Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22332
Total
1596
Critical
6832
High
7160
Medium
CVE ID Severity Score Description Published
CVE-2026-46522 HIGH 7.5 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in … Jun 10, 2026
CVE-2026-46520 HIGH 7.5 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different … Jun 10, 2026
CVE-2026-45783 HIGH 7.5 libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 16.2.6, an unauthenticated remote peer can exhaust the disk storage of any @libp2p/kad-dht … Jun 10, 2026
CVE-2026-45664 MEDIUM 5.3 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in … Jun 10, 2026
CVE-2026-45624 MEDIUM 5.1 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an … Jun 10, 2026
CVE-2026-45384 MEDIUM 6.1 bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability … Jun 10, 2026
CVE-2026-45380 LOW 3.6 bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink() allows … Jun 10, 2026
CVE-2026-45359 MEDIUM 5.7 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result … Jun 10, 2026
CVE-2026-45358 MEDIUM 5.3 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the … Jun 10, 2026
CVE-2026-45031 MEDIUM 5.3 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in … Jun 10, 2026
CVE-2026-44692 HIGH 7.7 Sharp is a content management framework built for Laravel as a package. Prior to version 9.22.0, Sharp exposes a generic download endpoint that authorizes access … Jun 10, 2026
CVE-2026-42542 HIGH 7.5 TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the … Jun 10, 2026
CVE-2026-42462 HIGH 7.0 Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.9.11, 1.10.10, 2.0.18, 2.1.14, and 2.2.3, an attacker can … Jun 10, 2026
CVE-2026-42326 MEDIUM 5.1 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file … Jun 10, 2026
CVE-2026-2049 HIGH 7.8 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. … Jun 10, 2026
CVE-2026-11604 UNKNOWN An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a … Jun 10, 2026
CVE-2026-10143 HIGH 7.5 kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop … Jun 10, 2026
CVE-2026-10142 HIGH 7.5 kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang … Jun 10, 2026
CVE-2026-0274 UNKNOWN An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected … Jun 10, 2026
CVE-2026-0273 UNKNOWN A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root … Jun 10, 2026
CVE-2026-0272 UNKNOWN A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions … Jun 10, 2026
CVE-2026-0271 UNKNOWN A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with … Jun 10, 2026
CVE-2026-0270 UNKNOWN A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the … Jun 10, 2026
CVE-2026-0269 UNKNOWN A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using … Jun 10, 2026
CVE-2026-0268 UNKNOWN A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel. This does … Jun 10, 2026