206286 matches found
CVE-2026-9563
A flaw was found in Eclipse Parsson. The JSON parser did not enforce a default maximum on the number of characters consumed while processing a single JSON document. A remote attacker could exploit this by providing a very large, specially crafted JSON document. This could force applications to...
CVE-2026-14544
A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...
CVE-2026-58038
A flaw was found in the Wikimedia Foundation Timeline component. This cross-site scripting XSS vulnerability allows a remote attacker to inject malicious scripts into web pages. Successful exploitation could lead to significant impacts such as information disclosure, session hijacking, or...
CVE-2026-54891
A flaw was found in Erlang's SSL Secure Sockets Layer component. A network-positioned attacker can exploit this vulnerability by injecting unauthenticated plaintext data into a client's TLS Transport Layer Security handshake. The client application may then process this injected data as if it wer...
CVE-2025-71385
A flaw was found in Netdata. A remote unauthenticated attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the api/v2/ilove.svg and api/v3/ilove.svg endpoints. By injecting malicious script into the love query parameter, an attacker could trick a victim into executing...
CVE-2026-59102
A flaw was found in Forgejo. This stored cross-site scripting XSS vulnerability allows an authenticated attacker to execute malicious code in other users' web browsers. The flaw occurs when a user's full name, containing specially crafted HTML, is used in an Actions run description without proper...
CVE-2026-20216
A flaw was found in ClamAV's InstallShield file format parser. An unauthenticated, remote attacker could exploit this vulnerability by submitting a specially crafted InstallShield file for scanning. This improper handling of temporary resources during file scanning could lead to the termination o...
CVE-2026-54431
A flaw was found in liboauth2. The Demonstrating Proof-of-Possession DPoP verifier incorrectly accepts a malformed DPoP proof. This proof contains private key material in its JSON Web Key JWK header, which should be rejected according to RFC 9449. This vulnerability could allow an attacker to...
CVE-2026-54430
A flaw was found in liboauth2 in the oauth2josejwksawsalbresolve function. The AWS ALB JWT verifier reads the signer and kid fields from the unverified JWT header. When signer matches the configured ARN, kid is appended to the ALB base URL without path sanitization, and an HTTP GET request is...
CVE-2026-54265
A flaw was found in Angular's @angular/compiler package. When a native DOM property requiring sanitization is bound using two-way binding syntax, the template compiler fails to apply the appropriate sanitizer. An attacker who controls the bound value can bypass Angular's built-in sanitization,...
CVE-2026-53489
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin incorrectly restores container logs from a checkpoint image. This vulnerability, categorized as a Path Traversal CWE-61, allows an attacker to read arbitrary files on the host system by...
CVE-2026-53358
A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol implementation. This vulnerability arises from an incorrect order of acquiring locks during channel cleanup, which could lead to a race condition. This issue could potentially cause instability or...
CVE-2026-53357
A flaw was found in the Linux kernel's Bluetooth component. A Use-After-Free UAF vulnerability exists in the l2capsockcleanuplisten and l2capconndel functions. This flaw occurs due to a race condition during the cleanup of a listening socket and a concurrent Bluetooth HCI disconnect. An...
CVE-2026-47692
A flaw was found in Envoy. The PROXY Protocol v2 header generator can emit data beyond the maximum allowed length, leading to a mismatch between the actual bytes sent and the length specified in the header. An attacker on an adjacent network could exploit this to smuggle bytes into upstream...
CVE-2026-47221
A flaw was found in Envoy. An unauthenticated attacker can exploit a null pointer dereference vulnerability in the router filter. This occurs when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests. By sending a POST, PUT, DELETE, or PATCH request without a body to...
CVE-2026-11769
A flaw was found in the Grafana Operator. This vulnerability allows a malicious user, who can create Dashboard or LibraryPanel resources for a Grafana instance, to exploit a path traversal issue within the jsonnet data templating language. This exploitation can lead to privilege escalation and...
CVE-2026-48743
A flaw was found in Envoy, an open source edge and service proxy. This vulnerability occurs when Envoy translates an HTTP/3 request that is complete at the transport layer but still carries a nonzero Content-Length into an HTTP/1 request for an upstream server. If the upstream server responds...
CVE-2026-48044
A flaw was found in Envoy, an open source edge and service proxy. A remote attacker can exploit this vulnerability by sending a specially crafted, highly compressed zstd payload to an Envoy proxy with zstd decompression enabled. This can lead to massive memory allocation, causing severe memory...
CVE-2026-48042
A flaw was found in Envoy, an open-source edge and service proxy. A remote attacker could exploit this vulnerability by sending deeply nested JSON objects to the affected system. This could lead to a stack overflow during the destruction of JSON objects, resulting in a Denial of Service DoS for t...
CVE-2026-47778
A flaw was found in Envoy, an open-source edge and service proxy. A remote attacker could exploit a structural flaw in the DefaultCertValidator::verifySubjectAltName function by presenting a specially crafted certificate. This certificate would contain a NUL byte within its DNS Subject Alternativ...
CVE-2026-47204
A flaw was found in Envoy, an open source edge and service proxy. A remote attacker can exploit this vulnerability by sending a specially crafted Connect protocol request to a direct response route. This action causes the envoy.filters.http.grpcstats filter to crash, leading to a denial of servic...
CVE-2026-48706
A flaw was found in Envoy, an open-source edge and service proxy. An attacker can exploit a heap write overflow vulnerability in Envoy's TCP StatsD sink by sending exceptionally long statistic names, such as those found in HTTP or gRPC request paths. This can lead to a denial-of-service, causing...
CVE-2025-15666
A flaw was found in Assimp, the Open Asset Import Library. A local attacker could exploit a vulnerability where specially crafted model files could cause a heap-based buffer overflow. This issue, occurring in the SceneCombiner::Copy function, could allow an attacker to gain unauthorized access to...
CVE-2026-55700
A flaw was found in pnpm, a package manager. A remote attacker could exploit a vulnerability in the pnpm stage download command by providing a specially crafted package manifest. This could allow the attacker to write files to arbitrary locations on the system, leading to unauthorized modificatio...
CVE-2026-37106
A flaw was found in DokuWiki. A remote attacker can create an account through the registration function. This occurs when the DokuWiki instance is configured to allow self-registration, which is not the default setting. This could lead to the creation of unauthorized user accounts. Mitigation To...
CVE-2026-53492
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI implementation, which allows Kubernetes to interact with container runtimes, improperly trusts Container Device Interface CDI annotations found within untrusted checkpoint image metadata during...
CVE-2026-11946
A flaw was found in open62541. An unauthenticated remote attacker can exploit a vulnerability in the GetEndpoints Discovery Service by sending a malformed request with an excessively long, unvalidated endpointUrl field. This can lead to the server buffering large amounts of data indefinitely,...
CVE-2026-50195
A flaw was found in containerd, an open-source container runtime. The CRI Container Runtime Interface checkpoint import process fails to validate image references within a checkpoint image's configuration. An attacker with permissions to create pods can exploit this by using a specially crafted...
CVE-2026-48853
A flaw was found in the grpc component of elixir-grpc. This vulnerability allows unauthenticated attackers to send specially crafted messages, leading to two critical outcomes. First, it can cause a Denial of Service DoS by crashing the Erlang virtual machine BEAM node. Second, under certain...
CVE-2025-15646
A flaw was found in HTML::Gumbo, a Perl module used for parsing HTML. This vulnerability allows for information disclosure due to a type confusion error when processing HTML input containing a element. An attacker could exploit this by providing specially crafted HTML, leading to the disclosure o...
CVE-2026-33592
A flaw was found in open62541. An unauthenticated remote attacker can exhaust server memory by sending an arbitrarily large string in the serverUris field of the FindServersRequest, which is part of the FindServers Discovery Service. The server buffers these large strings indefinitely, leading to...
CVE-2026-47262
A flaw was found in containerd, an open-source container runtime. A remote attacker could exploit this vulnerability by providing a maliciously crafted image. When a container is created from this image, it leads to uncontrolled resource consumption and memory exhaustion, causing the containerd...
CVE-2026-58517
A flaw was found in The Wikimedia Foundation Mediawiki - WikiLambda Extension. This vulnerability, caused by improper neutralization of input terminators, allows an attacker to bypass authentication. This could lead to unauthorized access to the system. Mitigation To mitigate this vulnerability,...
CVE-2026-55153
A flaw was found in mchange-commons-java, a Java utility library. This vulnerability allows a remote attacker to achieve arbitrary code execution through Java Naming and Directory Interface JNDI injection. The library's JNDI ObjectFactory can construct objects of arbitrary classes and initialize...
CVE-2026-46680
A flaw was found in containerd, an open-source container runtime. Containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. This vulnerability allows a crafted container image to bypass the Kubernetes runAsNonRoot restrictio...
CVE-2026-14363
A flaw was found in the Mediawiki Cargo Extension. This vulnerability, identified as SQL Injection, allows an attacker to execute malicious SQL commands. By exploiting improper handling of special characters in SQL commands, an attacker can potentially access, modify, or delete sensitive data...
CVE-2026-44740
A flaw was found in Billy, an interface filesystem abstraction for Go. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing crafted or malformed input. The issue arises from insufficient validation and missing safety mechanisms when processing untrusted...
CVE-2026-9595
A flaw was found in webpack-dev-server. When a user configures a proxy with a broad context, such as '/', and enables WebSocket ws: true forwarding, the development server's own Hot Module Replacement HMR WebSocket can be intercepted. This interception leads to the leakage of the browser's cookie...
CVE-2026-54257
A flaw was found in Electron, a framework for building cross-platform desktop applications. The Buffer implementation performs incorrect byte length calculations, resulting in a heap buffer underflow or overflow. An attacker could exploit this flaw to cause an application crash or trigger incorre...
CVE-2026-13323
A flaw was found in Open VSX Registry. The /vscode/unpkg/ endpoint serves user-supplied HTML files with a Content-Type of text/html without Content-Security-Policy or Content-Disposition: attachment response headers. An attacker with a registered publisher account can upload a VSIX containing a...
CVE-2026-47214
A flaw was found in Docling, a document processing tool. Its HTML backend contained vulnerabilities related to unsafe handling of Uniform Resource Identifiers URIs and file paths. This could allow an attacker to access local files, navigate outside of intended directories path traversal, and...
CVE-2026-55577
A flaw was found in ImageMagick, free and open-source software for editing and manipulating digital images. A heap buffer overflow occurs in the MVG Magick Vector Graphics decoder when processing a specially crafted image. This vulnerability could allow an attacker to cause an out-of-bounds write...
CVE-2026-55628
A flaw was found in ImageMagick. The -concatenate operation, used for combining images, lacks proper security policy checks. This oversight could allow an attacker to read from or write to file paths that should otherwise be restricted by the security policy. This could lead to unauthorized acces...
CVE-2026-53466
A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digital images. An attacker could craft a malicious image file that, when processed by the XCF decoder, triggers an integer overflow. This overflow leads to an out-of-bounds read, which can cause the...
CVE-2026-55594
A flaw was found in ImageMagick, free and open-source software for editing and manipulating digital images. A missing depth check in the MVG Magick Vector Graphics decoder can lead to a stack overflow when a remote attacker provides a specially crafted image. This vulnerability could result in a...
CVE-2026-55595
A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. This vulnerability allows an attacker to trigger an infinite loop by providing invalid arguments to the connected-components option. Successful exploitation of this flaw can lead to ...
CVE-2026-53467
A flaw was found in ImageMagick. The MNG decoder in ImageMagick contains a heap information disclosure vulnerability. This flaw could allow an attacker to potentially access sensitive information from memory due to parts of image pixels being left unchanged during processing. This could lead to...
CVE-2026-55510
A flaw was found in ImageMagick, a software suite for editing and manipulating digital images. An attacker could exploit a use-after-free vulnerability by providing a specially crafted image with an 8BIM profile containing a specific format string. This could lead to a denial of service, making t...
CVE-2026-55597
A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digital images. An incorrect handling of arguments in the JP2 encoder can lead to a heap buffer overwrite. This vulnerability could allow an attacker to cause a denial of service DoS by providing a...
CVE-2026-57204
A flaw was found in pypdf, a pure-python PDF library. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when parsed, leads to uncontrolled resource consumption and large memory usage. This occurs because the library sometimes ignores defined limits for stre...