Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20735
Total
1498
Critical
6296
High
6574
Medium
CVE ID Severity Score Description Published
CVE-2026-54822 HIGH 8.5 Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 versions. Jun 25, 2026
CVE-2026-54821 HIGH 7.4 Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.3.1 versions. Jun 25, 2026
CVE-2026-52690 MEDIUM 5.9 Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server … Jun 25, 2026
CVE-2026-4526 MEDIUM 6.5 In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process. These messages must come … Jun 25, 2026
CVE-2026-49506 HIGH 7.2 Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A … Jun 25, 2026
CVE-2026-47154 MEDIUM 6.5 In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come … Jun 25, 2026
CVE-2026-47153 MEDIUM 6.5 In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a … Jun 25, 2026
CVE-2026-47152 MEDIUM 6.5 In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a … Jun 25, 2026
CVE-2026-47151 HIGH 7.1 In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into Door Lock schedule state. The size and location of this data is … Jun 25, 2026
CVE-2026-47150 HIGH 7.1 In EmberZNet v9.0.2 and earlier, malformed IAS Zone enrollment messages can trigger an out-of-bounds state-table write and terminate the process. The size and location of … Jun 25, 2026
CVE-2026-47149 MEDIUM 6.5 In EmberZNet v9.0.2 and earlier, malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads and terminate the process. These messages must come … Jun 25, 2026
CVE-2026-47148 MEDIUM 6.5 In EmberZNet v9.0.2 and earlier, malformed GetGroupMembership commands can trigger repeated reads past the end of the message payload and terminate the process. These messages … Jun 25, 2026
CVE-2026-47147 HIGH 7.1 In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds reads. A limited amount of data from RAM is … Jun 25, 2026
CVE-2026-47146 MEDIUM 6.5 In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that … Jun 25, 2026
CVE-2026-47145 MEDIUM 6.5 In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that … Jun 25, 2026
CVE-2026-46734 HIGH 7.3 Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could … Jun 25, 2026
CVE-2026-46733 HIGH 7.8 Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could … Jun 25, 2026
CVE-2026-46732 MEDIUM 6.7 Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A … Jun 25, 2026
CVE-2026-42390 MEDIUM 5.3 An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation. Jun 25, 2026
CVE-2026-42389 MEDIUM 5.3 This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers. Jun 25, 2026
CVE-2026-42388 MEDIUM 5.9 Incomplete validation of the SOA record present in a catalog zone might lead to a crash. Jun 25, 2026
CVE-2026-42387 MEDIUM 5.9 A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input … Jun 25, 2026
CVE-2026-41120 CRITICAL 9.8 Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A low privileged attacker … Jun 25, 2026
CVE-2026-40012 MEDIUM 5.3 ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled; Jun 25, 2026
CVE-2026-2815 UNKNOWN Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys Jun 25, 2026