CVE-2026-28498

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect OIDC ID Tokens. Specifically, the internal hash verification logic verifyhash...

GHSA-FRGX-W57M-9M62 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-FJ9C-H67P-PH2J vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-CGHR-H62W-2FC6 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-CFXF-MMWJ-6763 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-FJ9C-H67P-PH2J vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-CFXF-MMWJ-6763 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-7C9P-58X7-4WJX vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-3941 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-CGHR-H62W-2FC6 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-3934 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-26127 vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

CVE-2026-31802 vulnerabilities

Vulnerabilities for packages: tileserver-gl, saf, kubeflow-centraldashboard, node-gyp, pulumi, renovate, sqlpad, lerna...

GHSA-5WMX-573V-2QWQ vulnerabilities

Vulnerabilities for packages: awx, superset...

CVE-2026-27940

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

GHSA-7XRH-HQFC-G7QR vulnerabilities

Vulnerabilities for packages: kserve-modelmesh, solr, strimzi-kafka-operator, zookeeper, trino, apache-activemq-artemis, apache-pulsar, spark, apache-nifi, akhq...

CVE-2025-69219 vulnerabilities

Vulnerabilities for packages: airflow...

CVE-2025-67873 affecting package rust for versions less than 1.90.0-4

CVE-2025-67873 affecting package rust for versions less than 1.90.0-4. A patched version of the package is available...

CVE-2026-29786 vulnerabilities

Vulnerabilities for packages: sqlpad, npm, opensearch-dashboards, saf, tileserver-gl-fips, pulumi, wazuh-dashboard-fips, redisinsight, prism, node-gyp, actions-runner, lerna, tileserver-gl, opensearch-dashboards-fips, wazuh-dashboard, graalvm, kibana, renovate...

CVE-2026-28690

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data...