Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12604
Total
849
Critical
3630
High
3947
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-23409 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is … | Apr 01, 2026 |
| CVE-2026-23408 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of ns_name in aa_replace_profiles() if ns_name is NULL after 1071 error … | Apr 01, 2026 |
| CVE-2026-23407 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds check on DEFAULT table in verify_dfa() The verify_dfa() function only checks … | Apr 01, 2026 |
| CVE-2026-23406 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in match_char() macro usage The match_char() macro evaluates its character parameter … | Apr 01, 2026 |
| CVE-2026-23405 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the number of policy … | Apr 01, 2026 |
| CVE-2026-23404 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: replace recursive profile removal with iterative approach The profile removal code uses recursion when … | Apr 01, 2026 |
| CVE-2026-23403 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verify_header The function sets `*ns = NULL` on every call, … | Apr 01, 2026 |
| CVE-2026-23402 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check … | Apr 01, 2026 |
| CVE-2026-23401 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an … | Apr 01, 2026 |
| CVE-2026-5259 | MEDIUM | 6.3 | A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/controller/AlarmController.java of the component Alarm … | Apr 01, 2026 |
| CVE-2026-28265 | MEDIUM | 4.4 | PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification … | Apr 01, 2026 |
| CVE-2026-27101 | MEDIUM | 4.7 | Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path … | Apr 01, 2026 |
| CVE-2026-5258 | HIGH | 7.3 | A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function _get_file of the file iopaint/file_manager/file_manager.py of the component File Manager. Performing a manipulation … | Apr 01, 2026 |
| CVE-2026-4748 | HIGH | 7.5 | A regression in the way hashes were calculated caused rules containing the address range syntax (x.x.x.x - y.y.y.y) that only differ in the address range(s) … | Apr 01, 2026 |
| CVE-2026-5257 | HIGH | 7.3 | A vulnerability has been found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /delstaffinfo.php of the component Parameter … | Apr 01, 2026 |
| CVE-2026-5256 | HIGH | 7.3 | A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modify.php of the component Parameter Handler. … | Apr 01, 2026 |
| CVE-2026-5255 | MEDIUM | 4.3 | A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delstaffinfo.php of the component Parameter Handler. The … | Apr 01, 2026 |
| CVE-2026-2696 | MEDIUM | 5.3 | The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS (including private posts) in a predictable pattern using a random 6-digit … | Apr 01, 2026 |
| CVE-2025-15484 | CRITICAL | 9.1 | The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access … | Apr 01, 2026 |
| CVE-2026-5292 | HIGH | 8.8 | Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via … | Apr 01, 2026 |
| CVE-2026-5291 | MEDIUM | 6.5 | Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted … | Apr 01, 2026 |
| CVE-2026-5290 | CRITICAL | 9.6 | Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Apr 01, 2026 |
| CVE-2026-5289 | CRITICAL | 9.6 | Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Apr 01, 2026 |
| CVE-2026-5288 | CRITICAL | 9.6 | Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially … | Apr 01, 2026 |
| CVE-2026-5287 | HIGH | 8.8 | Use after free in PDF in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 01, 2026 |