Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22832
Total
1629
Critical
7118
High
7284
Medium
CVE ID Severity Score Description Published
CVE-2026-34697 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … Jun 09, 2026
CVE-2026-34696 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context … Jun 09, 2026
CVE-2026-34695 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … Jun 09, 2026
CVE-2026-34694 MEDIUM 5.9 Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by … Jun 09, 2026
CVE-2026-34693 HIGH 8.0 Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this … Jun 09, 2026
CVE-2026-34691 CRITICAL 9.3 Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by … Jun 09, 2026
CVE-2026-28237 UNKNOWN Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability. Jun 09, 2026
CVE-2026-0466 UNKNOWN Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash … Jun 09, 2026
CVE-2025-54509 UNKNOWN Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD … Jun 09, 2026
CVE-2026-9213 UNKNOWN A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to … Jun 09, 2026
CVE-2026-9212 UNKNOWN Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting product's confidentiality or change … Jun 09, 2026
CVE-2026-9211 UNKNOWN An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation. Jun 09, 2026
CVE-2026-9210 UNKNOWN Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and … Jun 09, 2026
CVE-2026-9076 HIGH 7.5 Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap … Jun 09, 2026
CVE-2026-7383 HIGH 8.1 Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: … Jun 09, 2026
CVE-2026-50508 MEDIUM 6.5 Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-50507 MEDIUM 6.8 Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. Jun 09, 2026
CVE-2026-49959 HIGH 8.8 Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration … Jun 09, 2026
CVE-2026-49958 MEDIUM 5.0 Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function within api/workspace_git.py that allows attackers to delete files … Jun 09, 2026
CVE-2026-49957 HIGH 7.7 Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return … Jun 09, 2026
CVE-2026-49956 MEDIUM 6.5 Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the … Jun 09, 2026
CVE-2026-49955 MEDIUM 5.3 Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options … Jun 09, 2026
CVE-2026-49848 MEDIUM 4.3 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49847 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-49843 MEDIUM 5.3 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026