Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21632
Total
1549
Critical
6586
High
6915
Medium
CVE ID Severity Score Description Published
CVE-2026-45135 HIGH 8.1 Caddy is an extensible server platform that uses TLS by default. From 2.7.0 until 2.11.3, the FastCGI transport's splitPos() in modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go misuses golang.org/x/text/search with search.IgnoreCase … Jun 23, 2026
CVE-2026-44726 HIGH 7.4 Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tls compatibility layer could cause a TLS client … Jun 23, 2026
CVE-2026-0864 UNKNOWN When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with … Jun 23, 2026
CVE-2025-71382 MEDIUM 6.5 MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by … Jun 23, 2026
CVE-2025-61029 HIGH 7.5 An issue in the sqlo_untry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Jun 23, 2026
CVE-2025-61024 HIGH 7.5 An issue in the sqlo_try_in_loop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Jun 23, 2026
CVE-2020-9713 MEDIUM 5.5 Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could … Jun 23, 2026
CVE-2020-9711 MEDIUM 5.5 Acrobat Reader versions 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An … Jun 23, 2026
CVE-2020-9695 HIGH 7.8 Acrobat Reader versions 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the … Jun 23, 2026
CVE-2026-56968 LOW 3.7 GNU SASL before 2.2.4 lacks sanitization of a short challenge in _gsasl_ntlm_client_step in the NTLM client, which could result in memory disclosure via a crafted … Jun 23, 2026
CVE-2026-56117 MEDIUM 4.7 dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to … Jun 23, 2026
CVE-2026-56116 MEDIUM 6.5 dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link … Jun 23, 2026
CVE-2026-56115 MEDIUM 5.3 dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6_makemessage() in src/dhcp6.c that allows unauthenticated same-link attackers to write … Jun 23, 2026
CVE-2026-56114 MEDIUM 5.3 dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6_makemessage() in src/dhcp6.c that allows unauthenticated same-link attackers to write … Jun 23, 2026
CVE-2026-56113 MEDIUM 5.3 dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted … Jun 23, 2026
CVE-2026-55450 CRITICAL 9.3 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the … Jun 23, 2026
CVE-2026-55447 CRITICAL 9.6 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, … Jun 23, 2026
CVE-2026-55446 HIGH 7.5 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.0.19, an attacker can send a /api/v1/files/upload/ request without any authentication … Jun 23, 2026
CVE-2026-55423 MEDIUM 6.1 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.7.0, the logout button does not clear the session. The previous … Jun 23, 2026
CVE-2026-55255 CRITICAL 9.9 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference (IDOR) vulnerability in /api/v1/responses endpoint … Jun 23, 2026
CVE-2026-54308 UNKNOWN n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent365Trigger and StripeTrigger node did not validate that inbound requests. As … Jun 23, 2026
CVE-2026-54307 UNKNOWN n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could … Jun 23, 2026
CVE-2026-54306 UNKNOWN n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, a prototype pollution vulnerability allowed a crafted public webhook payload to inject … Jun 23, 2026
CVE-2026-54305 UNKNOWN n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, three EE endpoints used by the Dynamic Credentials feature accepted any … Jun 23, 2026
CVE-2026-54304 UNKNOWN n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.1, an authenticated user with permission to create or modify workflows and … Jun 23, 2026