Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21901
Total
1562
Critical
6653
High
6999
Medium
CVE ID Severity Score Description Published
CVE-2026-53842 HIGH 7.1 OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runtime selection through CLOUDSDK_PYTHON during Gmail setup gcloud execution. … Jun 16, 2026
CVE-2026-53841 MEDIUM 6.1 OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML that preserves unsafe javascript: and data: links in generated content. Attackers can execute … Jun 16, 2026
CVE-2026-53840 HIGH 7.1 OpenClaw before 2026.5.12 contains an information disclosure vulnerability in streamable-http MCP servers that forwards operator-configured custom headers during cross-origin redirects. Attackers controlling or compromising an … Jun 16, 2026
CVE-2026-50656 HIGH 7.8 Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are … Jun 16, 2026
CVE-2026-4367 MEDIUM 5.5 A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the `xpmNextWord()` function by processing a … Jun 16, 2026
CVE-2026-48775 MEDIUM 6.8 LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). In versions 4.1.0 and prior, the … Jun 16, 2026
CVE-2026-47964 HIGH 7.8 DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … Jun 16, 2026
CVE-2026-47963 MEDIUM 5.5 DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could … Jun 16, 2026
CVE-2026-47934 MEDIUM 5.5 DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could … Jun 16, 2026
CVE-2026-47927 MEDIUM 5.5 DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could … Jun 16, 2026
CVE-2026-47749 HIGH 7.8 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. Versions prior to master-584-0a7ae07 are … Jun 16, 2026
CVE-2026-47748 MEDIUM 5.5 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. Versions prior to master-584-0a7ae07 are … Jun 16, 2026
CVE-2026-10748 UNKNOWN An authenticated user with the nx-licensing-create privilege can upload a specially crafted license file to execute arbitrary operating system commands as the Nexus process user … Jun 16, 2026
CVE-2024-39575 HIGH 7.4 update_disk_psu_baseline.sh requires password in plain text Jun 16, 2026
CVE-2026-53776 CRITICAL 9.1 Perry before 0.5.1166 contains a JWT validation vulnerability that allows remote attackers to bypass token expiration by exploiting the unconditional setting of validate_exp = false … Jun 16, 2026
CVE-2026-44932 HIGH 8.8 Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server … Jun 16, 2026
CVE-2026-42089 HIGH 8.6 Yeoman Environment provides an API to discover, create, and run generators, and to configure where and how a generator is resolved. Versions 2.9.0 through 6.0.0 … Jun 16, 2026
CVE-2026-39927 UNKNOWN Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Jun 16, 2026
CVE-2026-39926 UNKNOWN Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Jun 16, 2026
CVE-2026-24228 HIGH 7.8 NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead … Jun 16, 2026
CVE-2026-24155 HIGH 7.8 NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, … Jun 16, 2026
CVE-2026-12412 UNKNOWN Rejected reason: loading template... Jun 16, 2026
CVE-2026-12003 UNKNOWN To allow builds of Python to be run from an in-tree layout (rather than an installed file layout), the VPATH variable is defined at build … Jun 16, 2026
CVE-2026-10649 HIGH 8.6 A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a … Jun 16, 2026
CVE-2025-71261 HIGH 8.6 An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere with the TLS handshake and abuse … Jun 16, 2026