Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-31424 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Weiming Shi says: xt_match and xt_target structs registered … | Apr 13, 2026 |
| CVE-2026-31423 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() m2sm() converts a u32 slope to a u64 scaled … | Apr 13, 2026 |
| CVE-2026-31422 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_flow: fix NULL pointer dereference on shared blocks flow_change() calls tcf_block_q() and dereferences q->handle … | Apr 13, 2026 |
| CVE-2026-31421 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The old-method path in fw_classify() calls … | Apr 13, 2026 |
| CVE-2026-31420 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic br_mrp_start_test() and br_mrp_start_in_test() accept the … | Apr 13, 2026 |
| CVE-2026-31419 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast() reuses the original skb for the last slave … | Apr 13, 2026 |
| CVE-2026-31418 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in … | Apr 13, 2026 |
| CVE-2026-31417 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not … | Apr 13, 2026 |
| CVE-2026-31416 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: account for netlink header size This is a followup to an old bug … | Apr 13, 2026 |
| CVE-2026-31415 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_datagram_send_ctl() Yiming Qian reported : <quote> I believe I found a … | Apr 13, 2026 |
| CVE-2026-31414 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: use expect->helper Use expect->helper in ctnetlink and /proc to dump the helper name. … | Apr 13, 2026 |
| CVE-2026-36923 | LOW | 2.7 | Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/bookings/view_booking.php. | Apr 13, 2026 |
| CVE-2026-36922 | LOW | 2.7 | Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/view_category.php. | Apr 13, 2026 |
| CVE-2026-36920 | LOW | 2.7 | Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php. | Apr 13, 2026 |
| CVE-2026-36919 | LOW | 2.7 | Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php. | Apr 13, 2026 |
| CVE-2026-36874 | LOW | 2.7 | Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_student.php. | Apr 13, 2026 |
| CVE-2026-36873 | LOW | 2.7 | Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_admin.php. | Apr 13, 2026 |
| CVE-2026-36872 | LOW | 2.7 | Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_book.php. | Apr 13, 2026 |
| CVE-2026-34476 | HIGH | 7.1 | Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version … | Apr 13, 2026 |
| CVE-2026-6204 | UNKNOWN | — | LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation … | Apr 13, 2026 |
| CVE-2026-2728 | UNKNOWN | — | LibreNMS versions before 26.3.0 are affected by an authenticated Cross-site Scripting vulnerability on the showconfig page. Successful exploitation requires administrative privileges. Exploitation could result in … | Apr 13, 2026 |
| CVE-2026-35565 | MEDIUM | 5.4 | Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interpolates topology metadata … | Apr 13, 2026 |
| CVE-2026-35337 | HIGH | 8.8 | Deserialization of Untrusted Data vulnerability in Apache Storm. Versions Affected: before 2.8.6. Description: When processing topology credentials submitted via the Nimbus Thrift API, Storm deserializes … | Apr 13, 2026 |
| CVE-2025-15632 | LOW | 3.5 | A vulnerability has been found in 1Panel-dev MaxKB up to 2.4.2. Impacted is an unknown function of the file ui/src/chat.ts of the component MdPreview. Such … | Apr 13, 2026 |
| CVE-2026-4810 | UNKNOWN | — | A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit (ADK) versions 1.7.0 (and 2.0.0a1) through 1.28.1 (and 2.0.0a2) on Python (OSS), Cloud … | Apr 13, 2026 |