Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22874
Total
1630
Critical
7150
High
7293
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-24181 | HIGH | 7.3 | NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead … | Jun 09, 2026 |
| CVE-2026-24180 | HIGH | 7.3 | NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead … | Jun 09, 2026 |
| CVE-2026-22926 | HIGH | 7.8 | Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability. | Jun 09, 2026 |
| CVE-2026-0420 | UNKNOWN | — | An improper implementation of TLS certificate validation vulnerability found in ReadyCloud client app which can allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting … | Jun 09, 2026 |
| CVE-2026-0419 | UNKNOWN | — | Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to … | Jun 09, 2026 |
| CVE-2026-0418 | UNKNOWN | — | Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system. | Jun 09, 2026 |
| CVE-2026-0417 | UNKNOWN | — | Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity. | Jun 09, 2026 |
| CVE-2026-0416 | UNKNOWN | — | Authenticated administrators connected to the local network can modify router functionality beyond what is intended through the standard management interface. | Jun 09, 2026 |
| CVE-2026-0415 | UNKNOWN | — | Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and … | Jun 09, 2026 |
| CVE-2026-0414 | UNKNOWN | — | Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and … | Jun 09, 2026 |
| CVE-2026-0413 | UNKNOWN | — | Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router … | Jun 09, 2026 |
| CVE-2026-0412 | UNKNOWN | — | Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to … | Jun 09, 2026 |
| CVE-2026-0411 | UNKNOWN | — | An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. … | Jun 09, 2026 |
| CVE-2026-0410 | UNKNOWN | — | Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality. | Jun 09, 2026 |
| CVE-2026-0409 | UNKNOWN | — | A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run … | Jun 09, 2026 |
| CVE-2026-8045 | UNKNOWN | — | CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data … | Jun 09, 2026 |
| CVE-2026-8025 | CRITICAL | 9.8 | Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in MOSK Information Technologies Ltd. CBS Platform allows SQL Injection. This issue … | Jun 09, 2026 |
| CVE-2026-49948 | HIGH | 8.1 | Mem0 versions through 0.2.8, fixed in commit ae7f406, contain a missing authorization vulnerability in the self-hosted server component where the POST /configure endpoint modifies global … | Jun 09, 2026 |
| CVE-2026-49938 | MEDIUM | 6.5 | A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access … | Jun 09, 2026 |
| CVE-2026-25089 | CRITICAL | 9.8 | A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, … | Jun 09, 2026 |
| CVE-2026-24065 | HIGH | 8.1 | Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients … | Jun 09, 2026 |
| CVE-2026-24064 | UNKNOWN | — | Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed … | Jun 09, 2026 |
| CVE-2026-10727 | HIGH | 7.2 | An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root | Jun 09, 2026 |
| CVE-2026-10523 | CRITICAL | 9.9 | An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts … | Jun 09, 2026 |
| CVE-2026-10520 | CRITICAL | 10.0 | An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code … | Jun 09, 2026 |