Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
21987
Total
1565
Critical
6684
High
7043
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-52859 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0565, the update_snapshot() function in src/terminal.c copies the visible terminal screen into the … | Jun 11, 2026 |
| CVE-2026-52858 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter … | Jun 11, 2026 |
| CVE-2026-48547 | HIGH | 7.3 | KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the … | Jun 11, 2026 |
| CVE-2026-47250 | MEDIUM | 6.1 | mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectl_generic tool in mcp-server-kubernetes passes user-supplied flags directly to … | Jun 11, 2026 |
| CVE-2026-47189 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and … | Jun 11, 2026 |
| CVE-2026-47188 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several … | Jun 11, 2026 |
| CVE-2026-47181 | UNKNOWN | — | PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection vulnerability in the password reset endpoint allows any authenticated user to … | Jun 11, 2026 |
| CVE-2026-47177 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings … | Jun 11, 2026 |
| CVE-2026-47176 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings … | Jun 11, 2026 |
| CVE-2026-47175 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text … | Jun 11, 2026 |
| CVE-2026-47174 | UNKNOWN | — | In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull … | Jun 11, 2026 |
| CVE-2026-47173 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a ticket … | Jun 11, 2026 |
| CVE-2026-47172 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow … | Jun 11, 2026 |
| CVE-2026-47171 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a reminder … | Jun 11, 2026 |
| CVE-2026-47170 | HIGH | 7.7 | Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the … | Jun 11, 2026 |
| CVE-2026-47169 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a user with Manage Server / ManageGuild, … | Jun 11, 2026 |
| CVE-2026-47167 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch() in the cucumber filetype plugin … | Jun 11, 2026 |
| CVE-2026-47163 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash … | Jun 11, 2026 |
| CVE-2026-47162 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave() in the netrw plugin … | Jun 11, 2026 |
| CVE-2026-46519 | HIGH | 8.8 | mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, mcp-server-kubernetes exposes three environment variables (ALLOW_ONLY_READONLY_TOOLS, ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS, ALLOWED_TOOLS) documented as … | Jun 11, 2026 |
| CVE-2026-45178 | UNKNOWN | — | Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authenticated attacker possessing standard node-level credentials could … | Jun 11, 2026 |
| CVE-2026-45177 | UNKNOWN | — | Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unauthenticated attacker could exploit this … | Jun 11, 2026 |
| CVE-2026-45176 | UNKNOWN | — | Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by … | Jun 11, 2026 |
| CVE-2026-11774 | HIGH | 7.6 | An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In sasl_io_start_packet(), adding sizeof(uint32_t) to a crafted SASL packet … | Jun 11, 2026 |
| CVE-2025-46315 | HIGH | 7.5 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user … | Jun 11, 2026 |