CVE-2026-41413

A flaw was found in Istio. When a RequestAuthentication resource is created with a jwksUri JSON Web Key Set Uniform Resource Identifier that points to an internal service, istiod the Istio control plane daemon makes an unauthenticated HTTP GET request to that URL. This request does not properly...

CVE-2026-41493

A flaw was found in YARD, a Ruby Documentation tool. When using yard server to serve documentation, a path traversal vulnerability allows a remote attacker to access arbitrary files on the host machine through unsanitized HTTP requests. This could lead to unauthorized information disclosure from...

CVE-2026-41682

A flaw was found in pupnp, an SDK for developing Universal Plug and Play UPnP applications. This vulnerability, known as Server-Side Request Forgery SSRF, arises from port truncation in the parseuri function. A remote attacker can exploit this flaw to confuse port assignments, potentially enablin...

CVE-2026-41071

A flaw was found in libheif, a library for decoding and encoding HEIF High Efficiency Image File Format and AVIF files. A remote attacker could exploit this vulnerability by providing a specially crafted HEIF sequence file. When parsing the file, if the saiz sample auxiliary information box...

CVE-2026-40473

A flaw was found in the camel-mina component of Apache Camel. This vulnerability allows a remote attacker to achieve arbitrary code execution by sending a specially crafted serialized Java object over the network to the MINA consumer port. The MinaConverter.toObjectInput type converter, used when...

CVE-2026-9256

A flaw was found in the ngxhttprewritemodule module of NGINX. When a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures and a replacement string that references multiple such captures in a redirect or arguments context, an...

CVE-2018-25356

A flaw was found in SIPp. A local attacker can exploit a buffer overflow vulnerability by providing oversized input to command-line arguments, such as -3pcc, -i, or -logfile. This can lead to arbitrary code execution or cause the application to crash, resulting in a denial of service...

CVE-2026-48831

A flaw was found in Wine. Wine's desktop file registers itself to handle Windows executable EXE files. In some configurations, opening an EXE file can cause it to run automatically with the user's permissions, without further prompts. This allows an attacker to bypass security sandboxes like...

CVE-2026-44431

A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...

CVE-2026-43503

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

CVE-2026-42046

A flaw was found in libcaca, a colour ASCII art library. An integer overflow vulnerability in the canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write by supplying a specially crafted file in the "caca" format. This heap overflow can lead to memory...

CVE-2026-33079

A flaw was found in Mistune, a Markdown parser. This vulnerability, known as Regular Expression Denial of Service ReDoS, exists in the LINKTITLERE regular expression. A remote attacker can exploit this by providing specially crafted Markdown input, which causes the regular expression engine to...

CVE-2026-9277

A flaw was found in the shell-quote component. The quote function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpre...

CVE-2026-9298

A flaw was found in omec-project amf. A remote attacker could exploit an unknown functionality within the PathSwitchRequest Handler component, leading to memory corruption...

CVE-2026-28380

A flaw was found in Grafana. An authenticated user with editor privileges could exploit a Broken Access Control BAC vulnerability in the Snapshot API. This flaw allows an editor to delete any dashboard snapshot, even those they do not have explicit read or write access to, leading to unauthorized...

CVE-2026-33381

A flaw was found in Grafana. When a user's access to mint tokens for a service account is revoked, the system may temporarily allow the user to continue minting tokens for a few seconds. This could lead to a temporary bypass of access control, potentially enabling unauthorized actions if the toke...

CVE-2026-42580

A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit an integer overflow vulnerability in Netty's chunk size parser. This flaw enables request smuggling attacks, which can allow an attacker to bypass security controls or access...

CVE-2026-44572

A flaw was found in Next.js. An external client could exploit this vulnerability by sending a x-nextjs-data header on a request to a path handled by middleware that returns a redirect. This action could cause the middleware or proxy to incorrectly process the request as a data request, replacing...

CVE-2026-40460

A flaw was found in NGINX Plus and NGINX Open Source when configured to use the HTTP/3 QUIC module. A remote attacker could exploit this by spoofing their source IP address. This vulnerability allows for the bypass of authorization controls or rate limiting mechanisms, potentially leading to...

CVE-2026-8463

A flaw was found in Crypt::Argon2 for Perl. This vulnerability, a heap out-of-bounds read, occurs in the argon2verify function when processing an empty encoded input. An integer underflow causes the software to read beyond the allocated memory, which can lead to a denial of service DoS by crashin...

CVE-2026-42268

A flaw was found in ModSecurity, an open-source web application firewall WAF. This vulnerability occurs when an administrator configures a rule that uses @verifySSN, @verifyCPF, or @verifySVNR functions. An unhandled exception, specifically an unsigned integer underflow, can lead to a denial of...

CVE-2026-5089

A flaw was found in perl-YAML-Syck. The base60 sexagesimal parsing code in perlsyck.h contains a buffer underflow vulnerability. When processing specially crafted colon-separated values, an attacker could cause the parser to read one byte before the allocated buffer. This out-of-bounds read may...

CVE-2026-8368

A flaw was found in LWP::UserAgent, a component of perl-libwww-perl. This vulnerability allows a remote attacker to obtain a user's credentials by redirecting a request to an attacker-controlled host. When processing a redirect, the LWP::UserAgent fails to properly strip Authorization and...

CVE-2026-40016

A flaw was found in Dovecot. A remote or local attacker could upload a malicious Sieve script through the ManageSieve service, or locally, to bypass configured CPU time limits for Sieve scripts. This allows the attacker to consume excessive server resources, leading to a degradation of server...

CVE-2023-54349

AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers can enter script tags in the search box to execute arbitrary JavaScript that fires when...

CVE-2021-47968

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

CVE-2021-47967

PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Attackers can append malicious payloads to login.php, timeclock.php, audit.php, and timerpt.php endpoints, o...

CVE-2026-4070

The Alfie – Feed Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing nonce validation on the alfiemanage function which handles feed deletion via the 'delete' GET parameter. This makes it possible for...

CVE-2026-7615

The Widget Context plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.3. This is due to missing or incorrect nonce validation on the savewidgetcontextsettings function. This makes it possible for unauthenticated attackers to modify widget...

CVE-2026-4682

Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allo...

CVE-2026-9101

Prototype pollution in csv parsing logic during import can lead to untrusted file paths but not arguments entering shell.openExternal after specific user behavior leading to "1-click" command execution...

CVE-2026-9011

The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

CVE-2026-34908

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...

CVE-2026-34910

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...

CVE-2026-33000

A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...

CVE-2026-45498

Microsoft Defender Denial of Service Vulnerability...

CVE-2026-42834

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

CVE-2026-32175

A flaw was found in dotnet. Improper handling of specially crafted files can cause a path traversal vulnerability in .NET Core, allowing an attacker who can send a malicious file to a vulnerable system to write to arbitrary files and directories in certain locations. Mitigation Mitigation for thi...

CVE-2026-32177

A flaw was found in dotnet. A heap-based buffer overflow in .NET allows an unauthenticated attacker to elevate privileges locally. Mitigation Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the...

CVE-2026-41091

Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...

CVE-2026-45584

Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network...

CVE-2026-34909

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account...

CVE-2026-35433

A flaw was found in dotnet. Improper input validation and an integer overflow in .NET allow an unauthenticated attacker to elevate privileges locally. Mitigation Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example...

CVE-2026-42899

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources. Mitigation Red Hat has investigated whether a possible...

CVE-2026-8962

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

CVE-2026-7736

A flaw was found in osrg GoBGP. A remote attacker can exploit this vulnerability by executing a manipulation that leads to an integer underflow in the parseRibEntry function. This integer underflow can result in low impacts to the system's confidentiality, integrity, and availability. Mitigation ...

CVE-2026-7737

A flaw was found in osrg GoBGP. A remote attacker can exploit an out-of-bounds read vulnerability within the BMP Parser component, specifically in the BMPPeerUpNotification.ParseBody and BMPStatisticsReport.ParseBody functions. This manipulation can lead to a denial of service, making the affecte...

CVE-2026-43824

A flaw was found in Argo CD. The ServerSideDiff feature allows for the reading of cleartext Kubernetes Secret data. This vulnerability could lead to information disclosure, potentially exposing sensitive configuration details within the Kubernetes environment. Mitigation Mitigation for this issue...

CVE-2026-4843

The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the processajaxrestoreaction function in all versions up to, and including, 2.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and...

CVE-2026-43001

A flaw was found in OpenStack Keystone. An attacker holding an unrestricted application credential could exploit a vulnerability in the POST /v3/credentials endpoint where the caller-supplied projectid for an EC2-type credential was not validated against the project of the authenticating...