Search

7,563 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH7.5CVE-2026-47717FUXA's Unauthenticated Project Data Disclosure Exposes Server-Side Scripts and Device Configurations5/27/2026
CRITICAL9.1CVE-2026-46621Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection5/27/2026
CRITICAL9.8CVE-2026-46562Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override5/27/2026
CRITICAL10.0CVE-2026-45618LiquidJS is Vulnerable to Remote Code Execution5/27/2026
HIGH7.5CVE-2026-45617LiquidJS Vulnerable to ReDoS via Quadratic Backtracking in `strip_html` Filter Regex5/27/2026
HIGH7.5CVE-2026-45357LiquidJS has a memory and render limit bypass via unbounded width padding in `date` filter (strftime)5/27/2026
HIGH7.1CVE-2026-1933EPSS 0.06%A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes.5/27/2026
HIGH8.0CVE-2026-3012EPSS 0.01%A flaw was found in Samba’s certificate auto-enrollment Group Policy handling.5/27/2026
CRITICAL9.1CVE-2026-44632Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`5/27/2026
HIGH7.0CVE-2026-42462Fedify has an LD-Signature Bypass via JSON-LD Named-Graph Restructuring5/26/2026
HIGH8.6CVE-2026-42089yeoman-environment Vulnerable to Arbitrary Package Installation without User Confirmation5/26/2026
HIGH8.2CVE-2026-5260EPSS 0.23%A flaw was found in libgnutls.5/26/2026
HIGH8.2CVE-2026-42013EPSS 0.05%A flaw was found in gnutls.5/26/2026
HIGH7.1CVE-2026-42012EPSS 0.04%A flaw was found in gnutls.5/26/2026
HIGH7.5CVE-2026-48048XWiki Platform's Livetable results still allow reconstructing password hashes using 768 requests5/26/2026
HIGH8.7CVE-2026-28445EPSS 0.03%Typebot has Stored XSS via Rating Block Custom Icon that Bypasses isUnsafe Sandbox in Builder Preview5/26/2026
HIGH8.5CVE-2026-4480EPSS 0.39%A flaw was found in the Samba printing subsystem.5/26/2026
CRITICAL9.0CVE-2026-4408EPSS 0.39%A flaw was found in Samba.5/26/2026
HIGH7.6CVE-2026-46701Network-AI: Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret5/21/2026
CRITICAL9.6CVE-2026-46703OCI layer symlink escape → arbitrary host write5/21/2026
CRITICAL10.0CVE-2026-46695Read-only volume remount bypass via guest CAP_SYS_ADMIN5/21/2026
HIGH7.5CVE-2026-46679js-libp2p: Memory DoS via subscription flood of unique topics5/21/2026
HIGH7.5CVE-2026-46625JavaScript Cookie: Per-instance prototype hijack in assign() enables cookie-attribute injection5/21/2026
HIGH8.8CVE-2026-46519MCP Server Kubernetes: Tool Access Control Bypass via Presentation-Layer Filtering Without Execution-Layer Enforcement5/21/2026
HIGH7.2CVE-2026-46492md-fileserver: Stored/Reflected XSS when viewing Markdown (raw HTML allowed)5/21/2026

← PrevPage 2 of 303Next →