2849234 matches found
CVE-2026-58203
creationtimestamp| type| source ---|---|--- 2026-07-06 16:04:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpyhq5g5xd27...
CVE-2025-53827
creationtimestamp| type| source ---|---|--- 2026-07-06 16:02:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpyhmrqo542c 2026-07-06 17:24:05+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mpym7ct5ri23...
CVE-2025-53830
creationtimestamp| type| source ---|---|--- 2026-07-06 16:00:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpyhjmgtvk2d 2026-07-06 16:24:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mpyity4fct2z...
CVE-2026-59196
creationtimestamp| type| source ---|---|--- 2026-07-06 15:58:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpyhgmpw5b27...
CVE-2026-5268
creationtimestamp| type| source ---|---|--- 2026-07-06 15:57:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpyhdrykfp22 2026-07-06 19:26:08+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mpyszhqb762x...
EUVD-2026-41885
Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel Versions Affected: before 3.0.0-M4 libsvm document categorization module; introduced in OPENNLP-1808 and only present on the 3.x line Description: SvmDoccatModel.deserializeInputStream reads an attacker-controlled stream with...
BIT-PYTHON-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()
Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...
CVE-2026-5268
Technical details about CVE-2026-5268 are not publicly provided in the supplied documents. No affected products, versions, root cause, or remediation are enumerated here. Monitor for updates and additional technical disclosures.
BIT-LIBPYTHON-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation
To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...
CVE-2026-59195
CVE-2026-59195 affects pnpm prior to versions 10.34.4 and 11.8.0. The issue arises when pnpm reads package names from the env lockfile’s configDependencies section and uses those names directly to create config dependency symlinks under node_modules/.pnpm-config. A crafted pnpm-lock.yaml with a t...
ROOT-APP-NUGET-CVE-2026-40894 CVE-2026-40894 in Rootio.OpenTelemetry.Api - Patched by Root
Root has patched CVE-2026-40894 in the Rootio.OpenTelemetry.Api package for Root:NuGet. Multiple fixed versions available...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.5 security update
Important: Red Hat OpenShift GitOps v1.19.5 security update An update is now available for Red Hat OpenShift GitOps...
CVE-2026-59196 pnpm: hoisted install imports lockfile alias outside node_modules
pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a crafted lockfile alias could be joined directly under a hoisted nodemodules directory. Traversal aliases could escape that directory, while reserved aliases such as .bin or .pnpm could overwrite pnpm-owned layout. This vulnerability is fix...
EUVD-2026-41882
pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a crafted lockfile alias could be joined directly under a hoisted nodemodules directory. Traversal aliases could escape that directory, while reserved aliases such as .bin or .pnpm could overwrite pnpm-owned layout. This vulnerability is fix...
EUVD-2025-210434
Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to Server-Side Request Forgery SSRF. This corresponds to versions of ownCloud 10 prior to 10.15.3. Upgrade...
CVE-2026-59194
PnPM vulnerability CVE-2026-59194 affects the patch-remove feature. A crafted patch entry could resolve outside the configured patches directory, causing patch-remove to delete an arbitrary reachable file. The issue is fixed in pnpm versions 10.34.4 and 11.7.0. The connected documents do not prov...
Security Bulletin: IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables (CVE-2025-36372)
Summary IBM® Db2® could disclose sensitive information such as access keys to an authenticated user from the monitoring and event tables. CVE-2025-36372 Vulnerability Details CVEID:CVE-2025-36372 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows...
EUVD-2026-41880
OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...
CVE-2026-58203
CVE-2026-58203 affects pydantic-settings, specifically NestedSecretsSettingsSource. From 2.12.0 through 2.14.2, when secrets_nested_subdir is true, a directory entry that is a symbolic link to outside secrets_dir is followed, enabling reading files outside the configured directory and bypassing s...
EUVD-2026-41878
pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...