Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22332
Total
1596
Critical
6832
High
7160
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-46522 | HIGH | 7.5 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in … | Jun 10, 2026 |
| CVE-2026-46520 | HIGH | 7.5 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different … | Jun 10, 2026 |
| CVE-2026-45783 | HIGH | 7.5 | libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 16.2.6, an unauthenticated remote peer can exhaust the disk storage of any @libp2p/kad-dht … | Jun 10, 2026 |
| CVE-2026-45664 | MEDIUM | 5.3 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in … | Jun 10, 2026 |
| CVE-2026-45624 | MEDIUM | 5.1 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an … | Jun 10, 2026 |
| CVE-2026-45384 | MEDIUM | 6.1 | bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability … | Jun 10, 2026 |
| CVE-2026-45380 | LOW | 3.6 | bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink() allows … | Jun 10, 2026 |
| CVE-2026-45359 | MEDIUM | 5.7 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result … | Jun 10, 2026 |
| CVE-2026-45358 | MEDIUM | 5.3 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the … | Jun 10, 2026 |
| CVE-2026-45031 | MEDIUM | 5.3 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in … | Jun 10, 2026 |
| CVE-2026-44692 | HIGH | 7.7 | Sharp is a content management framework built for Laravel as a package. Prior to version 9.22.0, Sharp exposes a generic download endpoint that authorizes access … | Jun 10, 2026 |
| CVE-2026-42542 | HIGH | 7.5 | TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the … | Jun 10, 2026 |
| CVE-2026-42462 | HIGH | 7.0 | Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.9.11, 1.10.10, 2.0.18, 2.1.14, and 2.2.3, an attacker can … | Jun 10, 2026 |
| CVE-2026-42326 | MEDIUM | 5.1 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file … | Jun 10, 2026 |
| CVE-2026-2049 | HIGH | 7.8 | GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. … | Jun 10, 2026 |
| CVE-2026-11604 | UNKNOWN | — | An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a … | Jun 10, 2026 |
| CVE-2026-10143 | HIGH | 7.5 | kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop … | Jun 10, 2026 |
| CVE-2026-10142 | HIGH | 7.5 | kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang … | Jun 10, 2026 |
| CVE-2026-0274 | UNKNOWN | — | An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected … | Jun 10, 2026 |
| CVE-2026-0273 | UNKNOWN | — | A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root … | Jun 10, 2026 |
| CVE-2026-0272 | UNKNOWN | — | A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions … | Jun 10, 2026 |
| CVE-2026-0271 | UNKNOWN | — | A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with … | Jun 10, 2026 |
| CVE-2026-0270 | UNKNOWN | — | A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the … | Jun 10, 2026 |
| CVE-2026-0269 | UNKNOWN | — | A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using … | Jun 10, 2026 |
| CVE-2026-0268 | UNKNOWN | — | A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel. This does … | Jun 10, 2026 |