Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22471
Total
1617
Critical
6868
High
7196
Medium
CVE ID Severity Score Description Published
CVE-2026-9211 UNKNOWN An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation. Jun 09, 2026
CVE-2026-9210 UNKNOWN Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and … Jun 09, 2026
CVE-2026-9076 HIGH 7.5 Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap … Jun 09, 2026
CVE-2026-7383 HIGH 8.1 Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: … Jun 09, 2026
CVE-2026-50508 MEDIUM 6.5 Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-50507 MEDIUM 6.8 Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. Jun 09, 2026
CVE-2026-49959 HIGH 8.8 Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration … Jun 09, 2026
CVE-2026-49958 MEDIUM 5.0 Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function within api/workspace_git.py that allows attackers to delete files … Jun 09, 2026
CVE-2026-49957 HIGH 7.7 Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return … Jun 09, 2026
CVE-2026-49956 MEDIUM 6.5 Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the … Jun 09, 2026
CVE-2026-49955 MEDIUM 5.3 Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options … Jun 09, 2026
CVE-2026-49848 MEDIUM 4.3 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49847 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49843 MEDIUM 5.3 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49842 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49841 CRITICAL 9.8 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49840 CRITICAL 9.1 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49475 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49472 MEDIUM 5.3 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49161 HIGH 7.8 Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally. Jun 09, 2026
CVE-2026-49160 HIGH 7.5 Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network. Jun 09, 2026
CVE-2026-48583 HIGH 7.8 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-48578 HIGH 7.9 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. Jun 09, 2026
CVE-2026-48576 HIGH 7.9 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. Jun 09, 2026
CVE-2026-48575 HIGH 7.9 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. Jun 09, 2026