Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21987
Total
1565
Critical
6684
High
7043
Medium
CVE ID Severity Score Description Published
CVE-2026-52859 UNKNOWN Vim is an open source, command line text editor. Prior to version 9.2.0565, the update_snapshot() function in src/terminal.c copies the visible terminal screen into the … Jun 11, 2026
CVE-2026-52858 UNKNOWN Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter … Jun 11, 2026
CVE-2026-48547 HIGH 7.3 KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the … Jun 11, 2026
CVE-2026-47250 MEDIUM 6.1 mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectl_generic tool in mcp-server-kubernetes passes user-supplied flags directly to … Jun 11, 2026
CVE-2026-47189 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and … Jun 11, 2026
CVE-2026-47188 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several … Jun 11, 2026
CVE-2026-47181 UNKNOWN PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection vulnerability in the password reset endpoint allows any authenticated user to … Jun 11, 2026
CVE-2026-47177 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings … Jun 11, 2026
CVE-2026-47176 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings … Jun 11, 2026
CVE-2026-47175 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text … Jun 11, 2026
CVE-2026-47174 UNKNOWN In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull … Jun 11, 2026
CVE-2026-47173 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a ticket … Jun 11, 2026
CVE-2026-47172 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow … Jun 11, 2026
CVE-2026-47171 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a reminder … Jun 11, 2026
CVE-2026-47170 HIGH 7.7 Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the … Jun 11, 2026
CVE-2026-47169 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a user with Manage Server / ManageGuild, … Jun 11, 2026
CVE-2026-47167 UNKNOWN Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch() in the cucumber filetype plugin … Jun 11, 2026
CVE-2026-47163 UNKNOWN Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash … Jun 11, 2026
CVE-2026-47162 UNKNOWN Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave() in the netrw plugin … Jun 11, 2026
CVE-2026-46519 HIGH 8.8 mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, mcp-server-kubernetes exposes three environment variables (ALLOW_ONLY_READONLY_TOOLS, ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS, ALLOWED_TOOLS) documented as … Jun 11, 2026
CVE-2026-45178 UNKNOWN Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authenticated attacker possessing standard node-level credentials could … Jun 11, 2026
CVE-2026-45177 UNKNOWN Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unauthenticated attacker could exploit this … Jun 11, 2026
CVE-2026-45176 UNKNOWN Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by … Jun 11, 2026
CVE-2026-11774 HIGH 7.6 An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In sasl_io_start_packet(), adding sizeof(uint32_t) to a crafted SASL packet … Jun 11, 2026
CVE-2025-46315 HIGH 7.5 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user … Jun 11, 2026