Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22471
Total
1617
Critical
6868
High
7196
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-9211 | UNKNOWN | — | An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation. | Jun 09, 2026 |
| CVE-2026-9210 | UNKNOWN | — | Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and … | Jun 09, 2026 |
| CVE-2026-9076 | HIGH | 7.5 | Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap … | Jun 09, 2026 |
| CVE-2026-7383 | HIGH | 8.1 | Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: … | Jun 09, 2026 |
| CVE-2026-50508 | MEDIUM | 6.5 | Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | Jun 09, 2026 |
| CVE-2026-50507 | MEDIUM | 6.8 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | Jun 09, 2026 |
| CVE-2026-49959 | HIGH | 8.8 | Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration … | Jun 09, 2026 |
| CVE-2026-49958 | MEDIUM | 5.0 | Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function within api/workspace_git.py that allows attackers to delete files … | Jun 09, 2026 |
| CVE-2026-49957 | HIGH | 7.7 | Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return … | Jun 09, 2026 |
| CVE-2026-49956 | MEDIUM | 6.5 | Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the … | Jun 09, 2026 |
| CVE-2026-49955 | MEDIUM | 5.3 | Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options … | Jun 09, 2026 |
| CVE-2026-49848 | MEDIUM | 4.3 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-49847 | HIGH | 7.5 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-49843 | MEDIUM | 5.3 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-49842 | HIGH | 7.5 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-49841 | CRITICAL | 9.8 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-49840 | CRITICAL | 9.1 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-49475 | HIGH | 7.5 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-49472 | MEDIUM | 5.3 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-49161 | HIGH | 7.8 | Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally. | Jun 09, 2026 |
| CVE-2026-49160 | HIGH | 7.5 | Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network. | Jun 09, 2026 |
| CVE-2026-48583 | HIGH | 7.8 | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-48578 | HIGH | 7.9 | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | Jun 09, 2026 |
| CVE-2026-48576 | HIGH | 7.9 | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | Jun 09, 2026 |
| CVE-2026-48575 | HIGH | 7.9 | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | Jun 09, 2026 |