Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23329
Total
1657
Critical
7330
High
7410
Medium
CVE ID Severity Score Description Published
CVE-2026-46279 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: mm/alloc_tag: clear codetag for pages allocated before page_ext initialization Due to initialization ordering, page_ext is … Jun 08, 2026
CVE-2026-46278 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix segfault when updating ftrace mask Fix invalid data access by passing right data … Jun 08, 2026
CVE-2026-46277 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: mm/zone_device: do not touch device folio after calling ->folio_free() The contents of a device folio … Jun 08, 2026
CVE-2026-46276 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix zero-size GDS range init on RDNA4 RDNA4 (GFX 12) hardware removes the GDS, … Jun 08, 2026
CVE-2026-45581 MEDIUM 5.5 fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in chaincode-as-a-service … Jun 08, 2026
CVE-2026-43966 UNKNOWN Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields string … Jun 08, 2026
CVE-2026-41448 CRITICAL 9.4 AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a … Jun 08, 2026
CVE-2026-39910 CRITICAL 9.8 STACKIT IaaS API contains a missing authorization check vulnerability that allows authenticated, low-privileged attackers to escalate privileges to full organization compromise by attaching arbitrary service … Jun 08, 2026
CVE-2026-39908 MEDIUM 6.5 OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by … Jun 08, 2026
CVE-2026-25856 HIGH 8.8 OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C# code on the server host by … Jun 08, 2026
CVE-2026-25855 HIGH 8.8 OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files (.bat.ps1.sh) through the … Jun 08, 2026
CVE-2026-25559 HIGH 8.8 OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete … Jun 08, 2026
CVE-2026-25555 CRITICAL 9.8 OpenBullet2 through version 0.3.2 contains an authentication bypass vulnerability in the API key authentication middleware that allows unauthenticated attackers to gain admin access by supplying … Jun 08, 2026
CVE-2026-11611 MEDIUM 6.5 A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync … Jun 08, 2026
CVE-2026-11534 LOW 3.5 A vulnerability was detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of … Jun 08, 2026
CVE-2026-11533 MEDIUM 5.4 A security vulnerability has been detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of … Jun 08, 2026
CVE-2026-11532 MEDIUM 6.3 A weakness has been identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected is an unknown function of the file /add.php of the component Student Record … Jun 08, 2026
CVE-2026-11531 HIGH 7.3 A security flaw has been discovered in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This impacts an unknown function of the file admin/admin_login.php of the component Administrator … Jun 08, 2026
CVE-2026-11530 HIGH 7.3 A vulnerability was identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This affects an unknown function of the file /index.ph of the component Login. Such manipulation … Jun 08, 2026
CVE-2026-49975 UNKNOWN Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache … Jun 08, 2026
CVE-2026-49756 UNKNOWN Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in wojtekmach Req allows multipart parameter smuggling via attacker-influenced part metadata. Req.Utils.encode_form_part/2 in lib/req/utils.ex builds the per-part … Jun 08, 2026
CVE-2026-49755 UNKNOWN Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in wojtekmach Req allows attacker-controlled HTTP servers to exhaust memory in a Req client via decompression-bomb … Jun 08, 2026
CVE-2026-48913 HIGH 7.3 Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through … Jun 08, 2026
CVE-2026-48488 UNKNOWN phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been … Jun 08, 2026
CVE-2026-46657 HIGH 7.1 Bludit is a content management system. Versions prior to 3.22.0 have a vulnerability in the user management logic that allows deactivated accounts to maintain access … Jun 08, 2026