Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20322
Total
1466
Critical
6160
High
6453
Medium
CVE ID Severity Score Description Published
CVE-2026-12252 HIGH 7.8 In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes (StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser) are vulnerable to untrusted JAR code execution. These classes … Jul 04, 2026
CVE-2025-71380 HIGH 8.8 The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or … Jul 04, 2026
CVE-2025-71375 HIGH 8.1 picklescan before 0.0.34 fails to detect the _operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using _operator.methodcaller … Jul 04, 2026
CVE-2025-71373 HIGH 8.1 picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads … Jul 04, 2026
CVE-2025-71372 HIGH 8.1 Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute … Jul 04, 2026
CVE-2025-71369 HIGH 8.1 picklescan before 0.0.28 fails to detect malicious pickle files that use torch.utils.data.datapipes.utils.decoder.basichandlers in reduce methods, allowing attackers to bypass safety checks. Remote attackers can embed … Jul 04, 2026
CVE-2025-71367 HIGH 8.1 picklescan before 0.0.34 fails to detect _operator.attrgetter function calls in pickle payloads, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files … Jul 04, 2026
CVE-2025-71366 HIGH 8.1 picklescan before 0.0.28 fails to detect malicious torch.utils.bottleneck.__main__.run_cprofile function calls in pickle files, allowing attackers to bypass safety checks. Remote attackers can embed undetected code … Jul 04, 2026
CVE-2025-71364 HIGH 8.1 picklescan before 0.0.30 fails to detect the asyncio.unix_events._UnixSubprocessTransport._start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this … Jul 04, 2026
CVE-2025-71362 HIGH 8.1 picklescan before 0.0.33 fails to detect unsafe deserialization when numpy.f2py.crackfortran functions call eval on arbitrary strings. Attackers can embed malicious code in pickle files that … Jul 04, 2026
CVE-2025-71360 HIGH 8.1 picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.calltip.get_entity function in reduce methods. Attackers can embed undetected code in pickle files that executes … Jul 04, 2026
CVE-2025-71359 HIGH 8.1 picklescan before 0.0.29 fails to detect malicious pickle payloads that utilize lib2to3.pgen2.grammar.Grammar.loads in the reduce method, allowing remote code execution. Attackers can craft pickle files … Jul 04, 2026
CVE-2025-71356 HIGH 8.1 picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code … Jul 04, 2026
CVE-2025-71353 HIGH 8.1 picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch._dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that … Jul 04, 2026
CVE-2025-71347 HIGH 8.1 picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.param_eval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed … Jul 04, 2026
CVE-2025-71345 HIGH 8.1 picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.__main__.run_autograd_prof function. Attackers can embed undetected code in pickle files that executes during deserialization, … Jul 04, 2026
CVE-2025-71343 HIGH 8.1 picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.make_label function in the reduce method. Attackers can craft malicious pickle files with embedded … Jul 04, 2026
CVE-2025-71342 HIGH 8.1 picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.run.Executive.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes during … Jul 04, 2026
CVE-2026-54424 HIGH 8.4 An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through … Jul 04, 2026
CVE-2026-58523 MEDIUM 6.5 Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network. Jul 03, 2026
CVE-2026-14617 LOW 3.1 A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer._filter_and_accumulate of the file gateway/stream_consumer.py of the component Streaming … Jul 03, 2026
CVE-2026-58597 MEDIUM 4.3 Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. Jul 03, 2026
CVE-2026-58524 MEDIUM 5.4 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. Jul 03, 2026
CVE-2026-58522 MEDIUM 6.8 Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally. Jul 03, 2026
CVE-2026-58426 CRITICAL 9.6 Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write Jul 03, 2026