Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23813
Total
1705
Critical
7468
High
7599
Medium
CVE ID Severity Score Description Published
CVE-2026-8874 HIGH 7.1 Version 3.0.7 of the Securly Chrome Extension downloads JSON files containing crisis alert keywords and filtering rules over unencrypted HTTP via the Fetch API. Other … Jun 03, 2026
CVE-2026-7888 UNKNOWN Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that lack the allowed_classes … Jun 03, 2026
CVE-2026-45702 MEDIUM 4.4 OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting … Jun 03, 2026
CVE-2026-45614 MEDIUM 4.7 OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior … Jun 03, 2026
CVE-2026-42840 UNKNOWN An authenticated user can persist arbitrary HTML/JavaScript in the email_id or mobile_no fields of a Customer record and trigger unescaped rendering in the Point of … Jun 03, 2026
CVE-2026-42839 UNKNOWN An authenticated ERPNext user with Item record edit permissions can persist arbitrary HTML/JavaScript in the item_name, description, or image fields of an Item and trigger … Jun 03, 2026
CVE-2026-26379 MEDIUM 6.5 An issue in Koha v.25.11 and before allows a remote attacker to execute arbitrary code via the Z39.50 configuration module Jun 03, 2026
CVE-2026-26378 MEDIUM 5.4 Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features Jun 03, 2026
CVE-2026-46273 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do … Jun 03, 2026
CVE-2026-46272 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf … Jun 03, 2026
CVE-2026-46271 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 … Jun 03, 2026
CVE-2026-46270 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in power_supply_changed() Using the `devm_` variant for requesting IRQ _before_ … Jun 03, 2026
CVE-2026-46269 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl … Jun 03, 2026
CVE-2026-46268 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Fix p2pmem_alloc_mmap() warning condition Commit b7e282378773 has already changed the initial page refcount of … Jun 03, 2026
CVE-2026-46267 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llc_shdlc_deinit() purges SHDLC skb queues … Jun 03, 2026
CVE-2026-46266 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP Yizhou Zhao reported that simply having … Jun 03, 2026
CVE-2026-46265 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQ_MEM_RECLAIM warning When sunrpc is used, if a reset triggered, our wq may … Jun 03, 2026
CVE-2026-46264 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm_add_action_or_reset() failure the provided cleanup action will be … Jun 03, 2026
CVE-2026-46263 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 eng_id can be negative and that stream_enc_regs[] can … Jun 03, 2026
CVE-2026-46262 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put() This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix … Jun 03, 2026
CVE-2026-46261 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() platform_get_resource_byname() can return NULL, which would … Jun 03, 2026
CVE-2026-46260 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound access in fib6_add_rt2node(). syzbot reported out-of-bound read in fib6_add_rt2node(). [0] When IPv6 … Jun 03, 2026
CVE-2026-46259 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading real_parent in do_task_stat() When reading /proc/[pid]/stat, do_task_stat() accesses … Jun 03, 2026
CVE-2026-46258 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandle_create() In linehandle_create(), there is a statement like this: … Jun 03, 2026
CVE-2026-46257 UNKNOWN In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when read_current_timer is called on ARM32 platforms where the SP804 is … Jun 03, 2026