Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12556
Total
848
Critical
3598
High
3935
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-31354 | UNKNOWN | — | Multiple authenticated stored cross-site scripting (XSS) vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via … | Apr 06, 2026 |
| CVE-2026-31353 | UNKNOWN | — | An authenticated stored cross-site scripting (XSS) vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via … | Apr 06, 2026 |
| CVE-2026-31352 | UNKNOWN | — | An authenticated stored cross-site scripting (XSS) vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML … | Apr 06, 2026 |
| CVE-2026-31351 | MEDIUM | 4.8 | An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via … | Apr 06, 2026 |
| CVE-2026-31350 | UNKNOWN | — | An authenticated stored cross-site scripting (XSS) vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload … | Apr 06, 2026 |
| CVE-2026-21382 | HIGH | 7.8 | Memory Corruption when handling power management requests with improperly sized input/output buffers. | Apr 06, 2026 |
| CVE-2026-21381 | HIGH | 7.6 | Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection. | Apr 06, 2026 |
| CVE-2026-21380 | HIGH | 7.8 | Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory. | Apr 06, 2026 |
| CVE-2026-21378 | HIGH | 7.8 | Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver. | Apr 06, 2026 |
| CVE-2026-21376 | HIGH | 7.8 | Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver. | Apr 06, 2026 |
| CVE-2026-21375 | HIGH | 7.8 | Memory Corruption when accessing an output buffer without validating its size during IOCTL processing. | Apr 06, 2026 |
| CVE-2026-21374 | HIGH | 7.8 | Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation. | Apr 06, 2026 |
| CVE-2026-21373 | HIGH | 7.8 | Memory Corruption when accessing an output buffer without validating its size during IOCTL processing. | Apr 06, 2026 |
| CVE-2026-21372 | HIGH | 7.8 | Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations. | Apr 06, 2026 |
| CVE-2026-21371 | HIGH | 7.8 | Memory Corruption when retrieving output buffer with insufficient size validation. | Apr 06, 2026 |
| CVE-2026-21367 | HIGH | 7.6 | Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans. | Apr 06, 2026 |
| CVE-2025-47400 | HIGH | 7.1 | Cryptographic issue while copying data to a destination buffer without validating its size. | Apr 06, 2026 |
| CVE-2025-47392 | HIGH | 8.8 | Memory corruption when decoding corrupted satellite data files with invalid signature offsets. | Apr 06, 2026 |
| CVE-2025-47391 | HIGH | 7.8 | Memory corruption while processing a frame request from user. | Apr 06, 2026 |
| CVE-2025-47390 | HIGH | 7.8 | Memory corruption while preprocessing IOCTL request in JPEG driver. | Apr 06, 2026 |
| CVE-2025-47389 | HIGH | 7.8 | Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation. | Apr 06, 2026 |
| CVE-2025-47374 | MEDIUM | 6.5 | Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling. | Apr 06, 2026 |
| CVE-2024-14032 | HIGH | 7.8 | Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as … | Apr 06, 2026 |
| CVE-2026-5664 | UNKNOWN | — | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-30078. Reason: This candidate is a reservation duplicate of CVE-2026-30078. Notes: All CVE … | Apr 06, 2026 |
| CVE-2026-5663 | HIGH | 7.3 | A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. … | Apr 06, 2026 |