368939 matches found
CVE-2026-49986
Technical details for CVE-2026-49986 are not publicly available in the provided documents. Monitor for updates as information is released.
CVE-2026-13769
Affected product: AWS CLI (versions prior to 1.44.78 for v1 and 2.34.29 for v2) on Unix-like systems where the umask is not restricting file permissions. The issue is overly permissive credentials file permissions, allowing other local users on the same host to read credentials written by certain...
CVE-2026-57155
Technical details for CVE-2026-57155 are not publicly available in the provided documents. No affected products, impact, or remediation are listed. Monitor for updates.
CVE-2026-49119
Gradio
CVE-2026-58517
CVE-2026-58517 concerns the Wikimedia Foundation’s MediaWiki WikiLambda Extension, with an issue labeled as an improper neutralization of input terminators that enables an authentication bypass. Affected versions are WikiLambda Extension releases prior to 1.43.9, 1.44.6, and 1.45.4. The CVSS 4.0 ...
CVE-2026-53466
ImageMagick is affected by CVE-2026-53466 due to a heap buffer over-read in the XCF image decoder caused by an integer conversion overflow. A crafted XCF image can trigger an out-of-bounds read, potentially leading to a crash. Affected versions are prior to 6.9.13-51 and 7.1.2-26; the issue has b...
CVE-2026-49864
Technical details for CVE-2026-49864 are not publicly available in the provided documents. Monitor for updates; no affected products, impact, or remediation can be determined from the current data.
CVE-2026-55628
ImageMagick (CVE-2026-55628) is affected by a policy bypass in the -concatenate operation present in versions prior to 7.1.2-26he, due to missing security policy checks. This could allow reading and writing to paths disallowed by policy. The issue has been fixed in version 7.1.2-26he. Remediation...
CVE-2026-49857
Technical details for CVE-2026-49857 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-58451
CVE-2026-58451 concerns Horde IMP prior to 7.0.1. A path traversal flaw in lib/Compose.php enables an authenticated attacker to read arbitrary server files by inserting traversal sequences after the CKEditor path prefix in img src URLs. The issue circumvents prefix validation by appending travers...
CVE-2026-49856
Technical details for CVE-2026-49856 are not publicly available in the provided documents. Monitor for updates; no affected products, impact, or remediation can be stated from the current data.
CVE-2026-53489
CVE-2026-53489 affects containerd CRI: when checkpoint restore occurs, the CRI plugin may read a host file by following a symlink for container.log. Vulnerable versions are prior to 2.3.2, 2.2.5 and 2.1.9. Impact described as arbitrary host file read via kubectl logs, with LOCAL attack potential ...
CVE-2026-53492
Summary: CVE-2026-53492 affects containerd’s CRI checkpoint restoration, where CDI annotations in untrusted checkpoint metadata are trusted, allowing injection of CDI edits (device nodes/host mounts) into restored containers if CDI is enabled and a matching host CDI spec exists. The issue affects...
CVE-2026-46487
Technical details for CVE-2026-46487 are not publicly available in the provided documents; monitor for updates.
CVE-2026-39379
Technical details are not publicly available in the provided documents for CVE-2026-39379. Monitor for updates.
CVE-2025-36374
Technical details for CVE-2025-36374 are not publicly available in the provided documents. There is no information on affected products, root cause, or remediation. Monitor for updates.
CVE-2026-12733
Technical details for CVE-2026-12733 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-50195
Containerd CVE-2026-50195 affects CRI checkpoint import: unvalidated image references in a checkpoint config allow an attacker with pod-creation permissions to trigger pulling a malicious image and assign it a local tag, poisoning the node’s local image cache. Subsequent pods on the same node usi...
CVE-2026-50160
Hoppscotch self-hosted deployments (Hoppscotch-backend
CVE-2026-47262
CVE-2026-47262 affects containerd where a maliciously crafted image can trigger a Denial of Service by exhausting memory during container creation, causing an Out-Of-Memory (OOM) kill of the containerd process and making the runtime API unavailable (impacting clients like Docker Engine and Kubern...