Lucene search
K

368905 matches found

CVE
CVE
added 6 days ago52 views

CVE-2026-55577

CVE-2026-55577 affects ImageMagick's MVG decoder. A heap buffer overflow can cause an out-of-bounds write when processing crafted MVG images. Affected versions are prior to 6.9.13-51 and 7.1.2-26. The issue has been fixed in 6.9.13-51 and 7.1.2-26. Mitigation:** upgrade to one of the fixed releas...

5.9CVSS6AI score0.00226EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago9 views

CVE-2026-49981

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-49981.

Exploits0References5
CVE
CVE
added 6 days ago45 views

CVE-2026-55510

ImageMagick vulnerability CVE-2026-55510 affects the ImageMagick suite (ImageMagick) where a use-after-free can occur when identifying an image with a crafted 8BIM profile in a specific format string. The issue is triggered in affected builds prior to 6.9.13-51 and 7.1.2-26 and is fixed in those ...

5.5CVSS5.7AI score0.00103EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago47 views

CVE-2026-53467

ImageMagick’s CVE-2026-53467 affects the MNG decoder. Prior to 6.9.13-51 and 7.1.2-26, the decoder can disclose heap information because part of the pixels are left unchanged. Fixed in 6.9.13-51 and 7.1.2-26. Affected software: ImageMagick (Image editing/manipulation tool); component: MNG decoder...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago12 views

CVE-2026-14358

The CVE-2026-14358 affects the Wikimedia Foundation MediaWiki Charts Extension and indicates a Cross-Site Scripting (XSS) flaw caused by improper input neutralization during web page generation. Affected versions are before 1.43.9, 1.44.6, and 1.45.4. The vulnerability is described as a stored XS...

6.9CVSS5.8AI score0.00268EPSS
Exploits0References2
CVE
CVE
added 6 days ago10 views

CVE-2026-41121

Dell Device Management Agent (DDMA) versions before 26.05 are affected by an Improper Link Resolution Before File Access (Link Following) vulnerability. A low-privilege, local attacker could potentially exploit this to achieve Elevation of Privileges. The CVSS3.1 vector is AV:L/AC:L/PR:L/UI:R/S:U...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago18 views

CVE-2026-49986

Technical details for CVE-2026-49986 are not publicly available in the provided documents. Monitor for updates as information is released.

Exploits0References5
CVE
CVE
added 6 days ago22 views

CVE-2026-13769

Affected product: AWS CLI (versions prior to 1.44.78 for v1 and 2.34.29 for v2) on Unix-like systems where the umask is not restricting file permissions. The issue is overly permissive credentials file permissions, allowing other local users on the same host to read credentials written by certain...

6.8CVSS5.8AI score0.00101EPSS
Exploits0References4
CVE
CVE
added 6 days ago24 views

CVE-2026-57155

Technical details for CVE-2026-57155 are not publicly available in the provided documents. No affected products, impact, or remediation are listed. Monitor for updates.

Exploits0References3
CVE
CVE
added 6 days ago13 views

CVE-2026-49119

Gradio

8.7CVSS5.9AI score0.0069EPSS
Exploits0References4Affected Software1
CVE
CVE
added 6 days ago12 views

CVE-2026-58517

CVE-2026-58517 concerns the Wikimedia Foundation’s MediaWiki WikiLambda Extension, with an issue labeled as an improper neutralization of input terminators that enables an authentication bypass. Affected versions are WikiLambda Extension releases prior to 1.43.9, 1.44.6, and 1.45.4. The CVSS 4.0 ...

6.9CVSS5.8AI score0.00342EPSS
Exploits0References2
CVE
CVE
added 6 days ago12 views

CVE-2026-53466

ImageMagick is affected by CVE-2026-53466 due to a heap buffer over-read in the XCF image decoder caused by an integer conversion overflow. A crafted XCF image can trigger an out-of-bounds read, potentially leading to a crash. Affected versions are prior to 6.9.13-51 and 7.1.2-26; the issue has b...

6.5CVSS5.8AI score0.0022EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago13 views

CVE-2026-49864

Technical details for CVE-2026-49864 are not publicly available in the provided documents. Monitor for updates; no affected products, impact, or remediation can be determined from the current data.

Exploits0References4
CVE
CVE
added 6 days ago53 views

CVE-2026-55628

ImageMagick (CVE-2026-55628) is affected by a policy bypass in the -concatenate operation present in versions prior to 7.1.2-26he, due to missing security policy checks. This could allow reading and writing to paths disallowed by policy. The issue has been fixed in version 7.1.2-26he. Remediation...

5.5CVSS5.7AI score0.00098EPSS
Exploits0References1
CVE
CVE
added 6 days ago12 views

CVE-2026-49857

Technical details for CVE-2026-49857 are not publicly available in the provided documents. Monitor for updates.

Exploits0References4
CVE
CVE
added 6 days ago14 views

CVE-2026-58451

CVE-2026-58451 concerns Horde IMP prior to 7.0.1. A path traversal flaw in lib/Compose.php enables an authenticated attacker to read arbitrary server files by inserting traversal sequences after the CKEditor path prefix in img src URLs. The issue circumvents prefix validation by appending travers...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References7
CVE
CVE
added 6 days ago9 views

CVE-2026-49856

Technical details for CVE-2026-49856 are not publicly available in the provided documents. Monitor for updates; no affected products, impact, or remediation can be stated from the current data.

Exploits0References4
CVE
CVE
added 6 days ago35 views

CVE-2026-53489

CVE-2026-53489 affects containerd CRI: when checkpoint restore occurs, the CRI plugin may read a host file by following a symlink for container.log. Vulnerable versions are prior to 2.3.2, 2.2.5 and 2.1.9. Impact described as arbitrary host file read via kubectl logs, with LOCAL attack potential ...

8.2CVSS5.9AI score0.00208EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago35 views

CVE-2026-53492

Summary: CVE-2026-53492 affects containerd’s CRI checkpoint restoration, where CDI annotations in untrusted checkpoint metadata are trusted, allowing injection of CDI edits (device nodes/host mounts) into restored containers if CDI is enabled and a matching host CDI spec exists. The issue affects...

9.6CVSS5.9AI score0.00412EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago8 views

CVE-2026-46487

Technical details for CVE-2026-46487 are not publicly available in the provided documents; monitor for updates.

Exploits0References4
Rows per page
Query Builder