Lucene search
K

369980 matches found

CVE
CVE
added 2026/07/01 7:37 p.m.7 views

CVE-2026-36541

Technical details are not publicly available in the provided documents for CVE-2026-36541; no affected products, vectors, or remediation are described. Monitor for updates.

Exploits0References1
CVE
CVE
added 2026/07/01 7:37 p.m.10 views

CVE-2026-36542

Technical details for CVE-2026-36542 are not publicly available in the provided documents; no affected products, impact, or remediation are specified. Monitor for updates.

Exploits0References1
CVE
CVE
added 2026/07/01 7:34 p.m.13 views

CVE-2026-54908

CVE-2026-54908 affects the Pion DTLS Go implementation. Versions prior to 3.1.4 are vulnerable to a remote Denial of Service caused by a panic while parsing a crafted ECDHE_PSK ServerKeyExchange message. The issue has been fixed in 3.1.4. No exploitation details are provided in the documents.

6.3CVSS5.8AI score0.0032EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 7:34 p.m.38 views

CVE-2026-14265

The CVE affects AWS Advanced JDBC Wrapper (AWR) RemoteQueryCachePlugin versions 3.3.0–4.0.0. Deserialization of untrusted data via ObjectInputStream without class filtering when reading cached query results from Redis or Valkey enables gadget-chain execution, allowing arbitrary code execution on ...

8.8CVSS6.3AI score0.00407EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 7:27 p.m.21 views

CVE-2026-58593

NodeBB is affected by CVE-2026-58593 where inbound ActivityPub objects are not correctly bound to the authenticated remote actor. The middleware verifies the HTTP-signature actor and origin of object.id but does not validate that attributedTo corresponds to the sender, treating attributedTo as a ...

8.7CVSS6AI score0.00191EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/07/01 7:27 p.m.19 views

CVE-2026-58592

Vulnerability summary (CVE-2026-58592, Ladybird): A dangling-reference memory-safety flaw in Ladybird’s WebAssembly ESM integration loader. When a JavaScript function is imported into a WebAssembly module via the ESM path, WebAssemblyModule.cpp passes a stack-local Wasm::FunctionType by reference...

8.9CVSS6.4AI score0.00311EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 7:24 p.m.20 views

CVE-2026-49858

API Platform Core contains a cross-user attribute leak in JSON:API and HAL item normalizers due to a missing isCacheKeySafe gate. Affected versions: 2.6.0 up to 4.1.28, 4.2.25, and 4.3.11 (i.e., before 4.1.29, 4.2.26, 4.3.12). Root cause: componentsCache arrays are keyed on $context['cache_key'] ...

5.9CVSS5.7AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 7:22 p.m.14 views

CVE-2026-58457

CVE-2026-58457 affects Shenzhen Aitemi M300 MT02 (Wi‑Fi Repeater). An unauthenticated OS command injection exists in the commuos web backend via the smacfilter_conf handler. Attackers can append semicolon-delimited payloads to the name, enable, or mac GET parameters, which are unsanitized and pas...

9.8CVSS6.1AI score0.01671EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 7:22 p.m.13 views

CVE-2026-14363

The CVE-2026-14363 issue affects the MediaWiki Cargo Extension for MediaWiki, where improper neutralization of special elements in SQL queries (notably in Special:Drilldown) enables SQL injection. Reported impacts include unauthorized access, modification, or deletion of data in the database. Aff...

9.8CVSS5.8AI score0.00294EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 7:14 p.m.22 views

CVE-2026-54164

Summary: API Platform Core versions prior to 4.1.30, 4.2.26 and 4.3.12 contain a type-confusion in the serializer’s AbstractItemNormalizer when resolving relation IRIs. An attacker able to submit write requests (POST/PUT/PATCH) to an API endpoint with writable relations can supply a relation IRI ...

6.5CVSS5.7AI score0.00195EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 7:5 p.m.25 views

CVE-2026-13760

CVE-2026-13760 describes an OS command injection in the AWS cdK library’s NodejsFunction Docker bundling pipeline (OsCommand helper). If an attacker can control a project’s package.json dependency version strings during Docker-based bundling with nodeModules, arbitrary commands may be executed on...

7.3CVSS6.1AI score0.0061EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 7:3 p.m.57 views

CVE-2026-55597

CVE-2026-55597 affects ImageMagick prior to 7.1.2-26, where incorrect handling of arguments can cause a heap buffer overwrite in the JP2 encoder. The issue is fixed in 7.1.2-26. This can lead to memory corruption in the JP2 encoding path; upgrading to the fixed release is the advised remediation.

5.5CVSS5.9AI score0.00103EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 7:1 p.m.12 views

CVE-2026-49988

Technical details for CVE-2026-49988 are not publicly available in the provided documents. No affected products, vulnerable components, or remediation information are disclosed. Monitor for updates.

0.00028EPSS
Exploits0References4
CVE
CVE
added 2026/07/01 7:1 p.m.20 views

CVE-2026-49826

Technical details for CVE-2026-49826 are not publicly available in the provided documents. The entry is reserved/placeholder; no affected products, root cause, impact, or remediation are specified. Monitor for updates.

Exploits0References7
CVE
CVE
added 2026/07/01 7:0 p.m.9 views

CVE-2026-49987

Technical details for CVE-2026-49987 are not publicly available in the provided documents. Monitor for updates as information may be released later.

0.00066EPSS
Exploits0References4
CVE
CVE
added 2026/07/01 7:0 p.m.55 views

CVE-2026-55595

ImageMagick is affected by a vulnerability in the connected-components option. Prior to versions 6.9.13-51 and 7.1.2-26, providing invalid arguments to this option can cause an infinite loop (local attack vector, high availability impact) as described in the CVE notes. The issue has been fixed in...

4.7CVSS5.8AI score0.0009EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 6:58 p.m.54 views

CVE-2026-55594

ImageMagick (MVG decoder) is affected by a stack overflow in the MVG decoder due to a missing depth check when processing a crafted image. This affects versions prior to 6.9.13-51 and 7.1.2-26. The issue has been fixed in 6.9.13-51 and 7.1.2-26. According to the CVE entry, the assigned CVSS score...

5.3CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 6:56 p.m.56 views

CVE-2026-55577

CVE-2026-55577 affects ImageMagick's MVG decoder. A heap buffer overflow can cause an out-of-bounds write when processing crafted MVG images. Affected versions are prior to 6.9.13-51 and 7.1.2-26. The issue has been fixed in 6.9.13-51 and 7.1.2-26. Mitigation:** upgrade to one of the fixed releas...

5.9CVSS6AI score0.00226EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 6:55 p.m.11 views

CVE-2026-49981

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-49981.

Exploits0References5
CVE
CVE
added 2026/07/01 6:53 p.m.49 views

CVE-2026-55510

ImageMagick vulnerability CVE-2026-55510 affects the ImageMagick suite (ImageMagick) where a use-after-free can occur when identifying an image with a crafted 8BIM profile in a specific format string. The issue is triggered in affected builds prior to 6.9.13-51 and 7.1.2-26 and is fixed in those ...

5.5CVSS5.7AI score0.00103EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder