Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21901
Total
1562
Critical
6653
High
6999
Medium
CVE ID Severity Score Description Published
CVE-2026-11941 MEDIUM 5.6 Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The “quiche_connection_id_iter_next” and “quiche_conn_retired_scid_next” functions would return a pointer to … Jun 19, 2026
CVE-2026-48777 UNKNOWN FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in … Jun 16, 2026
CVE-2026-47750 HIGH 7.8 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, … Jun 16, 2026
CVE-2026-47747 HIGH 7.8 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, … Jun 16, 2026
CVE-2026-46448 MEDIUM 5.4 In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation. Jun 16, 2026
CVE-2026-22313 CRITICAL 9.1 The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability … Jun 16, 2026
CVE-2026-22312 HIGH 8.6 The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to … Jun 16, 2026
CVE-2026-12425 UNKNOWN Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting (XSS). This issue affects … Jun 16, 2026
CVE-2026-12117 UNKNOWN Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault member to enumerate social login entry metadata to … Jun 16, 2026
CVE-2026-12105 UNKNOWN Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplication with inherited permissions. Jun 16, 2026
CVE-2026-11890 UNKNOWN Improper access control in PAM account discovery results in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve account discovery scan results. Jun 16, 2026
CVE-2026-10303 HIGH 7.4 In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being used … Jun 16, 2026
CVE-2026-0165 UNKNOWN In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote … Jun 16, 2026
CVE-2026-0164 UNKNOWN In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no … Jun 16, 2026
CVE-2026-0162 UNKNOWN In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution … Jun 16, 2026
CVE-2026-0161 UNKNOWN In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege … Jun 16, 2026
CVE-2026-0160 UNKNOWN In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution … Jun 16, 2026
CVE-2026-0158 UNKNOWN In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with … Jun 16, 2026
CVE-2026-0157 UNKNOWN In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution … Jun 16, 2026
CVE-2026-0156 UNKNOWN In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service … Jun 16, 2026
CVE-2026-0155 UNKNOWN In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution … Jun 16, 2026
CVE-2026-0154 UNKNOWN In Modem, there is a possible way to trigger a modem crash during a SIP REFER request due to memory corruption. This could lead to … Jun 16, 2026
CVE-2026-0153 UNKNOWN In Write of msg_to_host_buffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of … Jun 16, 2026
CVE-2026-0152 UNKNOWN In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds … Jun 16, 2026
CVE-2026-0151 UNKNOWN In IntfGraphCreate of intfgraph.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with … Jun 16, 2026