Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22332
Total
1596
Critical
6832
High
7160
Medium
CVE ID Severity Score Description Published
CVE-2026-0267 UNKNOWN An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, … Jun 10, 2026
CVE-2026-0266 UNKNOWN A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. … Jun 10, 2026
CVE-2022-48575 LOW 3.5 A person with access to a Mac may be able to bypass Login Window. A consistency issue was addressed with improved state handling. This issue … Jun 10, 2026
CVE-2022-26758 HIGH 7.1 A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is … Jun 10, 2026
CVE-2026-6893 HIGH 8.8 A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration … Jun 10, 2026
CVE-2026-50127 MEDIUM 5.9 Weblate is a web based localization tool. From version 5.15 to before version 2026.6, Weblate's VCS_RESTRICT_PRIVATE did not properly account for some transitional IPv6 ranges, … Jun 10, 2026
CVE-2026-46683 UNKNOWN Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a … Jun 10, 2026
CVE-2026-46643 UNKNOWN Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.1, on POSIX, escapeshellarg(‘/usr/bin/wkhtmltopdf’) … Jun 10, 2026
CVE-2026-46529 UNKNOWN Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to … Jun 10, 2026
CVE-2026-45106 MEDIUM 4.6 Weblate is a web based localization tool. Prior to version 2026.5, Weblate's live search preview renders unit source and context as HTML without escaping. Any … Jun 10, 2026
CVE-2026-1220 HIGH 7.5 Race in V8 in Google Chrome prior to 144.0.7559.99 allowed a remote attacker to potentially exploit type confusion via a crafted HTML page. (Chromium security … Jun 10, 2026
CVE-2026-50639 MEDIUM 6.5 Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions such as dogstatsd) allow mutiple metrics,separated by newlines, … Jun 10, 2026
CVE-2026-50638 UNKNOWN Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions such as dogstatsd) allow mutiple metrics,separated by newlines, … Jun 10, 2026
CVE-2026-50637 UNKNOWN Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions) allow mutiple metrics,separated by newlines, to be sent … Jun 10, 2026
CVE-2026-11626 UNKNOWN CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker … Jun 10, 2026
CVE-2026-10740 MEDIUM 5.3 Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service (degraded … Jun 10, 2026
CVE-2026-9151 UNKNOWN An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability … Jun 10, 2026
CVE-2026-50570 HIGH 8.5 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety … Jun 10, 2026
CVE-2026-50569 MEDIUM 4.3 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, HTTPTriggerSpec.Validate() validated Methods, FunctionReference, … Jun 10, 2026
CVE-2026-50568 LOW 3.6 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated … Jun 10, 2026
CVE-2026-50567 HIGH 7.7 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go joined … Jun 10, 2026
CVE-2026-50566 CRITICAL 9.9 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io … Jun 10, 2026
CVE-2026-50565 MEDIUM 4.9 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission builder pods were … Jun 10, 2026
CVE-2026-50564 CRITICAL 9.9 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD exposes … Jun 10, 2026
CVE-2026-50563 CRITICAL 9.9 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Container Executor path … Jun 10, 2026