is described as a privilege/escalation condition within the Windows UDFS driver, leading to local privilege escalation with a hig...

7.8CVSS6.1AI score0.00343EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 days ago4 views

CVE-2026-50498 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.00343EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago26 views

CVE-2026-49790 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

...

7.3CVSS0.00314EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-49790

Technical details about CVE-2026-49790 are not publicly provided in the supplied documents. No confirmed affected products, root cause, or remediation are described here. Monitor for updates from official advisories for concrete technical information.

7.3CVSS6.1AI score0.00314EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 days ago3 views

CVE-2026-49790 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

...

7.3CVSS6.1AI score0.00314EPSS
Exploits0References1
OSV
OSV
added 4 days ago3 views

DEBIAN-CVE-2026-62641

In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the TNEF decoder was subject to denial of service via a crafted compressed-RTF size...

4.3CVSS6.1AI score0.00234EPSS
Exploits0References1
OSV
OSV
added 4 days ago3 views

DEBIAN-CVE-2026-59198

Pillow is a Python imaging library. From 5.2.0 until 12.3.0, Pillow's TGA RLE encoder reads past its packed row buffer when saving a mode 1 image with TGA RLE compression, allowing adjacent process heap bytes to be copied into the generated TGA file. This issue is fixed in version 12.3.0...

7.5CVSS6.1AI score0.00313EPSS
Exploits1References1
Rows per page
Query Builder