206621 matches found
CVE-2026-60103
A flaw was found in Blender. A remote attacker could exploit an out-of-bounds read vulnerability by providing a specially crafted .blend file. This vulnerability occurs when the application processes a malicious memberindex value without proper validation, leading to an attempt to access memory...
CVE-2026-50162
A flaw was found in oras-go. The file content store, intended to confine writes to a specified working directory, does not properly account for symbolic link symlink traversal. A remote attacker, by providing a specially crafted blob title, could exploit this vulnerability to create files outside...
CVE-2026-39245
A flaw was found in the decompress component. An improper path containment check allows a local attacker to perform directory traversal. This vulnerability, when combined with unvalidated symlink creation, enables an attacker to write arbitrary files to directories outside the intended extraction...
CVE-2026-48702
A flaw was found in Rekor. The Package.Unmarshal function, which processes Alpine Package Keep APK files, decompresses gzip streams without limiting the total decompressed size. A remote attacker can exploit this by crafting a malicious APK file with a high compression ratio, causing the server t...
CVE-2026-44024
A flaw was found in Fluentd, a data collector. This vulnerability allows a remote attacker to achieve arbitrary file write and potentially remote code execution by sending untrusted tags containing path traversal characters. The issue arises from insufficient validation of the $tag placeholder in...
CVE-2026-54911
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.13.0, ujson.dumps or ujson.dump or ujson.encode have a rejectbytes=False option. When set, they may accept malformed or truncated UTF-8 byte sequences, silently rewriting them into different...
CVE-2026-52846
A flaw was found in Caddy, an extensible server platform. The stripHTML template function, intended to remove HTML tags from input, fails to reliably process certain malformed HTML. This oversight allows dangerous content to remain in the output, which, if subsequently rendered as HTML, can lead ...
CVE-2026-50168
A flaw was found in the @angular/platform-server package of Angular. This vulnerability allows remote attackers to bypass host allowlist constraints and direct server-side outgoing requests to arbitrary external endpoints. This occurs due to a parser differential between the strict WHATWG URL...
CVE-2026-15538
A flaw was found in PrimeFaces PrimeReact. A remote attacker can exploit a weakness in the ObjectUtils.mutateFieldData function within the component API. This allows for the improper modification of object prototype attributes, potentially leading to unexpected behavior or further attacks. This...
CVE-2026-29008
A flaw was found in U-Boot. A network-adjacent attacker can exploit an integer underflow vulnerability in the tcprxstatemachine function by sending a specially crafted TCP SYN+ACK packet. This can cause the bootloader to crash, leading to a Denial of Service DoS and preventing the device from...
CVE-2026-29009
A flaw was found in U-Boot. A buffer overflow vulnerability exists in the nfsreadlinkreply function when the Network File System NFS command is enabled. A malicious or compromised NFS server can exploit this by sending multiple relative symlink targets, exceeding the buffer's capacity. This can...
CVE-2026-23560
A flaw was found in Xen. A virtual machine administrator vm-admin can exploit this by setting the VM.other-config:issystemdomain parameter, which allows them to mark a virtual machine as a system domain. This can lead to the virtual machine being ignored and remaining operational during critical...
CVE-2026-54428
A flaw was found in Apache HttpComponents Core. This vulnerability, located in the HTTP/2 HPACK decoder, allows a remote attacker to cause a denial of service. By sending oversized compressed header blocks, an attacker can exhaust memory resources before the system's configured header list size...
CVE-2026-60108
A flaw was found in Zeek. An uncontrolled memory consumption vulnerability in the FTP analyzer allows unauthenticated remote attackers to cause a denial of service. This occurs when a crafted FTP control session with a large ADAT control line is sent, exploiting the NVTAnalyzer component's lack o...
CVE-2026-60109
A flaw was found in Zeek's Kerberos protocol analyzer. An unauthenticated remote attacker can exploit a vulnerability by sending a specially crafted Kerberos KRBERROR message. This can lead to a null pointer dereference due to a mismatch in the parser and analyzer state, causing the Zeek sensor t...
CVE-2026-42486
A flaw was found in Xen. A virtual machine administrator vm-admin can set the VM.platform:hvmserial parameter, which should be restricted to the pool-admin role. This improper restriction allows the vm-admin to perform arbitrary file writes in dom0, potentially leading to system compromise...
CVE-2026-23562
A flaw was found in Xen. A virtual machine administrator vm-admin, a user with limited privileges, could bypass security checks related to PCI passthrough configuration. This allowed the vm-admin to gain unauthorized access to host hardware. This could lead to privilege escalation, enabling the...
CVE-2026-59858
A command injection vulnerability in Vim's C omni-completion script allows an attacker to execute arbitrary commands if a user is tricked into opening a maliciously crafted tags file and manually invoking the autocomplete feature. Mitigation Users are advised to avoid opening untrusted C source...
CVE-2026-55807
A flaw was found in Drupal core. This Server-Side Request Forgery SSRF vulnerability allows an attacker to induce the server to make requests to an arbitrary domain, potentially leading to information disclosure or access to internal network resources...
CVE-2026-55808
A flaw was found in Drupal core. This improper neutralization of input during web page generation, commonly known as Cross-site Scripting XSS, allows an attacker to inject malicious scripts into web pages. When a user views an affected page, these scripts can execute in their browser. This could...
CVE-2026-15584
A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes...
CVE-2026-53538
A flaw was found in Python-Multipart, a tool used for processing web form data. A remote attacker could exploit a vulnerability where the software incorrectly interprets certain characters as separators in web form data. This difference in interpretation compared to standard web practices allows ...
CVE-2026-62147
The Tempo Operator's gateway component failed to consistently apply namespace-scoped redaction on some query API response paths when query RBAC was enabled, allowing an authenticated user to read span attributes belonging to other tenants' namespaces. Mitigation There is no mitigation or workarou...
CVE-2026-59856
A flaw was found in Vim, an open-source command-line text editor. The PHP omni-completion script improperly handles specially crafted input. When a victim opens a malicious PHP file and invokes omni-completion, an unescaped class or trait name can be interpreted as Ex commands. This allows a remo...
CVE-2026-15551
A flaw was found in rlottie, a Samsung Open Source library. This vulnerability, stemming from an integer overflow or wraparound, could allow a local attacker with low privileges to cause a buffer overflow. Exploitation requires user interaction and may lead to a denial of service or other memory...
CVE-2026-59857
An out-of-bounds write vulnerability in Vim's spellsoundfoldsal function allows an attacker to corrupt memory and crash the editor Denial of Service by supplying a specially crafted word during spell sound-folding. Mitigation This vulnerability can be mitigated by preventing Vim from automaticall...
CVE-2026-12080
No description is available for this CVE...
CVE-2026-15574
A flaw was found in the vllm-orchestrator-gateway component. The system's production binary logs all incoming authorization headers and full chat payloads, which may contain personally identifiable information PII and secrets, to persistent logs. This sensitive data, including bearer tokens and...
CVE-2026-58252
A flaw was found in NATS Server. An authenticated user could bypass configured access restrictions and receive messages on subjects that were explicitly denied. This occurs when a wildcard subscription overlaps with a wildcard deny rule but is not a direct subset, or when queue subscriptions...
CVE-2026-58251
A flaw was found in NATS Server, a high-performance messaging system. An authenticated user with specific permissions could bypass security rules designed to deny access to certain message subjects. This bypass occurs when a queue subscription is used, allowing the user to access information that...
CVE-2026-58208
A flaw was found in NATS Server. An unauthenticated client with access to the WebSocket listener could exploit a vulnerability where requests for the MQTT-over-WebSocket path were incorrectly routed into MQTT handling, even when MQTT was not configured. This allowed the client to access...
CVE-2026-58253
A flaw was found in NATS Server. When the noauthuser configuration is enabled, a parser optimization intended for client connections can inadvertently apply to route or leafnode listeners. This allows an unauthenticated attacker on an adjacent network to bypass inter-server authentication...
CVE-2026-14683
A flaw was found in HdrHistogram. A local attacker can exploit a vulnerability in the decodeFromCompressedByteBuffer function by manipulating the lengthOfCompressedContents argument. This manipulation leads to uncontrolled memory allocation, which can result in a Denial of Service DoS condition,...
CVE-2026-14686
A flaw was found in HdrHistogram. This vulnerability affects the DoubleHistogram.recordValue function, which is part of the Range Check component. A local attacker can exploit this flaw by performing a specific manipulation, leading to an incorrect comparison of values. This issue primarily impac...
CVE-2026-58250
A flaw was found in NATS Server, a high-performance messaging system. An unauthenticated attacker with network access to a leafnode listener, where compression is enabled, could exploit this vulnerability. By sending repeated leafnode INFO protocol messages during the pre-authentication handshake...
CVE-2026-61870
A flaw was found in ImageMagick. This vulnerability involves a memory leak within the VIFF encoder, a component responsible for handling image files. An attacker could exploit this by providing specially crafted VIFF images, which would trigger memory allocation failures. This action can exhaust...
CVE-2026-61858
A flaw was found in ImageMagick. This vulnerability allows attackers to bypass configured policy restrictions through the APNG Animated Portable Network Graphics encoding process. By exploiting missing validation checks in the APNG encoder and external delegates, an attacker can write files to...
CVE-2026-61861
A flaw was found in ImageMagick. This use-after-free vulnerability exists in the FormatMagickCaption method. When memory allocation fails, an attacker can trigger a dangling pointer to reference freed memory. This could potentially lead to a denial of service or arbitrary code execution...
CVE-2026-61857
A flaw was found in ImageMagick. This vulnerability allows a remote attacker to cause the application to crash. The issue stems from improper handling of XMP Extensible Metadata Platform profiles within image files. By crafting a malicious image with specially designed XMP data, an attacker can...
CVE-2026-61465
A flaw was found in ImageMagick. This vulnerability occurs because ImageMagick is missing a check for the allowed memory allocation limit during certain image processing operations, such as when using the -canny function. A remote attacker could provide a specially crafted image, causing the...
CVE-2026-56372
A flaw was found in ImageMagick. This heap buffer overflow vulnerability, identified as CWE-122 Heap-based Buffer Overflow, occurs in the magnify operation when processing an unrecognized magnify:method value. An attacker could exploit this by providing a specially crafted input, leading to an...
CVE-2026-56373
A flaw was found in ImageMagick. This use-after-free vulnerability CWE-416 exists within the PDB Program Database decoder. A remote attacker could exploit this by tricking a user into processing a specially crafted malicious PDB file. This could lead to a denial of service DoS due to application...
CVE-2026-56366
A flaw was found in ImageMagick. This vulnerability, categorized as a memory leak CWE-401, occurs in the META reader when processing APP1JPEG input paths. A remote attacker could exploit this by providing specially crafted APP1JPEG image files. Successful exploitation leads to resource exhaustion...
CVE-2026-14738
A flaw was found in exo. A remote attacker could exploit the use of a weak hashing algorithm within the imagecachekey function of the Vision Feature Cache component. This vulnerability, while difficult to exploit, could potentially allow an attacker to cause hash collisions, leading to a low impa...
CVE-2026-52747
A flaw was found in ModSecurity, an open-source web application firewall WAF. The multipart/form-data request body parser in libmodsecurity incorrectly handles embedded line breaks in non-file form-field values. This discrepancy between ModSecurity and backend applications, which preserve line...
CVE-2026-52761
A flaw was found in ModSecurity, an open-source web application firewall WAF. The t:utf8toUnicode transformation function, responsible for converting UTF-8 encoded characters to Unicode, generates incorrect output on i386 architectures. This vulnerability allows an attacker to bypass WAF rules,...
CVE-2026-59996
A flaw was found in OpenSSH, a widely used tool for secure remote access. When a user attempts to copy files between two different remote systems using the scp command, the file might be incorrectly placed in a directory above the intended destination. This unintended file placement could lead to...
CVE-2026-47261
A flaw was found in Wasmtime, a runtime for WebAssembly. This vulnerability allows an attacker to bypass intended access controls when a filesystem preopen is configured with read-only file permissions but also allows directory mutations. By using specific open flags, an attacker can truncate fil...
CVE-2026-55827
A flaw was found in FreeRDP. FreeRDP clients using the non-default /cache:codec:rfx option are vulnerable to a heap out-of-bounds write. A malicious Remote Desktop Protocol RDP server can exploit this by manipulating desktop stride and height values during RemoteFX decoding for Cache Bitmap V3...
CVE-2026-57156
A flaw was found in FreeRDP clients. A remote attacker, acting as a malicious Remote Desktop Protocol RDP peer, could exploit an integer overflow vulnerability. This overflow occurs when the client processes a specially crafted RDP message, leading to the allocation of an undersized memory buffer...