Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
11202
Total
755
Critical
3234
High
3640
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-5811 | MEDIUM | 5.4 | A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function save_product of the file /Actions.php of the … | Apr 08, 2026 |
| CVE-2026-5173 | HIGH | 8.5 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2026-4916 | LOW | 2.7 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2026-4398 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Apr 08, 2026 |
| CVE-2026-4332 | MEDIUM | 5.4 | GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable … | Apr 08, 2026 |
| CVE-2026-3438 | UNKNOWN | — | A reflected cross-site scripting vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.90.2 that allows unauthenticated remote attackers to execute arbitrary JavaScript in a … | Apr 08, 2026 |
| CVE-2026-3199 | UNKNOWN | — | A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute … | Apr 08, 2026 |
| CVE-2026-2619 | MEDIUM | 4.3 | GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain … | Apr 08, 2026 |
| CVE-2026-2104 | MEDIUM | 4.3 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2026-1752 | MEDIUM | 4.3 | GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2026-1516 | MEDIUM | 5.7 | GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code … | Apr 08, 2026 |
| CVE-2026-1101 | MEDIUM | 6.5 | GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2026-1092 | HIGH | 7.5 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2025-9484 | MEDIUM | 4.3 | GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain … | Apr 08, 2026 |
| CVE-2025-12664 | HIGH | 7.5 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2026-5919 | MEDIUM | 6.5 | Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass … | Apr 08, 2026 |
| CVE-2026-5918 | MEDIUM | 4.3 | Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via … | Apr 08, 2026 |
| CVE-2026-5915 | HIGH | 8.1 | Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write … | Apr 08, 2026 |
| CVE-2026-5914 | HIGH | 8.8 | Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit … | Apr 08, 2026 |
| CVE-2026-5913 | UNKNOWN | — | Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via … | Apr 08, 2026 |
| CVE-2026-5912 | HIGH | 8.8 | Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted … | Apr 08, 2026 |
| CVE-2026-5911 | MEDIUM | 4.3 | Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium … | Apr 08, 2026 |
| CVE-2026-5910 | HIGH | 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium … | Apr 08, 2026 |
| CVE-2026-5909 | HIGH | 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium … | Apr 08, 2026 |
| CVE-2026-5908 | HIGH | 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium … | Apr 08, 2026 |