Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20528
Total
1468
Critical
6215
High
6518
Medium
CVE ID Severity Score Description Published
CVE-2026-12388 MEDIUM 6.5 A flaw was found in the Identity Provider (IdP) mapper component of Keycloak, which is used to manage how user information from external services is … Jun 30, 2026
CVE-2026-10817 UNKNOWN Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated … Jun 30, 2026
CVE-2026-10816 UNKNOWN Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled Jun 30, 2026
CVE-2026-8402 CRITICAL 9.8 Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. SYSGUARD 6001 allows … Jun 30, 2026
CVE-2026-57082 MEDIUM 5.9 Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG. The MSE (Message Stream Encryption) handshake derives its 160-bit … Jun 30, 2026
CVE-2026-57081 HIGH 7.5 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with … Jun 30, 2026
CVE-2026-57080 HIGH 7.5 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix. The peer-wire framing in _process_messages trusts the 4-byte length … Jun 30, 2026
CVE-2026-57079 MEDIUM 5.3 Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadata. Net::BitTorrent validates file path components only on … Jun 30, 2026
CVE-2026-53692 UNKNOWN Redeight CMS version 1.0 uses the MD5 algorithm without a salt to store user passwords. Because MD5 is a cryptographically broken algorithm and lacks salting, … Jun 30, 2026
CVE-2026-53691 UNKNOWN An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application … Jun 30, 2026
CVE-2026-53690 UNKNOWN An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize … Jun 30, 2026
CVE-2026-41053 HIGH 8.8 Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, … Jun 30, 2026
CVE-2026-14162 CRITICAL 9.8 Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation. Jun 30, 2026
CVE-2026-14161 HIGH 7.5 Hospital Quening Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation. Jun 30, 2026
CVE-2026-13766 CRITICAL 9.8 DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers. The default SQL builder, a SQL::Abstract subclass, sets bindtype in its constructor … Jun 30, 2026
CVE-2026-54475 HIGH 7.5 Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection … Jun 30, 2026
CVE-2026-53917 HIGH 7.5 Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a … Jun 30, 2026
CVE-2026-53916 HIGH 7.5 Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection … Jun 30, 2026
CVE-2026-52760 MEDIUM 6.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console … Jun 30, 2026
CVE-2026-50750 HIGH 7.5 Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker … Jun 30, 2026
CVE-2026-50734 HIGH 7.5 Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS … Jun 30, 2026
CVE-2026-49877 HIGH 8.1 Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty … Jun 30, 2026
CVE-2026-49434 HIGH 7.5 Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP … Jun 30, 2026
CVE-2026-49432 HIGH 7.5 Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can … Jun 30, 2026
CVE-2026-13316 MEDIUM 4.4 A flaw has been found in foreman when HTTP parameters are modified in http_proxies_controller and http_proxy files. Attackers can perform an SSRF attack and steal … Jun 30, 2026