Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20369
Total
1466
Critical
6173
High
6472
Medium
CVE ID Severity Score Description Published
CVE-2026-50521 HIGH 8.3 Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. Jul 01, 2026
CVE-2026-14340 UNKNOWN An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scoped to a GitHub App installation to perform certain write … Jul 01, 2026
CVE-2026-58593 HIGH 7.5 NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and … Jul 01, 2026
CVE-2026-58592 HIGH 8.3 Ladybird contains a dangling-reference memory-safety flaw in its WebAssembly ESM-integration module loader. When a JavaScript function is imported into a WebAssembly module via the ESM … Jul 01, 2026
CVE-2026-58457 CRITICAL 9.8 Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by … Jul 01, 2026
CVE-2026-55688 MEDIUM 4.0 The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. In versions from 2.0.0 prior to 2.16.0 and … Jul 01, 2026
CVE-2026-54908 UNKNOWN Pion DTLS is a Go implementation of Datagram Transport Layer Security. Versions prior to 3.1.4 are vulnerable to Remote Denial of Service via panic while … Jul 01, 2026
CVE-2026-54164 MEDIUM 6.5 API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. In versions prior to 4.1.30, 4.2.26 and 4.3.12, the serializer's AbstractItemNormalizer does … Jul 01, 2026
CVE-2026-49858 MEDIUM 5.9 API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. In versions from 2.6.0 prior to 4.1.29, 4.2.26, and 4.3.12, a missing … Jul 01, 2026
CVE-2026-14363 UNKNOWN Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This … Jul 01, 2026
CVE-2026-14265 HIGH 7.5 Deserialization of untrusted data in the RemoteQueryCachePlugin in Amazon Web Services AWS Advanced JDBC Wrapper 3.3.0 through 4.0.0 might allow an actor with write access … Jul 01, 2026
CVE-2026-58517 UNKNOWN Improper neutralization of input terminators vulnerability in The Wikimedia Foundation Mediawiki - WikiLambda Extension allows Authentication Bypass. This issue affects Mediawiki - WikiLambda Extension: from … Jul 01, 2026
CVE-2026-58451 MEDIUM 6.5 Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding … Jul 01, 2026
CVE-2026-55628 MEDIUM 5.5 In versions prior to 7.1.2-26he, the `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security … Jul 01, 2026
CVE-2026-55597 MEDIUM 5.5 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a … Jul 01, 2026
CVE-2026-55595 MEDIUM 4.7 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the … Jul 01, 2026
CVE-2026-55594 MEDIUM 5.3 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the … Jul 01, 2026
CVE-2026-55577 MEDIUM 5.9 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in … Jul 01, 2026
CVE-2026-55510 MEDIUM 5.5 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a … Jul 01, 2026
CVE-2026-53492 UNKNOWN containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts Container Device Interface (CDI) annotations found … Jul 01, 2026
CVE-2026-53489 UNKNOWN containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint … Jul 01, 2026
CVE-2026-53467 MEDIUM 5.3 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible … Jul 01, 2026
CVE-2026-53466 MEDIUM 6.5 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF … Jul 01, 2026
CVE-2026-51947 UNKNOWN An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip (fixed in Pivotal CRM 6.6.5.10 and Patch_CWE502_20260316.zip) allows a remote attacker to execute arbitrary code … Jul 01, 2026
CVE-2026-50195 UNKNOWN containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails … Jul 01, 2026