39473 matches found
CVE-2026-39949
This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...
PT-2026-51404
Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.8.7 Description Multiple security issues affect the Crawl4AI Docker API server. The software is susceptible to Server-Side Request Forgery SSRF, a condition where an attacker can induce the server to make requests ...
Malicious code in prettier_v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea8303f0cea5f415b8a0ba74e959d0501fcb3142ee9320fa50668674c578e4bb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in numdifftools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c6d98d619244a4f34ba9c2ed85023e35f4064b0a45871edac806d1e8cdeff11 The npm package numdifftools is an empty shell zero-byte index.js that exists solely to fire a preinstall lifecycle hook. The hook runs node -e to...
GHSA-RRMF-RVHW-RF47 vulnerabilities
Vulnerabilities for packages: py3-torch-cuda-12.8, open-webui, py3-torch-cuda-12.4, py3-torch-cuda-13.2, nemo, py3-torch-cuda-13.1, py3-torch-cuda-13.0, py3-torch-cuda-13.3, py3-torch-cuda-12.6, py3-torch-cuda-12.9...
Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2026-1605
Summary Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2026-1605, CVE-2026-1605 is a high-severity vulnerability in the Eclipse Jetty web server caused by improper resource management in the GzipHandler component. IBM Engineering Systems Design Rhapsody has resolve...
Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925
Summary Security Bulletin: IBM Engineering Systems Design Rhapsody was using Older version of Java which as per Oracle's January 2026 Critical Patch Update, all affecting Oracle Java SE and related GraalVM runtimes. Collectively, they highlight weaknesses in how Java handles untrusted code,...
Linux Distros Unpatched Vulnerability : CVE-2026-8357
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening...
Linux Distros Unpatched Vulnerability : CVE-2026-10143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker ...
CVE-2025-55643
A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55649
A NULL pointer dereference in the gfmediamapesd function mediatools/isomtools.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55650
A heap use-after-free in the gfnodegettag function scenegraph/basescenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2026-11526
GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open of filename arguments in makefilehandle. GD::Image::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd |" or begins with a...
GHSA-248M-82V9-Q6G6 vulnerabilities
Vulnerabilities for packages: open-webui, litellm...
CVE-2026-48156 vulnerabilities
Vulnerabilities for packages: open-webui, litellm...
CVE-2026-48059 vulnerabilities
Vulnerabilities for packages: thingsboard, celeborn, management-api-for-apache-cassandra-5.0, apache-activemq-artemis, apicurio-registry, zipkin, tez, neo4j, apache-pulsar...
GHSA-H2QV-FJ59-J46J vulnerabilities
Vulnerabilities for packages: thingsboard, celeborn, management-api-for-apache-cassandra-5.0, apache-activemq-artemis, apicurio-registry, zipkin, tez, neo4j, apache-pulsar...
CVE-2026-48096 vulnerabilities
Vulnerabilities for packages: grafana...
CVE-2026-11697 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-11638 vulnerabilities
Vulnerabilities for packages: chromium...