11084 matches found
agent-context-packager (>=0.3.0 <=0.3.3), agentcrew-ai (>=0.6.0 <=0.6.11.post2) +236 more potentially affected by CVE-2026-31248 via docling (>=1.11.0 <=2.90.0)
docling PYPI version =1.11.0, =0.3.0, =0.6.0, =0.1.4, =0.3.2, =0.2.5, =0.4.0, =0.2.0, =26.5.333, =0.0.2, =0.1.0, =1.0.3, =1.0.0, =1.0.3 and more Source cves: CVE-2026-31248 Source advisory: SNYK:PYTHON-DOCLING-16757932...
NPM: Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
Incomplete Fix Follow-Up vulnerability discovered by ? in WordPress Npm next versions = 15.2.0, 15.5.18...
11x-wagtail-blog (>=0.0.0 <=0.2.0), adede (=4.1.0) +202 more potentially affected by CVE-2026-44200 via wagtail (>=1.0.0 <=7.0.0)
wagtail PYPI version =1.0.0, =0.0.0, =0.57.1, =0.1.0a0.dev0, =4.1.0, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =6.3.8 and more Source cves: CVE-2026-44200 Source advisory: OSV:PYSEC-2026-149...
NPM: Next.js vulnerable to cross-site scripting in App Router applications using CSP nonces
NPM: Next.js vulnerable to cross-site scripting in App Router applications using CSP nonces vulnerability discovered by ? in WordPress Npm next versions = 13.4.0, 15.5.16...
NPM: Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes
NPM: Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes vulnerability discovered by ? in WordPress Npm next versions = 15.2.0, 15.5.16...
NPM: Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n
NPM: Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n vulnerability discovered by ? in WordPress Npm next versions = 12.2.0, 15.5.16...
blrec (>=1.8.0 <=2.0.0b5), dagster-looker (>=0.26.6 <=0.29.8) +6 more potentially affected by CVE-2026-45017 via python-liquid (>=1.10.2 <=2.0.2)
python-liquid PYPI version =1.10.2, =1.8.0, =0.26.6, =0.8.0, =0.1.1, =0.1.0, =0.1.0, =0.4.0, =0.0.1, =0.3.0 Source cves: CVE-2026-45017 Source advisory: OSV:GHSA-8P4X-WR7X-3788...
NPM: Facebook React has a Denial of Service Vulnerability in React Server Components
NPM: Facebook React has a Denial of Service Vulnerability in React Server Components discovered by ? in WordPress Npm react-server-dom-parcel versions = 19.0.0, 19.0.6...
bsky2llm (=0.1.0), downitall-android (=1.5.0) +14 more potentially affected by CVE-2026-44353 via streamlink (>=0.14.2 <=8.0.0)
streamlink PYPI version =0.14.2, =0.3.0, =0.0.1, =0.0.18, =1.0.0, =0.12.0, =0.1.14, =1.1.0, =0.0.1, =2.1.0, =3.4.0b2 - twitch-fapi-backend =0.1.0 and more Source cves: CVE-2026-44353 Source advisory: OSV:GHSA-HGQW-6M45-HW5F...
Sonatype Nexus Repository Manager 代码问题漏洞
Sonatype Nexus Repository Manager NXRM is a repository manager developed by Sonatype, Inc., in the United States. It is primarily used for managing, storing, and distributing software. Versions of Sonatype Nexus Repository Manager from 3.0.0 to 3.91.1 contained code vulnerabilities. These...
Wikimedia CheckUser 信息泄露漏洞
Wikimedia CheckUser is a advanced investigation tool of the Wikimedia Foundation designed to combat disruptive behavior. Versions of Wikimedia CheckUser from 1.45.0 to 1.45.2 contained a vulnerability related to information leakage, which resulted in sensitive information being exposed to...
MinIO 路径遍历漏洞
MinIO is an open-source object storage server developed by the American company MinIO. This product supports the creation of infrastructures for machine learning, analysis, and application data workloads. Versions of MinIO from RELEASE.2022-07-24T01-54-52Z to RELEASE.2026-04-14T21-32-45Z had a pa...
DEBIAN-CVE-2026-45190
Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...
CVE-2026-45190
Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...
aoh (>=1.0.1 <=1.1.0), beratools (=0.2.2) +25 more potentially affected by CVE-2026-8213 via gdal (>=3.0.1 <=3.12.1)
gdal PYPI version =3.0.1, =1.0.1, =0.1.1, =0.0.7, =2.0.1, =0.4.0, =0.2.92, =0.9.2, =0.10.3, =0.4.5, =2.6.0, =2.7.0 - hyp3lib =4.0.1 and more Source cves: CVE-2026-8213 Source advisory: SNYK:PYTHON-GDAL-16624509...
PT-2026-39539
Name of the Vulnerable Software and Affected Versions Net::CIDR::Lite versions prior to 0.24 Description Improper validation of CIDR mask values allows extraneous zero characters to be processed. Mask forms such as "/00" and "/01" pass validation and are parsed as the same prefix as their unpadde...
Fedora 42 : prosody (2026-1efa008794)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1efa008794 advisory. Prosody 13.0.5 Upstream is pleased to announce a new minor release from their stable branch. This is a security release for the Prosody 13.0.x stabl...
CVE-2026-42574 apko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build root
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before version 1.2.5, a crafted .apk could install a TypeSymlink tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same o...
OESA-2026-2230 uriparser security update
The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...
SUSE CVE-2026-8149
A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X8664, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-LTS: from 2.73.0 before 2.73.11...