Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20528
Total
1468
Critical
6215
High
6518
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-34597 | HIGH | 8.8 | Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticated Host Remote Code Execution (RCE) vulnerability … | Jun 29, 2026 |
| CVE-2026-34594 | HIGH | 8.8 | Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, an authenticated command injection vulnerability in the Destination Network … | Jun 29, 2026 |
| CVE-2026-13758 | LOW | 3.7 | CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) form compares it against the … | Jun 29, 2026 |
| CVE-2026-57919 | HIGH | 7.8 | PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (\\.\pipe\PBackupVSS) with a DACL that grants GENERIC_READ and GENERIC_WRITE permissions to … | Jun 29, 2026 |
| CVE-2026-57498 | CRITICAL | 9.6 | Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, Coolify's API controllers consistently validate server ownership with Server::whereTeamId($teamId) … | Jun 29, 2026 |
| CVE-2026-56018 | HIGH | 7.5 | JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth. In JsMinify (XS.xs) the cleanup frees only the … | Jun 29, 2026 |
| CVE-2026-56017 | HIGH | 7.5 | JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp … | Jun 29, 2026 |
| CVE-2026-54889 | UNKNOWN | — | Improper Neutralization of Input During Web Page Generation (XSS) vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL schemes in Quill Delta output. 'Elixir.MDEx':to_delta/2 … | Jun 29, 2026 |
| CVE-2026-54888 | UNKNOWN | — | Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document{} struct and Comrak's internal … | Jun 29, 2026 |
| CVE-2026-53429 | UNKNOWN | — | Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdex_native allows an attacker who controls a rendered document to cause a denial … | Jun 29, 2026 |
| CVE-2026-53426 | UNKNOWN | — | Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx.parse_document/2 accepts a {:json, json} source. In lib/mdex.ex, the private json_to_node/1 … | Jun 29, 2026 |
| CVE-2026-43746 | MEDIUM | 6.5 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing … | Jun 29, 2026 |
| CVE-2026-43745 | MEDIUM | 6.5 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. … | Jun 29, 2026 |
| CVE-2026-43743 | MEDIUM | 4.7 | A race condition was addressed with improved state handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may … | Jun 29, 2026 |
| CVE-2026-43742 | MEDIUM | 6.5 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing … | Jun 29, 2026 |
| CVE-2026-43740 | MEDIUM | 6.5 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously … | Jun 29, 2026 |
| CVE-2026-43735 | HIGH | 8.1 | The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website … | Jun 29, 2026 |
| CVE-2026-43734 | MEDIUM | 6.5 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing … | Jun 29, 2026 |
| CVE-2026-43732 | MEDIUM | 6.5 | A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing … | Jun 29, 2026 |
| CVE-2026-43731 | HIGH | 8.8 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing … | Jun 29, 2026 |
| CVE-2026-43727 | MEDIUM | 6.5 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing … | Jun 29, 2026 |
| CVE-2026-43726 | MEDIUM | 6.5 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing … | Jun 29, 2026 |
| CVE-2026-43725 | HIGH | 7.1 | The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious … | Jun 29, 2026 |
| CVE-2026-43724 | CRITICAL | 9.8 | The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be … | Jun 29, 2026 |
| CVE-2026-43722 | MEDIUM | 5.5 | The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be … | Jun 29, 2026 |