Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20842
Total
1506
Critical
6322
High
6604
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-13027 | HIGH | 8.8 | Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. … | Jun 24, 2026 |
| CVE-2026-13026 | HIGH | 8.8 | Use after free in Digital Credentials in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a … | Jun 24, 2026 |
| CVE-2026-13025 | HIGH | 8.3 | Race in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape … | Jun 24, 2026 |
| CVE-2026-13024 | MEDIUM | 4.2 | Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass … | Jun 24, 2026 |
| CVE-2026-13023 | MEDIUM | 5.3 | Uninitialized Use in GPU in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information … | Jun 24, 2026 |
| CVE-2026-13022 | UNKNOWN | — | Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via … | Jun 24, 2026 |
| CVE-2026-13021 | MEDIUM | 4.3 | Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium … | Jun 24, 2026 |
| CVE-2026-12760 | UNKNOWN | — | A denial-of-service (DoS) vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets. … | Jun 24, 2026 |
| CVE-2025-60471 | MEDIUM | 5.5 | A use-after-free in the gf_filter_pid_reconfigure_task_discard function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted … | Jun 24, 2026 |
| CVE-2026-55611 | NONE | — | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId … | Jun 24, 2026 |
| CVE-2026-54699 | HIGH | 7.7 | Warp is an agentic development environment. From 0.2024.03.12.08.02.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains an OS command injection vulnerability in the WSL URL-opening fallback. When Warp is … | Jun 24, 2026 |
| CVE-2026-54686 | MEDIUM | 4.3 | Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepted certain state-mutating terminal lifecycle hooks from the PTY stream without verifying that the … | Jun 24, 2026 |
| CVE-2026-49851 | UNKNOWN | — | Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear (approximately … | Jun 24, 2026 |
| CVE-2026-48789 | MEDIUM | 4.3 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, … | Jun 24, 2026 |
| CVE-2026-48732 | HIGH | 8.8 | Warp is an agentic development environment. From 0.2023.03.21.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection issue in the legacy SSH background command path. Warp used … | Jun 24, 2026 |
| CVE-2026-48731 | HIGH | 7.8 | Warp is an agentic development environment. From 0.2024.02.20.08.01.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection issue in the Linux external editor launcher. Warp expanded freedesktop … | Jun 24, 2026 |
| CVE-2026-48725 | HIGH | 8.1 | Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp allows terminal output to request access to the local system clipboard. A malicious remote … | Jun 24, 2026 |
| CVE-2026-48721 | HIGH | 8.6 | Warp is an agentic development environment. From 0.2025.10.08.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution permission-check bypass in the default unsandboxed CLI agent profile. The … | Jun 24, 2026 |
| CVE-2026-48720 | HIGH | 8.8 | Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize the decoded payload as … | Jun 24, 2026 |
| CVE-2026-48719 | HIGH | 8.0 | Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection in the prompt branch selector. A user who can publish … | Jun 24, 2026 |
| CVE-2026-48704 | HIGH | 8.8 | Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.05.06.15.42.stable_01, Warp may open executable local files through the operating system default file handler. A malicious … | Jun 24, 2026 |
| CVE-2026-48703 | HIGH | 7.8 | Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution policy bypass in Agent code search tools. The affected Grep … | Jun 24, 2026 |
| CVE-2026-44022 | MEDIUM | 5.5 | Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of … | Jun 24, 2026 |
| CVE-2026-44020 | HIGH | 7.5 | Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2.74.0, the USPTO patent XML parser … | Jun 24, 2026 |
| CVE-2026-44017 | HIGH | 7.5 | Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the EasyOCR model download functionality extracted … | Jun 24, 2026 |