BELL-CVE-2026-46314

Bulletin has no description...

CVE-2026-11669

creationtimestamp| type| source ---|---|--- 2026-06-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260609...

PT-2026-47321

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description An out-of-bounds read occurs when using mod headers and mod mime in conjunction with multiple response languages. An out-of-bounds read is a condition where a program reads data past...

CVE-2026-11032

An insufficient data validation flaw was found in the Password Manager component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497831111...

@accounter/client (>=0.0.3 <=0.0.12-alpha-20260427054851-6925deba4595cf0c72d3875df0a094608b394a27), @appigram/react-code-split-ssr (=1.3.7) +159 more potentially affected by CVE-2026-42211 via react-router (>=7.0.0 <=7.14.1)

react-router NPM version =7.0.0, =0.0.3, =0.0.2, =3.5.2, =1.1.0, =1.0.1-MON-198808-web-js-deps-batch-1.0, =0.0.1, =3.4.9, =0.1.9, =0.3.1, =0.5.1 and more Source cves: CVE-2026-42211 Source advisory: OSV:GHSA-49RJ-9FVP-4H2H...

@aamini/config (>=0.0.1 <=0.0.13), @baic/preset-yolk-taro-miniprogram (>=2.1.0-alpha.278 <=2.1.0-alpha.281) +9 more potentially affected by CVE-2026-47428 via @vitest/browser (>=4.0.17 <=4.1.5)

@vitest/browser NPM version =4.0.17, =0.0.1, =2.1.0-alpha.278, =2.1.0-alpha.278, =2.1.0-alpha.278, =2.1.0-alpha.278, =2.1.0-alpha.278, =4.0.2, =4.0.2, =4.0.2, =0.5.0, =0.1.13, =0.2.2 Source cves: CVE-2026-47428 Source advisory: SNYK:JS-VITESTBROWSER-17120486...

CVE-2026-10204 OFCMS JSON Query SysUserController.java query sql injection

A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression ...

GHSA-49PV-JM6V-MV97 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-6W53-H492-P28F vulnerabilities

Vulnerabilities for packages: chromium...

0pflow (>=0.1.0 <=0.1.0-dev.f5622ac), 0xble (>=14.0.0 <=23.2.2) +9430 more potentially affected by CVE-2026-8768 via @ai-sdk/provider-utils (>=0.0.0-b66d09a8-20260328011513 <=5.0.0-canary.44)

@ai-sdk/provider-utils NPM version =0.0.0-b66d09a8-20260328011513, =0.1.0, =14.0.0, =1.1.5, =0.1.0, =1.0.0, =0.0.2, =0.1.6, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =0.1.0, =1.1.0, =0.1.0-alpha.1, =0.7.1 and more Source cves: CVE-2026-8768 Source advisory:...

io.github.davidalmeidac:sealed-env-spring-boot-starter (>=0.1.0-alpha.1 <=0.1.0-alpha.3) potentially affected by CVE-2026-45091 via io.github.davidalmeidac:sealed-env-core (>=0.1.0-alpha.1 <=0.1.0-alpha.3)

io.github.davidalmeidac:sealed-env-core MAVEN version =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3 Source cves: CVE-2026-45091 Source advisory: OSV:GHSA-X3R2-FJ3R-G5MV...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +3524 more potentially affected by CVE-2026-42583 via io.netty:netty-codec-compression (>=4.2.0.Alpha3 <=4.2.12.Final)

io.netty:netty-codec-compression MAVEN version =4.2.0.Alpha3, =0.1.0, =0.1.0, =4.7.4, =4.7.4, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42583 Source advisory: OSV:GHSA-MJ4R-2HFC-F8P6...

CVE-2025-63704

NPM package query-parser-string 1.0.0 is vulnerable to Prototype Pollution. The package does not properly sanitize user supplied query parameters and merges them to the newly created object...

com.brihaspathee.artemis:config-server (>=0.0.1 <=1.0.2), com.brihaspathee.sapphire:config-server (>=1.0.0 <=1.0.7) +17 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=4.0.0 <=4.3.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.0.0, =0.0.1, =1.0.0, =3.0.3, =0.5, =0.0.1, =0.1.41-Beta, =1.0.1, =1.2.1-rc1, =7.0.0, =7.0.0, =26.01.01, =26.05.07 - org.octopusden.cloud.config-server:config-server =2.0.4 and more Source cves: CVE-2026-41004 Source advisory:...

arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-6907 via django (>=5.2.0 <=5.2.13)

django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-6907 Source advisory: OSV:PYSEC-2026-55...

CVE-2026-7629

A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has...

CVE-2026-7384

creationtimestamp| type| source ---|---|--- 2026-04-29 18:30:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mknq7z3zed2v...

CVE-2026-7388

CVE-2026-7388 affects EyouCMS up to version 1.7.9, specifically the Template File Handler’s FilemanagerLogic.php editFile function. The weakness enables code injection via remote manipulation of the editFile workflow. Public exploit appears available and the vendor has not publicly responded to t...

BELL-CVE-2026-31477

Bulletin has no description...