Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22971
Total
1632
Critical
7220
High
7324
Medium
CVE ID Severity Score Description Published
CVE-2026-6899 MEDIUM 5.6 Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of … Jun 09, 2026
CVE-2026-49818 MEDIUM 6.5 The Apache Airflow Samba provider's `GCSToSambaOperator` joined GCS object names to the SMB destination path without a containment check, so an object named with `../` … Jun 09, 2026
CVE-2026-46315 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: clear waitid info before copying it to userspace IORING_OP_WAITID stores its result fields in … Jun 09, 2026
CVE-2026-34905 MEDIUM 6.5 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not … Jun 09, 2026
CVE-2026-34033 MEDIUM 5.4 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. User-supplied content … Jun 09, 2026
CVE-2026-34031 MEDIUM 6.5 Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied … Jun 09, 2026
CVE-2026-33582 MEDIUM 6.5 Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive … Jun 09, 2026
CVE-2026-28262 MEDIUM 6.0 Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access … Jun 09, 2026
CVE-2026-25699 MEDIUM 6.1 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization … Jun 09, 2026
CVE-2026-25688 MEDIUM 6.1 Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. AI-generated response content was rendered in the browser … Jun 09, 2026
CVE-2026-11616 HIGH 8.8 The Events Calendar for GeoDirectory plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 2.3.28. This is due to the … Jun 09, 2026
CVE-2009-10007 CRITICAL 9.1 Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that … Jun 09, 2026
CVE-2026-9698 CRITICAL 9.8 DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were … Jun 09, 2026
CVE-2026-5068 HIGH 7.6 A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP LE CoC SDU reassembly. When the application enables … Jun 09, 2026
CVE-2026-44083 UNKNOWN An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges. … Jun 09, 2026
CVE-2026-41986 LOW 2.4 Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability. Jun 09, 2026
CVE-2026-41985 MEDIUM 5.1 UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity. Jun 09, 2026
CVE-2026-41984 MEDIUM 5.2 UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity. Jun 09, 2026
CVE-2026-41983 MEDIUM 4.3 DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability. Jun 09, 2026
CVE-2026-41982 MEDIUM 6.4 Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability. Jun 09, 2026
CVE-2026-41981 MEDIUM 5.3 Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability. Jun 09, 2026
CVE-2026-41977 MEDIUM 5.0 DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability. Jun 09, 2026
CVE-2026-41976 MEDIUM 6.6 Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality. Jun 09, 2026
CVE-2026-41974 LOW 3.6 Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability. Jun 09, 2026
CVE-2026-41973 MEDIUM 5.9 Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability. Jun 09, 2026