Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22971
Total
1632
Critical
7220
High
7324
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-6899 | MEDIUM | 5.6 | Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of … | Jun 09, 2026 |
| CVE-2026-49818 | MEDIUM | 6.5 | The Apache Airflow Samba provider's `GCSToSambaOperator` joined GCS object names to the SMB destination path without a containment check, so an object named with `../` … | Jun 09, 2026 |
| CVE-2026-46315 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: clear waitid info before copying it to userspace IORING_OP_WAITID stores its result fields in … | Jun 09, 2026 |
| CVE-2026-34905 | MEDIUM | 6.5 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not … | Jun 09, 2026 |
| CVE-2026-34033 | MEDIUM | 5.4 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. User-supplied content … | Jun 09, 2026 |
| CVE-2026-34031 | MEDIUM | 6.5 | Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied … | Jun 09, 2026 |
| CVE-2026-33582 | MEDIUM | 6.5 | Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive … | Jun 09, 2026 |
| CVE-2026-28262 | MEDIUM | 6.0 | Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access … | Jun 09, 2026 |
| CVE-2026-25699 | MEDIUM | 6.1 | Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization … | Jun 09, 2026 |
| CVE-2026-25688 | MEDIUM | 6.1 | Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. AI-generated response content was rendered in the browser … | Jun 09, 2026 |
| CVE-2026-11616 | HIGH | 8.8 | The Events Calendar for GeoDirectory plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 2.3.28. This is due to the … | Jun 09, 2026 |
| CVE-2009-10007 | CRITICAL | 9.1 | Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that … | Jun 09, 2026 |
| CVE-2026-9698 | CRITICAL | 9.8 | DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were … | Jun 09, 2026 |
| CVE-2026-5068 | HIGH | 7.6 | A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP LE CoC SDU reassembly. When the application enables … | Jun 09, 2026 |
| CVE-2026-44083 | UNKNOWN | — | An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges. … | Jun 09, 2026 |
| CVE-2026-41986 | LOW | 2.4 | Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability. | Jun 09, 2026 |
| CVE-2026-41985 | MEDIUM | 5.1 | UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity. | Jun 09, 2026 |
| CVE-2026-41984 | MEDIUM | 5.2 | UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity. | Jun 09, 2026 |
| CVE-2026-41983 | MEDIUM | 4.3 | DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability. | Jun 09, 2026 |
| CVE-2026-41982 | MEDIUM | 6.4 | Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability. | Jun 09, 2026 |
| CVE-2026-41981 | MEDIUM | 5.3 | Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability. | Jun 09, 2026 |
| CVE-2026-41977 | MEDIUM | 5.0 | DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability. | Jun 09, 2026 |
| CVE-2026-41976 | MEDIUM | 6.6 | Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | Jun 09, 2026 |
| CVE-2026-41974 | LOW | 3.6 | Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability. | Jun 09, 2026 |
| CVE-2026-41973 | MEDIUM | 5.9 | Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability. | Jun 09, 2026 |