Lucene search
K

369483 matches found

CVE
CVE
added 2026/07/02 12:0 a.m.9 views

CVE-2026-55493

Technical details for CVE-2026-55493 are not publicly available in the provided documents. No affected products, impacts, or fixes can be determined. Monitor for updates.

Exploits0
CVE
CVE
added 2026/07/02 12:0 a.m.13 views

CVE-2026-54707

Technical details for CVE-2026-54707 are not publicly available in the provided documents. No affected products, root cause, or remediation are disclosed. Monitor for updates.

Exploits0References6
CVE
CVE
added 2026/07/02 12:0 a.m.10 views

CVE-2026-55765

Technical details are not publicly available in the provided documents for CVE-2026-55765. No affected product, component, root cause, impact, or remediation is specified. Monitor for updates.

Exploits0References4
CVE
CVE
added 2026/07/02 12:0 a.m.21 views

CVE-2026-49353

9router is affected by an incomplete fix from CVE-2026-46339. The vulnerability arises because the local-only access gate in src/dashboardGuard.js uses HTTP headers (Host and Origin) to determine locality rather than TCP source, making it bypassable when deployed behind reverse proxies or in DNS-...

0.00058EPSS
Exploits0References7
CVE
CVE
added 2026/07/02 12:0 a.m.11 views

CVE-2026-52192

CVE-2026-52192 concerns an issue in UTT nv518G/nv518GV3v3.2.7-210919-161313 where a remote attacker can cause a denial of service via the gohead/sub_445C5C component. The primary available details identify the affected product family and the vulnerable component, with the CVSS v3.1 vector indicat...

7.5CVSS5.8AI score0.00409EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 12:0 a.m.7 views

CVE-2026-52189

CVE-2026-52189 describes a buffer overflow in the UTT nv518G nv518GV3v3.2.7-210919-161313 stack/heap handling within the gohead/sub_487330 component. The issue allows a remote attacker to trigger a denial of service. Documented details are limited to the affected product/version and component nam...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 12:0 a.m.8 views

CVE-2026-52188

CVE-2026-52188 is a Buffer Overflow in UTT nv518G nv518GV3v3.2.7-210919-161313 affecting the gohead//sub_497498 component. Reported impact is remote denial of service (availability impact) with CVSS 3.1 base score 6.5 (Medium). Connected sources indicate a PoC exists and a potential partial techn...

6.5CVSS5.8AI score0.00237EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 12:0 a.m.10 views

CVE-2026-52187

CVE-2026-52187 describes a Buffer Overflow in the UTT nv518G family (nv518G nv518GV3v3.2.7-210919-161313) that allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component. The NVD entry lists a Network attack vector, no privileges required, no user interaction, and a...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 12:0 a.m.24 views

CVE-2026-38969

CVE-2026-38969 affects WEBrick (Ruby) up to v1.9.2. The flaw arises when WEBrick re-parses the trailer Content-Length, placing it into the canonical request state and enabling request smuggling. Documented impact includes potential bypass of security controls and information injection if exposed ...

7.5CVSS5.8AI score0.00289EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 12:0 a.m.31 views

CVE-2026-49352

The connected document reveals a concrete vulnerability in 9router: a publicly known hardcoded fallback JWT secret, "9router-default-secret-change-me", is used when JWT_SECRET is not set. This secret is committed in the public repository and unchanged across releases, enabling any unauthenticated...

0.0019EPSS
Exploits1References6
CVE
CVE
added 2026/07/02 12:0 a.m.10 views

CVE-2026-38971

CVE-2026-38971 affects ArduPilot through Plane-4.6.3. It is a real vulnerability: an out-of-bounds read in libraries/GCS_MAVLink/GCS_serial_control.cpp, within GCS_MAVLINK::handle_serial_control(). The CVSS 3.1 vector indicates no authentication, network attack surface, low attack complexity, and...

9.1CVSS5.7AI score0.00448EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/07/02 12:0 a.m.12 views

CVE-2026-38972

Notepad3 versions up to 6.25.822.1 are vulnerable to a DLL search-order hijack in the About-dialog code path (src/Notepad3.c). The application loads MSFTEDIT.DLL via LoadLibrary with a bare DLL name, enabling a local attacker to place a malicious MSFTEDIT.DLL in the application directory or anoth...

7.8CVSS6.4AI score0.00148EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/07/02 12:0 a.m.8 views

CVE-2026-52191

CVE-2026-52191 is a Buffer Overflow in the UTT nv518G nv518GV3v3.2.7-210919-161313, affecting the gohead/sub_444C8C component. The vulnerability enables a remote attacker to cause a denial of service. The provided documents do not specify a patch or remediation; no exploit details are described. ...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 12:0 a.m.15 views

CVE-2026-38968

ntopng (through 6.6) is reported vulnerable to a Predictable Session Identifier flaw. The issue occurs in HTTPsession creation within src/HTTPserver.cpp, where time-seeded pseudo-randomness can yield deterministic or colliding cookies, enabling session hijacking under attacker-controlled timing. ...

9.8CVSS5.8AI score0.00379EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/02 12:0 a.m.15 views

CVE-2026-54706

Technical details for CVE-2026-54706 are not publicly available in the provided documents. Monitor for updates.

Exploits0References6
CVE
CVE
added 2026/07/02 12:0 a.m.12 views

CVE-2026-55769

Technical details for CVE-2026-55769 are not publicly available in the provided documents. Monitor for updates to see if a concrete description, affected products, or remediation are released.

Exploits0References4
CVE
CVE
added 2026/07/02 12:0 a.m.9 views

CVE-2026-38970

The provided data confirms a concrete vulnerability in pdfcpu

7.5CVSS5.8AI score0.00451EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 11:43 p.m.17 views

CVE-2026-50280

Craft CMS contains an authorization bypass in the entries/move-to-section endpoint (EntriesController::actionMoveToSection). In versions 5.0.0-RC1 through below 5.9.21, destination section gate relies only on viewEntries:$section->uid instead of requiring saveEntries permission; source entry p...

6CVSS5.7AI score0.00273EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 11:31 p.m.12 views

CVE-2026-50279

Craft CMS (versions 5.0.0-RC1 through 5.9.20) contains an authorization gap in EntriesController::actionSaveEntry where entry-edit checks precede author changes. The code path allows attacker-supplied authors to mutate the authors list when the current user is among the old authors, without re-ru...

7.6CVSS5.7AI score0.00245EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 11:26 p.m.31 views

CVE-2026-55794

Craft CMS

8.7CVSS5.8AI score0.00293EPSS
Exploits0References2
Rows per page
Query Builder