Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20648
Total
1489
Critical
6270
High
6549
Medium
CVE ID Severity Score Description Published
CVE-2026-10644 MEDIUM 4.2 The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c), used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous (DMA) receive path. When uart_rx_enable() is … Jun 28, 2026
CVE-2026-10593 MEDIUM 6.5 The Zephyr Bluetooth LE Audio Basic Audio Profile (BAP) unicast client mishandles peer-supplied ASE state notifications. In unicast_client_ep_qos_state() (subsys/bluetooth/audio/bap_unicast_client.c), the handler writes attacker-controlled QoS fields … Jun 28, 2026
CVE-2026-58058 MEDIUM 6.5 Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6_get_data_primitive (libnetutil/netutil.cc), so the pointer advances past the buffer and … Jun 28, 2026
CVE-2026-58057 MEDIUM 5.0 Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where environment names are case-insensitive, supplying … Jun 28, 2026
CVE-2026-58056 HIGH 7.6 RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. … Jun 28, 2026
CVE-2026-58055 MEDIUM 5.4 nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the … Jun 28, 2026
CVE-2026-58054 HIGH 7.2 MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when creating or editing users; the user module offers the … Jun 28, 2026
CVE-2026-58053 CRITICAL 9.9 Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: … Jun 28, 2026
CVE-2026-58052 LOW 3.3 7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream … Jun 28, 2026
CVE-2026-58051 MEDIUM 6.5 libssh2 through 1.11.1 grows its publickey list with SSH2_REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the … Jun 28, 2026
CVE-2026-58050 HIGH 7.0 libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation num_attrs * sizeof(libssh2_publickey_attribute) without bounds checking, … Jun 28, 2026
CVE-2026-58049 HIGH 8.6 FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at the row cursor before the NEXT_LINE row-boundary check and validates the DLTA … Jun 28, 2026
CVE-2026-8095 HIGH 8.1 The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due … Jun 28, 2026
CVE-2026-10643 HIGH 8.7 Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_control) buffer using only the payload length (msg-msg_controllen < pktinfo_len) before writing a full … Jun 28, 2026
CVE-2026-49416 UNKNOWN The CONS_HISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting … Jun 27, 2026
CVE-2026-49414 UNKNOWN The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As … Jun 27, 2026
CVE-2026-49417 UNKNOWN Second, the audio buffer backing a mapping could be freed when the device was closed even though the mapping remained valid. The freed memory could … Jun 27, 2026
CVE-2026-49413 UNKNOWN The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the P_SUGID process flag. During execve(2), this flag is not yet set at … Jun 27, 2026
CVE-2026-49412 UNKNOWN The kernel handler for IPV6_MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window … Jun 27, 2026
CVE-2026-45259 UNKNOWN sigqueue(2) was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kern_sigqueue did not include a capability … Jun 27, 2026
CVE-2026-45258 UNKNOWN dsp_mmap_single() validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that … Jun 27, 2026
CVE-2026-9242 MEDIUM 5.3 The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data … Jun 27, 2026
CVE-2026-9233 MEDIUM 4.3 The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, … Jun 27, 2026
CVE-2026-3462 MEDIUM 6.5 The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'upload_csv' and 'process_batch' functions in … Jun 27, 2026
CVE-2026-13295 MEDIUM 6.4 The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via panels_data Parameter in all versions up to, and including, 2.34.3 … Jun 27, 2026