Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20328
Total
1466
Critical
6161
High
6456
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-13050 | UNKNOWN | — | An Out-of-bounds Write vulnerability in WatchGuard Fireware OS networkd process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests … | Jul 03, 2026 |
| CVE-2026-57100 | CRITICAL | 9.9 | Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network. | Jul 02, 2026 |
| CVE-2026-54998 | HIGH | 8.8 | Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. | Jul 02, 2026 |
| CVE-2026-45499 | CRITICAL | 9.9 | Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network. | Jul 02, 2026 |
| CVE-2026-41106 | CRITICAL | 9.3 | Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network. | Jul 02, 2026 |
| CVE-2026-26145 | MEDIUM | 4.8 | Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network. | Jul 02, 2026 |
| CVE-2026-50722 | HIGH | 8.1 | Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 … | Jul 02, 2026 |
| CVE-2026-50721 | HIGH | 8.1 | Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded … | Jul 02, 2026 |
| CVE-2026-12413 | HIGH | 7.5 | An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() … | Jul 02, 2026 |
| CVE-2026-58460 | HIGH | 7.7 | react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted _display_name … | Jul 02, 2026 |
| CVE-2026-52830 | CRITICAL | 9.4 | fast-mcp-telegram is a Telegram MCP Server. Prior to 0.19.1, fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The … | Jul 02, 2026 |
| CVE-2026-52192 | UNKNOWN | — | An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_445C5C component | Jul 02, 2026 |
| CVE-2026-52191 | UNKNOWN | — | Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_444C8C component | Jul 02, 2026 |
| CVE-2026-52189 | UNKNOWN | — | Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_487330 component | Jul 02, 2026 |
| CVE-2026-52188 | UNKNOWN | — | Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead//sub_497498 component | Jul 02, 2026 |
| CVE-2026-38972 | UNKNOWN | — | Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, … | Jul 02, 2026 |
| CVE-2026-38971 | UNKNOWN | — | ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_serial_control.cpp in GCS_MAVLINK::handle_serial_control(). | Jul 02, 2026 |
| CVE-2026-38970 | UNKNOWN | — | pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext() and parseArray() without … | Jul 02, 2026 |
| CVE-2026-38969 | UNKNOWN | — | ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling. | Jul 02, 2026 |
| CVE-2026-38968 | UNKNOWN | — | ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during … | Jul 02, 2026 |
| CVE-2026-59102 | MEDIUM | 5.4 | Forgejo before 15.0.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript in other users' browsers by setting a full … | Jul 02, 2026 |
| CVE-2026-59101 | MEDIUM | 5.8 | AutoBangumi before 3.2.8 contains a server-side request forgery (SSRF) vulnerability that allows unauthenticated remote attackers to probe internal network services by supplying arbitrary host values … | Jul 02, 2026 |
| CVE-2026-59100 | MEDIUM | 5.0 | LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying … | Jul 02, 2026 |
| CVE-2026-59099 | CRITICAL | 9.1 | Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse … | Jul 02, 2026 |
| CVE-2026-59098 | MEDIUM | 6.5 | LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by … | Jul 02, 2026 |