Lucene search
K

369030 matches found

CVE
CVE
added last week12 views

CVE-2026-14363

The CVE-2026-14363 issue affects the MediaWiki Cargo Extension for MediaWiki, where improper neutralization of special elements in SQL queries (notably in Special:Drilldown) enables SQL injection. Reported impacts include unauthorized access, modification, or deletion of data in the database. Aff...

9.8CVSS5.8AI score0.00255EPSS
Exploits0References3Affected Software1
CVE
CVE
added last week19 views

CVE-2026-54164

Summary: API Platform Core versions prior to 4.1.30, 4.2.26 and 4.3.12 contain a type-confusion in the serializer’s AbstractItemNormalizer when resolving relation IRIs. An attacker able to submit write requests (POST/PUT/PATCH) to an API endpoint with writable relations can supply a relation IRI ...

6.5CVSS5.7AI score0.00195EPSS
Exploits0References1
CVE
CVE
added last week17 views

CVE-2026-13760

CVE-2026-13760 describes an OS command injection in the AWS cdK library’s NodejsFunction Docker bundling pipeline (OsCommand helper). If an attacker can control a project’s package.json dependency version strings during Docker-based bundling with nodeModules, arbitrary commands may be executed on...

7.3CVSS6.1AI score0.0061EPSS
Exploits0References3
CVE
CVE
added last week56 views

CVE-2026-55597

CVE-2026-55597 affects ImageMagick prior to 7.1.2-26, where incorrect handling of arguments can cause a heap buffer overwrite in the JP2 encoder. The issue is fixed in 7.1.2-26. This can lead to memory corruption in the JP2 encoding path; upgrading to the fixed release is the advised remediation.

5.5CVSS5.9AI score0.00103EPSS
Exploits0References1Affected Software1
CVE
CVE
added last week10 views

CVE-2026-49988

Technical details for CVE-2026-49988 are not publicly available in the provided documents. No affected products, vulnerable components, or remediation information are disclosed. Monitor for updates.

0.00028EPSS
Exploits0References4
CVE
CVE
added last week15 views

CVE-2026-49826

Technical details for CVE-2026-49826 are not publicly available in the provided documents. The entry is reserved/placeholder; no affected products, root cause, impact, or remediation are specified. Monitor for updates.

Exploits0References7
CVE
CVE
added last week8 views

CVE-2026-49987

Technical details for CVE-2026-49987 are not publicly available in the provided documents. Monitor for updates as information may be released later.

0.00066EPSS
Exploits0References4
CVE
CVE
added last week50 views

CVE-2026-55595

ImageMagick is affected by a vulnerability in the connected-components option. Prior to versions 6.9.13-51 and 7.1.2-26, providing invalid arguments to this option can cause an infinite loop (local attack vector, high availability impact) as described in the CVE notes. The issue has been fixed in...

4.7CVSS5.8AI score0.0009EPSS
Exploits0References1Affected Software1
CVE
CVE
added last week49 views

CVE-2026-55594

ImageMagick (MVG decoder) is affected by a stack overflow in the MVG decoder due to a missing depth check when processing a crafted image. This affects versions prior to 6.9.13-51 and 7.1.2-26. The issue has been fixed in 6.9.13-51 and 7.1.2-26. According to the CVE entry, the assigned CVSS score...

5.3CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
CVE
CVE
added last week53 views

CVE-2026-55577

CVE-2026-55577 affects ImageMagick's MVG decoder. A heap buffer overflow can cause an out-of-bounds write when processing crafted MVG images. Affected versions are prior to 6.9.13-51 and 7.1.2-26. The issue has been fixed in 6.9.13-51 and 7.1.2-26. Mitigation:** upgrade to one of the fixed releas...

5.9CVSS6AI score0.00226EPSS
Exploits0References1Affected Software1
CVE
CVE
added last week10 views

CVE-2026-49981

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-49981.

Exploits0References5
CVE
CVE
added last week46 views

CVE-2026-55510

ImageMagick vulnerability CVE-2026-55510 affects the ImageMagick suite (ImageMagick) where a use-after-free can occur when identifying an image with a crafted 8BIM profile in a specific format string. The issue is triggered in affected builds prior to 6.9.13-51 and 7.1.2-26 and is fixed in those ...

5.5CVSS5.7AI score0.00103EPSS
Exploits0References1Affected Software1
CVE
CVE
added last week48 views

CVE-2026-53467

ImageMagick’s CVE-2026-53467 affects the MNG decoder. Prior to 6.9.13-51 and 7.1.2-26, the decoder can disclose heap information because part of the pixels are left unchanged. Fixed in 6.9.13-51 and 7.1.2-26. Affected software: ImageMagick (Image editing/manipulation tool); component: MNG decoder...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
CVE
CVE
added last week12 views

CVE-2026-14358

The CVE-2026-14358 affects the Wikimedia Foundation MediaWiki Charts Extension and indicates a Cross-Site Scripting (XSS) flaw caused by improper input neutralization during web page generation. Affected versions are before 1.43.9, 1.44.6, and 1.45.4. The vulnerability is described as a stored XS...

6.9CVSS5.8AI score0.00268EPSS
Exploits0References2
CVE
CVE
added last week11 views

CVE-2026-41121

Dell Device Management Agent (DDMA) versions before 26.05 are affected by an Improper Link Resolution Before File Access (Link Following) vulnerability. A low-privilege, local attacker could potentially exploit this to achieve Elevation of Privileges. The CVSS3.1 vector is AV:L/AC:L/PR:L/UI:R/S:U...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References1Affected Software1
CVE
CVE
added last week18 views

CVE-2026-49986

Technical details for CVE-2026-49986 are not publicly available in the provided documents. Monitor for updates as information is released.

Exploits0References5
CVE
CVE
added last week25 views

CVE-2026-13769

Affected product: AWS CLI (versions prior to 1.44.78 for v1 and 2.34.29 for v2) on Unix-like systems where the umask is not restricting file permissions. The issue is overly permissive credentials file permissions, allowing other local users on the same host to read credentials written by certain...

6.8CVSS5.8AI score0.00101EPSS
Exploits0References4
CVE
CVE
added last week26 views

CVE-2026-57155

Technical details for CVE-2026-57155 are not publicly available in the provided documents. No affected products, impact, or remediation are listed. Monitor for updates.

Exploits0References3
CVE
CVE
added last week13 views

CVE-2026-49119

Gradio

8.7CVSS5.9AI score0.0069EPSS
Exploits0References4Affected Software1
CVE
CVE
added last week12 views

CVE-2026-58517

CVE-2026-58517 concerns the Wikimedia Foundation’s MediaWiki WikiLambda Extension, with an issue labeled as an improper neutralization of input terminators that enables an authentication bypass. Affected versions are WikiLambda Extension releases prior to 1.43.9, 1.44.6, and 1.45.4. The CVSS 4.0 ...

6.9CVSS5.8AI score0.00342EPSS
Exploits0References2
Rows per page
Query Builder