Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22332
Total
1596
Critical
6832
High
7160
Medium
CVE ID Severity Score Description Published
CVE-2026-50545 CRITICAL 9.9 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Environment.spec.runtime.podSpec / spec.builder.podSpec … Jun 10, 2026
CVE-2026-49824 HIGH 8.5 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Fission Function admission … Jun 10, 2026
CVE-2026-49823 HIGH 7.7 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec … Jun 10, 2026
CVE-2026-49822 HIGH 7.7 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a low-privilege developer who … Jun 10, 2026
CVE-2026-49821 HIGH 7.7 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's buildermgr controller processed … Jun 10, 2026
CVE-2026-48556 UNKNOWN Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Jun 10, 2026
CVE-2026-46642 MEDIUM 6.1 draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when … Jun 10, 2026
CVE-2026-46618 UNKNOWN Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security … Jun 10, 2026
CVE-2026-46617 UNKNOWN Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, Fission runtime pods were … Jun 10, 2026
CVE-2026-46614 CRITICAL 9.8 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission router registers … Jun 10, 2026
CVE-2026-46612 HIGH 8.8 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission storagesvc component … Jun 10, 2026
CVE-2026-45062 HIGH 8.1 FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos() function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when … Jun 10, 2026
CVE-2026-20260 MEDIUM 4.3 In Splunk SOAR (Security Orchestration, Automation, and Response) versions below 8.5.0, an unauthenticated attacker could inject American National Standards Institute (ANSI) escape codes into SOAR … Jun 10, 2026
CVE-2026-20259 MEDIUM 5.5 In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15, 10.1.2507.23, 10.0.2503.14, and 9.3.2411.131, a user who holds … Jun 10, 2026
CVE-2026-20258 HIGH 7.1 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that … Jun 10, 2026
CVE-2026-20257 MEDIUM 5.7 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that … Jun 10, 2026
CVE-2026-20256 MEDIUM 5.7 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that … Jun 10, 2026
CVE-2026-20255 MEDIUM 5.7 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that … Jun 10, 2026
CVE-2026-20254 MEDIUM 5.7 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that … Jun 10, 2026
CVE-2026-20253 CRITICAL 9.8 In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary … Jun 10, 2026
CVE-2026-20252 HIGH 7.6 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user … Jun 10, 2026
CVE-2026-20251 HIGH 8.8 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions … Jun 10, 2026
CVE-2026-11596 MEDIUM 4.7 In ScreenConnect™ versions prior to 26.2, input validation within the Host Pass creation functionality could allow an authenticated user with Host Pass creation privileges the … Jun 10, 2026
CVE-2026-11417 HIGH 7.3 OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 (2.246.0 on Windows) might allow an actor who controls the value of … Jun 10, 2026
CVE-2026-46616 MEDIUM 5.4 Umbraco is an ASP.NET CMS. Prior to versions 13.14.0 and 17.4.0, some of the Surface Controllers in the CMS provide to support member related operations … Jun 10, 2026