Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22332
Total
1596
Critical
6832
High
7160
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-0267 | UNKNOWN | — | An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, … | Jun 10, 2026 |
| CVE-2026-0266 | UNKNOWN | — | A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. … | Jun 10, 2026 |
| CVE-2022-48575 | LOW | 3.5 | A person with access to a Mac may be able to bypass Login Window. A consistency issue was addressed with improved state handling. This issue … | Jun 10, 2026 |
| CVE-2022-26758 | HIGH | 7.1 | A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is … | Jun 10, 2026 |
| CVE-2026-6893 | HIGH | 8.8 | A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration … | Jun 10, 2026 |
| CVE-2026-50127 | MEDIUM | 5.9 | Weblate is a web based localization tool. From version 5.15 to before version 2026.6, Weblate's VCS_RESTRICT_PRIVATE did not properly account for some transitional IPv6 ranges, … | Jun 10, 2026 |
| CVE-2026-46683 | UNKNOWN | — | Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a … | Jun 10, 2026 |
| CVE-2026-46643 | UNKNOWN | — | Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.1, on POSIX, escapeshellarg(‘/usr/bin/wkhtmltopdf’) … | Jun 10, 2026 |
| CVE-2026-46529 | UNKNOWN | — | Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to … | Jun 10, 2026 |
| CVE-2026-45106 | MEDIUM | 4.6 | Weblate is a web based localization tool. Prior to version 2026.5, Weblate's live search preview renders unit source and context as HTML without escaping. Any … | Jun 10, 2026 |
| CVE-2026-1220 | HIGH | 7.5 | Race in V8 in Google Chrome prior to 144.0.7559.99 allowed a remote attacker to potentially exploit type confusion via a crafted HTML page. (Chromium security … | Jun 10, 2026 |
| CVE-2026-50639 | MEDIUM | 6.5 | Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions such as dogstatsd) allow mutiple metrics,separated by newlines, … | Jun 10, 2026 |
| CVE-2026-50638 | UNKNOWN | — | Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions such as dogstatsd) allow mutiple metrics,separated by newlines, … | Jun 10, 2026 |
| CVE-2026-50637 | UNKNOWN | — | Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions) allow mutiple metrics,separated by newlines, to be sent … | Jun 10, 2026 |
| CVE-2026-11626 | UNKNOWN | — | CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker … | Jun 10, 2026 |
| CVE-2026-10740 | MEDIUM | 5.3 | Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service (degraded … | Jun 10, 2026 |
| CVE-2026-9151 | UNKNOWN | — | An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability … | Jun 10, 2026 |
| CVE-2026-50570 | HIGH | 8.5 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety … | Jun 10, 2026 |
| CVE-2026-50569 | MEDIUM | 4.3 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, HTTPTriggerSpec.Validate() validated Methods, FunctionReference, … | Jun 10, 2026 |
| CVE-2026-50568 | LOW | 3.6 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated … | Jun 10, 2026 |
| CVE-2026-50567 | HIGH | 7.7 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go joined … | Jun 10, 2026 |
| CVE-2026-50566 | CRITICAL | 9.9 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io … | Jun 10, 2026 |
| CVE-2026-50565 | MEDIUM | 4.9 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission builder pods were … | Jun 10, 2026 |
| CVE-2026-50564 | CRITICAL | 9.9 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD exposes … | Jun 10, 2026 |
| CVE-2026-50563 | CRITICAL | 9.9 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Container Executor path … | Jun 10, 2026 |