Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-43859 | LOW | 3.7 | mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest. | May 04, 2026 |
| CVE-2026-29200 | UNKNOWN | — | A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator … | May 04, 2026 |
| CVE-2026-29199 | HIGH | 8.1 | phpBB before 3.3.16 is vulnerable to Host Header Injection that can lead to password rest link poisoning. When force_server_vars is disabled, the servers hostname may … | May 04, 2026 |
| CVE-2026-20451 | MEDIUM | 6.7 | In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious … | May 04, 2026 |
| CVE-2026-20450 | MEDIUM | 6.5 | In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has … | May 04, 2026 |
| CVE-2026-20449 | MEDIUM | 6.5 | In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE … | May 04, 2026 |
| CVE-2026-20448 | MEDIUM | 6.7 | In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a … | May 04, 2026 |
| CVE-2026-20447 | MEDIUM | 6.7 | In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a … | May 04, 2026 |
| CVE-2026-7735 | HIGH | 7.3 | A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. … | May 04, 2026 |
| CVE-2026-7734 | MEDIUM | 5.3 | A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefix_sid.go of the component SRv6 L3 … | May 04, 2026 |
| CVE-2026-7733 | HIGH | 7.3 | A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUpload of the file app/common/service/UploadService.php of the component Frontend Chunked Upload … | May 04, 2026 |
| CVE-2026-7732 | MEDIUM | 6.3 | A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file request_blood.php. The manipulation results in … | May 04, 2026 |
| CVE-2026-7731 | MEDIUM | 6.3 | A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. The affected element is an unknown function of the file get_state.php. The manipulation … | May 04, 2026 |
| CVE-2026-7730 | MEDIUM | 6.3 | A weakness has been identified in privsim mcp-test-runner 0.2.0. Impacted is the function child_process.spawn of the file src/index.ts of the component MCP Interface. Executing a … | May 04, 2026 |
| CVE-2026-7729 | MEDIUM | 6.3 | A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. … | May 04, 2026 |
| CVE-2026-7728 | MEDIUM | 6.3 | A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function get_doc_content/read_doc/update_doc of the component MCP Interface. Such manipulation of the argument docFile … | May 04, 2026 |
| CVE-2026-7727 | HIGH | 7.3 | A vulnerability was determined in Shandong Hoteam Software PDM Product Data Management System up to 8.3.9. This affects the function GetQueryMachineGridOnePageData of the file /Base/BaseService.asmx/DataService. … | May 04, 2026 |
| CVE-2026-7725 | MEDIUM | 6.3 | A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component … | May 04, 2026 |
| CVE-2026-7724 | MEDIUM | 5.0 | A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validate_restricted_url of the component Webhook/Notification. The manipulation … | May 04, 2026 |
| CVE-2026-7723 | HIGH | 7.3 | A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. … | May 04, 2026 |
| CVE-2026-7722 | MEDIUM | 5.3 | A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. … | May 04, 2026 |
| CVE-2026-7721 | MEDIUM | 6.3 | A security vulnerability has been detected in Totolink WA300 5.2cu.7112_B20190227. This affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument hostTime … | May 04, 2026 |
| CVE-2026-7720 | MEDIUM | 6.3 | A weakness has been identified in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request … | May 04, 2026 |
| CVE-2026-7719 | CRITICAL | 9.8 | A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST … | May 04, 2026 |
| CVE-2026-7718 | MEDIUM | 6.3 | A vulnerability was identified in Totolink WA300 5.2cu.7112_B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation … | May 04, 2026 |