Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
24356
Total
1707
Critical
7501
High
7655
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-28511 | MEDIUM | 4.3 | eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results … | Jun 01, 2026 |
| CVE-2026-25879 | CRITICAL | 9.8 | Langroid is a framework for building large-language-model-powered applications. Prior to version 0.63.0, SQLChatAgent executes SQL produced by an LLM, which is influenceable by prompt injection. … | Jun 01, 2026 |
| CVE-2026-25277 | HIGH | 8.8 | Memory corruption while using Strongbox due to buffer overflow. | Jun 01, 2026 |
| CVE-2026-25276 | HIGH | 8.8 | Memory corruption while using Strongbox due to missing bounds check. | Jun 01, 2026 |
| CVE-2026-25260 | HIGH | 7.8 | Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications. | Jun 01, 2026 |
| CVE-2026-25259 | HIGH | 7.8 | Memory corruption while processing multiple IOCTL command for escape operations. | Jun 01, 2026 |
| CVE-2026-25258 | HIGH | 7.8 | Memory corruption while processing IOCTL calls for escape operations. | Jun 01, 2026 |
| CVE-2026-24782 | HIGH | 7.6 | Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure Data Forms could be exploited by an authenticated … | Jun 01, 2026 |
| CVE-2026-24761 | LOW | 3.7 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … | Jun 01, 2026 |
| CVE-2026-24756 | MEDIUM | 4.3 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … | Jun 01, 2026 |
| CVE-2026-24755 | MEDIUM | 5.4 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … | Jun 01, 2026 |
| CVE-2026-24754 | MEDIUM | 5.4 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker … | Jun 01, 2026 |
| CVE-2026-24753 | MEDIUM | 6.5 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an … | Jun 01, 2026 |
| CVE-2026-24752 | HIGH | 8.2 | Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker … | Jun 01, 2026 |
| CVE-2026-24092 | HIGH | 7.2 | Memory Corruption when processing fastboot commands to set display mode. | Jun 01, 2026 |
| CVE-2026-24091 | HIGH | 7.2 | Memory corruption while processing fastboot commands with improperly formatted input. | Jun 01, 2026 |
| CVE-2026-24090 | HIGH | 7.1 | Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow. | Jun 01, 2026 |
| CVE-2026-24089 | HIGH | 7.2 | Memory corruption while processing fastboot commands with invalid input. | Jun 01, 2026 |
| CVE-2026-24088 | HIGH | 8.2 | Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader. | Jun 01, 2026 |
| CVE-2026-24087 | HIGH | 7.2 | Memory corruption while processing fastboot OEM commands. | Jun 01, 2026 |
| CVE-2026-24085 | HIGH | 7.2 | Memory Corruption when processing display command line information due to improper initialization of a variable. | Jun 01, 2026 |
| CVE-2026-10300 | LOW | 3.7 | A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint. Such … | Jun 01, 2026 |
| CVE-2026-10299 | LOW | 3.8 | A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of … | Jun 01, 2026 |
| CVE-2026-10298 | LOW | 3.3 | A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whisper_model_load of the file ggml/src/ggml.c. The manipulation results … | Jun 01, 2026 |
| CVE-2026-10297 | MEDIUM | 6.3 | A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_course.php. The manipulation of the argument ID … | Jun 01, 2026 |