Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23813
Total
1705
Critical
7468
High
7599
Medium
CVE ID Severity Score Description Published
CVE-2026-10616 MEDIUM 4.3 A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/team_tasks_lifecycle.go of the component … Jun 02, 2026
CVE-2026-10608 HIGH 7.3 A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results … Jun 02, 2026
CVE-2026-10607 HIGH 7.3 A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dede_htmlspecialchars of the file /plus/flink.php. The manipulation of the argument msg leads … Jun 02, 2026
CVE-2026-10584 MEDIUM 5.9 Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive … Jun 02, 2026
CVE-2025-64390 UNKNOWN A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed … Jun 02, 2026
CVE-2021-4479 MEDIUM 4.0 Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending … Jun 02, 2026
CVE-2021-4478 HIGH 8.2 Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can … Jun 02, 2026
CVE-2019-25724 MEDIUM 6.5 Dräger Infinity M300 patient worn monitors with software version VG2.x and earlier contain a network-based denial of service vulnerability that allows attackers with access to … Jun 02, 2026
CVE-2019-25723 MEDIUM 4.0 Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by … Jun 02, 2026
CVE-2019-25722 HIGH 7.6 Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain hard-coded plaintext credentials in source code and a denial-of-service … Jun 02, 2026
CVE-2019-25721 MEDIUM 6.5 Dräger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly … Jun 02, 2026
CVE-2026-49943 MEDIUM 6.3 CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS_PATH mask matching implementation in nest/a-path.c. The as_path_match() function uses … Jun 02, 2026
CVE-2026-42074 CRITICAL 9.8 OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the dangerouslyDisableSandbox parameter is exposed as part … Jun 02, 2026
CVE-2026-42073 MEDIUM 6.5 OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a … Jun 02, 2026
CVE-2026-40715 HIGH 7.8 Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this … Jun 02, 2026
CVE-2026-40713 MEDIUM 6.1 Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, … Jun 02, 2026
CVE-2026-40571 UNKNOWN NamelessMC is website software for Minecraft servers. In version 2.2.4, `core/classes/Misc/ProfilePostReactionContext.php` only verifies that the wall post exists and does not enforce blocked/private-profile visibility. This … Jun 02, 2026
CVE-2026-40314 UNKNOWN NamelessMC is website software for Minecraft servers. In version 2.2.4,`core/classes/Misc/ProfilePostReactionContext.php` only verifies that the wall post exists and does not enforce blocked/private-profile visibility. `modules/Core/queries/reactions.php` allows … Jun 02, 2026
CVE-2026-35447 UNKNOWN NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page (modules/Core/pages/profile.php) processes wall post submissions and replies before verifying whether the viewer … Jun 02, 2026
CVE-2026-35443 UNKNOWN NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/classes/ForumPostReactionContext.php` only verifies that the caller can view the forum, but it does not re-enforce … Jun 02, 2026
CVE-2026-33244 MEDIUM 5.4 React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improper neutralization of the HTTP `Location` … Jun 02, 2026
CVE-2026-24237 HIGH 7.8 NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code … Jun 02, 2026
CVE-2026-24221 HIGH 7.8 NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code … Jun 02, 2026
CVE-2026-1871 UNKNOWN TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can … Jun 02, 2026
CVE-2026-10606 HIGH 7.3 A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a … Jun 02, 2026