Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23329
Total
1657
Critical
7330
High
7410
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-46656 | HIGH | 8.8 | Bludit is a content management system. Versions prior to 3.22.0 have a Broken Access Control flaw where active sessions remain valid even after the corresponding … | Jun 08, 2026 |
| CVE-2026-46480 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluator create and update mass-assignment … | Jun 08, 2026 |
| CVE-2026-46479 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluation create and update mass-assignment … | Jun 08, 2026 |
| CVE-2026-46478 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment … | Jun 08, 2026 |
| CVE-2026-46477 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment … | Jun 08, 2026 |
| CVE-2026-46476 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment … | Jun 08, 2026 |
| CVE-2026-46475 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant create and update mass-assignment … | Jun 08, 2026 |
| CVE-2026-46444 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, all CRUD endpoints for OpenAI … | Jun 08, 2026 |
| CVE-2026-46443 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, when credentials are fetched with … | Jun 08, 2026 |
| CVE-2026-46442 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, POST /api/v1/node-custom-function lacks route-level authorization, … | Jun 08, 2026 |
| CVE-2026-46441 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists … | Jun 08, 2026 |
| CVE-2026-46440 | HIGH | 7.5 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, the checkBasicAuth endpoint validates credentials … | Jun 08, 2026 |
| CVE-2026-46275 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to … | Jun 08, 2026 |
| CVE-2026-46274 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io_wq_remove_pending() io_wq_remove_pending() needs to fix up wq->hash_tail[] … | Jun 08, 2026 |
| CVE-2026-44631 | CRITICAL | 9.8 | Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users … | Jun 08, 2026 |
| CVE-2026-44186 | UNKNOWN | — | Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue … | Jun 08, 2026 |
| CVE-2026-44185 | HIGH | 7.3 | Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 … | Jun 08, 2026 |
| CVE-2026-44119 | UNKNOWN | — | Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. … | Jun 08, 2026 |
| CVE-2026-43951 | MEDIUM | 6.5 | Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. | Jun 08, 2026 |
| CVE-2026-42863 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists … | Jun 08, 2026 |
| CVE-2026-42862 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists … | Jun 08, 2026 |
| CVE-2026-42861 | UNKNOWN | — | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists … | Jun 08, 2026 |
| CVE-2026-42536 | HIGH | 7.5 | Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users … | Jun 08, 2026 |
| CVE-2026-42535 | UNKNOWN | — | A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing … | Jun 08, 2026 |
| CVE-2026-36786 | HIGH | 7.5 | Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability … | Jun 08, 2026 |