Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22193
Total
1583
Critical
6780
High
7106
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-45802 | UNKNOWN | — | FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. Prior to version … | Jun 11, 2026 |
| CVE-2026-45175 | UNKNOWN | — | Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in … | Jun 11, 2026 |
| CVE-2026-12038 | UNKNOWN | — | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this … | Jun 11, 2026 |
| CVE-2026-53702 | MEDIUM | 6.5 | A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library (gst-plugins-bad). When parsing a buffering period SEI message, the parser uses … | Jun 11, 2026 |
| CVE-2026-53701 | MEDIUM | 6.5 | An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gst_h266_parser_parse_picture_partition() (gsth266parser.c), the loop iterates … | Jun 11, 2026 |
| CVE-2026-52860 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current … | Jun 11, 2026 |
| CVE-2026-52859 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0565, the update_snapshot() function in src/terminal.c copies the visible terminal screen into the … | Jun 11, 2026 |
| CVE-2026-52858 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter … | Jun 11, 2026 |
| CVE-2026-48547 | HIGH | 7.3 | KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the … | Jun 11, 2026 |
| CVE-2026-47250 | MEDIUM | 6.1 | mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectl_generic tool in mcp-server-kubernetes passes user-supplied flags directly to … | Jun 11, 2026 |
| CVE-2026-47189 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and … | Jun 11, 2026 |
| CVE-2026-47188 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several … | Jun 11, 2026 |
| CVE-2026-47181 | UNKNOWN | — | PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection vulnerability in the password reset endpoint allows any authenticated user to … | Jun 11, 2026 |
| CVE-2026-47177 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings … | Jun 11, 2026 |
| CVE-2026-47176 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings … | Jun 11, 2026 |
| CVE-2026-47175 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text … | Jun 11, 2026 |
| CVE-2026-47174 | UNKNOWN | — | In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull … | Jun 11, 2026 |
| CVE-2026-47173 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a ticket … | Jun 11, 2026 |
| CVE-2026-47172 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow … | Jun 11, 2026 |
| CVE-2026-47171 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a reminder … | Jun 11, 2026 |
| CVE-2026-47170 | HIGH | 7.7 | Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the … | Jun 11, 2026 |
| CVE-2026-47169 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a user with Manage Server / ManageGuild, … | Jun 11, 2026 |
| CVE-2026-47167 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch() in the cucumber filetype plugin … | Jun 11, 2026 |
| CVE-2026-47163 | UNKNOWN | — | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash … | Jun 11, 2026 |
| CVE-2026-47162 | UNKNOWN | — | Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave() in the netrw plugin … | Jun 11, 2026 |