CVE-2026-8510

An integer overflow flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502636904...

CVE-2026-8522

An use after free flaw was found in the Downloads component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504185107...

CVE-2026-8521

An use after free flaw was found in the Tab Groups component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504106200...

CVE-2026-8520

A race flaw was found in the Payments component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503619813...

CVE-2026-8519

An integer overflow flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498400132...

CVE-2026-8518

An use after free flaw was found in the Blink component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497830330...

CVE-2026-8516

An insufficient validation of untrusted input flaw was found in the DataTransfer component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496393078...

CVE-2026-8514

An use after free flaw was found in the Aura component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495948109...

CVE-2026-8515

An use after free flaw was found in the HID component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495999127...

CVE-2026-8517

An object lifecycle issue flaw was found in the WebShare component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497531263...

CVE-2026-8512

An use after free flaw was found in the FileSystem component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495782021...

CVE-2026-8509

A heap buffer overflow flaw was found in the WebML component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493310462...

CVE-2026-8511

An use after free flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495108488...

CVE-2026-44484

A flaw was found in PyTorch Lightning. This deep learning framework introduced functionality that could be leveraged as a credential harvesting mechanism. A remote attacker could exploit this to obtain sensitive user credentials, leading to significant information disclosure and potential further...

CVE-2026-42559

A flaw was found in rmcp, the official Rust SDK for the Model Context Protocol. The Streamable HTTP server transport in rmcp failed to validate the incoming Host header, enabling a malicious public website to exploit this through a DNS rebinding attack. This allows the attacker to send...

CVE-2026-44442

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.1, certain endpoints failed to enforce proper authorization checks, allowing users to modify data beyond their permitted role. This vulnerability is fixed in 16.9.1...

CVE-2026-44196

Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication TOTP requirement entirely. Although, an attacker...

CVE-2026-44498

ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block...

CVE-2026-44380

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, an improper access control vulnerability in the authentication key reset functionality allowed an authenticated organization administrator to reset authentication keys belonging to site administrator accounts within...

CVE-2026-44217

sse-channel is an SSE-implementation which can be used to any node.js http request/response stream. Prior to 4.0.1, implementations that allow user-provided values to be passed to event, retry or id fields are susceptible to event spoofing, where an attacker could inject arbitrary messages into t...

CVE-2026-45229

Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint that allows authenticated attackers to overwrite administrator credentials by posting an arbitrary webui object to the configdata dictionary. Attackers can exploit insufficient deny-list filtering to...

CVE-2026-44425

ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device list endpoint accepts user-controlled identifiers in the the name field of each filter property in the base64-encoded filter query parameter and the sortby query parameter, which are then passed directly as BSON/SQL keys in the...

CVE-2026-45708

CubeCart is an ecommerce software solution. Prior to 6.7.3, an admin with documents edit permission can save raw into the Invoice Editor. The next time any admin clicks Print on any order, the rendered template is written to files/print..php. files/.htaccess ships an explicit allow from all...

CVE-2026-45225

Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted filename with traversal sequences. Attackers can exploit the unvalidated filename parameter in th...

CVE-2026-44193

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restoreconfigsection fails to sanitize user supplied input leading to Remote Code Execution. This vulnerability is fixed in 26.1.7...

CVE-2026-31237

The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization CWE-502 through its predict method. When a user provides a dataset file path to the predict method, the framework automatically determines the file format. If the file is a pickle .pkl file, it is loaded using...

CVE-2026-0235

A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies...

CVE-2026-31233

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

CVE-2026-31232

The CosyVoice project thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading process. When loading model files .pt from a user-specified directory via the --modeldir argument, the code uses torch.load without...

CVE-2026-31240

The mem0 1.0.0 server lacks authentication and authorization controls for its memory management API endpoints. Critical functions such as updating memory records PUT /memories/memoryid are exposed without any verification of the requester's identity or permissions. A remote attacker can exploit...

CVE-2026-31238

The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization CWE-502 in its model serving component. When starting a model server with the ludwig serve command, the framework loads model weight files using torch.load without enabling the security-restrictive weightsonly=True...

CVE-2026-31235

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

CVE-2026-37430

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2026-31234

Horovod thru 0.28.1 contains an insecure deserialization vulnerability CWE-502 in its KVStore HTTP server component. The KVStore server, used for distributed task coordination, lacks authentication and authorization controls, allowing any remote attacker to write arbitrary data via HTTP PUT...

CVE-2026-44015

Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can perform Server-Side Request Forgery SSRF by creating a cluster node pointing to an arbitrary internal URL and then sending API requests with the X-Node-ID header. The Proxy middleware forwar...

CVE-2026-34094

A vulnerability in Wikimedia Foundation MediaWiki is associated with program files includes/Page/Article.php...

CVE-2026-34093

Exposure of sensitive information to an unauthorized actor vulnerability in Wikimedia Foundation MediaWiki...

CVE-2026-34095

A vulnerability in Wikimedia Foundation MediaWiki is associated with program files includes/Actions/ActionEntryPoint.php and includes/Request/FauxResponse.php...

CVE-2026-34088

Exposure of sensitive information to an unauthorized actor vulnerability in Wikimedia Foundation MediaWiki...

CVE-2026-34092

Exposure of sensitive information to an unauthorized actor vulnerability in Wikimedia Foundation MediaWiki...

CVE-2026-34091

Exposure of sensitive information to an unauthorized actor vulnerability in Wikimedia Foundation MediaWiki...

CVE-2026-42444

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the...

CVE-2026-45028

Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypte...

CVE-2026-44278

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via...

CVE-2026-36741

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

CVE-2026-43654

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to disclose kernel memory...

CVE-2026-36738

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...

CVE-2026-0265

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service CAS is enabled. The risk is higher if CAS is enabled on the management interface and lower when...

CVE-2026-44218

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

CVE-2025-28344

striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack...