Lucene search
K

369819 matches found

CVE
CVE
added 2026/07/01 3:11 p.m.50 views

CVE-2026-57517

Control Web Panel prior to version 0.9.8.1225 is affected by CVE-2026-57517, a blind SQL injection via the userRes POST parameter at the user endpoint. The vulnerability allows unauthenticated remote attackers to execute arbitrary SQL queries, potentially leveraging MySQL root privileges obtained...

9.8CVSS6.7AI score0.00587EPSS
Exploits2References4
CVE
CVE
added 2026/07/01 3:11 p.m.13 views

CVE-2026-24266

CVE-2026-24266 affects NVIDIA’s Triton Inference Server for Linux. The issue is a use-after-free vulnerability in the server (specific component not detailed in the provided documents) that can lead to a denial of service if exploited. NVIDIA’s security bulletin specifies affected versions are 0....

7.5CVSS5.8AI score0.00717EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 3:11 p.m.14 views

CVE-2026-24264

CVE-2026-24264 affects NVIDIA Triton Inference Server for Linux. The security bulletin documents that an attacker can cause improper handling of highly compressed data, with the impact being denial of service . The vulnerability is addressed by updating to Triton Server r26.04 or later . Affected...

7.5CVSS5.8AI score0.00774EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 3:10 p.m.13 views

CVE-2026-58026

CVE-2026-58026 affects MediaWiki. Affects releases before 1.46.0, 1.45.4, 1.44.6, 1.43.9, with information disclosure through includes/Parser/Parser.Php. Debian advisory DSA-6380-1 fixes multiple MediaWiki CVEs, including CVE-2026-58026, in stable (trixie) as 1:1.43.9+dfsg-1~deb13u1. No exploit d...

5.7CVSS5.8AI score0.00382EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 3:8 p.m.11 views

CVE-2026-8857

The CVE-2026-8857 entry concerns a vulnerability in the Wikimedia Foundation timeline, affecting the Timeline extension components: program files scripts/EasyTimeline.Pl and includes/Timeline.Php. Affected versions are before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The available sources do not specif...

8.8CVSS5.8AI score0.00267EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/07/01 3:4 p.m.13 views

CVE-2026-58038

The CVE-2026-58038 issue affects the Wikimedia Foundation Timeline component and is caused by improper neutralization of input during web page generation, enabling cross-site scripting via Timeline.Php and scripts/EasyTimeline.Pl. Reported impacts include information disclosure, session hijacking...

6.1CVSS5.8AI score0.0024EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 3:1 p.m.13 views

CVE-2026-58027

CVE-2026-58027 affects Wikimedia Foundation AbuseFilter. The issue arises in the QueryAbuseFilters.Php API, allowing an unauthenticated actor to see the hit count of private filters, which is hidden in the UI. Affected are AbuseFilter versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The CVSS b...

6.5CVSS5.8AI score0.00382EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:58 p.m.12 views

CVE-2026-24251

NVIDIA Megatron Bridge for Linux (CVE-2026-24251) is vulnerable due to improper control of dynamically managed code resources, enabling potential code execution, privilege escalation, data tampering, and information disclosure. The NVIDIA security bulletin confirms this CVE and states that updati...

7.8CVSS5.8AI score0.00155EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:58 p.m.12 views

CVE-2026-24250

NVIDIA Megatron Bridge for Linux (Megatron-Bridge) is affected by CVE-2026-24250 due to improper validation of allowed inputs. The NVIDIA security bulletin lists this CVE among a set of related deserialization and resource-management issues that may lead to code execution, privilege escalation, d...

7.8CVSS5.8AI score0.00155EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:58 p.m.14 views

CVE-2026-58030

Summary : CVE-2026-58030 is a stored XSS in Wikimedia Foundation’s SyntaxHighlight_GeSHi due to improper neutralization of input in the linelinks processing. Affected versions are before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The issue is associated with the includes/SyntaxHighlight.Php component an...

6.1CVSS5.8AI score0.0039EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:57 p.m.11 views

CVE-2026-24249

CVE-2026-24249 affects NVIDIA Megatron Bridge for Linux and describes deserialization of untrusted data leading to potential code execution, privilege escalation, data tampering, and information disclosure. The NVIDIA security bulletin confirms this vulnerability is addressed in the security upda...

7.8CVSS5.9AI score0.00164EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:57 p.m.14 views

CVE-2026-24248

NVIDIA Megatron Bridge for Linux contains CVE-2026-24248: an attacker could cause improper control of code generation, potentially leading to code execution, privilege escalation, data tampering, and information disclosure. Affected product: Megatron Bridge for Linux. Root cause: improper control...

7.8CVSS5.8AI score0.00175EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:56 p.m.12 views

CVE-2026-24247

CVE-2026-24247 affects NVIDIA Megatron Bridge for Linux and is linked to deserialization of untrusted data, with potential for code execution, privilege escalation, data tampering, and information disclosure. The NVIDIA security bulletin notes mitigation by upgrading to version 0.4.1 or later (Me...

7.8CVSS5.9AI score0.00169EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:56 p.m.14 views

CVE-2026-58032

MediaWiki vulnerability CVE-2026-58032 is an XSS in mw.Api.getErrorMessage() that may return injected HTML when errorformat=html is not used. Affected: MediaWiki versions before 1.46.0, and earlier branches 1.45.4, 1.44.6, 1.43.9, due to improper neutralization in resources/src/mediawiki.Api/inde...

6.1CVSS5.8AI score0.00436EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:56 p.m.13 views

CVE-2026-24246

NVIDIA Megatron Bridge for Linux is affected by CVE-2026-24246, a vulnerability in the handling of dynamically managed code resources that could lead to code execution, privilege escalation, data tampering, and information disclosure. The NVIDIA security bulletin indicates the fix is included in ...

7.8CVSS5.8AI score0.00169EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:55 p.m.19 views

CVE-2026-24245

CVE-2026-24245 affects NVIDIA Megatron Bridge for Linux. The vulnerability involves deserialization of untrusted data and could lead to code execution, privilege escalation, data tampering, and information disclosure. Affected: Megatron-Bridge; root cause not explicitly detailed beyond the deseri...

7.8CVSS5.9AI score0.00154EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:54 p.m.18 views

CVE-2026-58033

CVE-2026-58033 affects Wikimedia Foundation MediaWiki and involves exposure of sensitive information via the includes/Actions/InfoAction.Php path. The issue impacts MediaWiki versions prior to 1.46.0, including 1.45.4, 1.44.6, and 1.43.9. The connected sources consistently describe the vulnerabil...

6.5CVSS5.8AI score0.00428EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:53 p.m.14 views

CVE-2026-24244

NVIDIA Megatron Bridge for Linux contains CVE-2026-24244, a deserialization of untrusted data vulnerability that can lead to code execution, privilege escalation, data tampering, and information disclosure. The NVIDIA security bulletin confirms affected product: Megatron-Bridge; updated versions ...

7.8CVSS5.9AI score0.00154EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:52 p.m.19 views

CVE-2026-8480

Stormshield Network Security versions affected: 4.3.0 to 4.3.41, 4.4.0 to 4.8.15, and 5.0.2 EA to 5.0.5. A revoked client certificate can still be used to authenticate to the captive-admin portal, allowing an attacker who possesses the revoked certificate to gain administrative access. CVSS v3.1 ...

4.3CVSS5.8AI score0.00087EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 2:51 p.m.13 views

CVE-2026-58037

MediaWiki up to versions older than 1.46.0 (including 1.45.4, 1.44.6, 1.43.9) is affected by CVE-2026-58037, an XSS in log/locale-related rendering code (files such as includes/Language/Language.php and several LogFormatter classes) that allows improper neutralization of user input during web pag...

6.1CVSS5.8AI score0.0039EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder