Search

10,574 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

—CVE-2026-47695CC-Tweaked has an SSRF Protection Bypass with NAT645/29/2026
CRITICAL9.1CVE-2026-46621Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection5/27/2026
CRITICAL9.8CVE-2026-46562Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override5/27/2026
MEDIUM6.5CVE-2026-2340EPSS 0.07%A flaw was found in Samba’s vfs_worm module.5/27/2026
HIGH7.1CVE-2026-1933EPSS 0.06%A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes.5/27/2026
HIGH8.0CVE-2026-3012EPSS 0.01%A flaw was found in Samba’s certificate auto-enrollment Group Policy handling.5/27/2026
CRITICAL9.1CVE-2026-44632Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`5/27/2026
MEDIUM6.5CVE-2026-44596Yamcs has No Rate Limiting on Authentication Endpoint5/27/2026
MEDIUM4.3CVE-2026-44595Yamcs vulnerable to unauthorized user enumeration via IAM API endpoints5/27/2026
MEDIUM4.3CVE-2026-42568Yamcs Vulnerable to LDAP Injection in LdapAuthModule5/26/2026
—CVE-2026-41207netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures5/26/2026
HIGH8.2CVE-2026-5260EPSS 0.23%A flaw was found in libgnutls.5/26/2026
MEDIUM5.3CVE-2026-42015EPSS 0.25%A flaw was found in gnutls.5/26/2026
HIGH8.2CVE-2026-42013EPSS 0.05%A flaw was found in gnutls.5/26/2026
HIGH7.1CVE-2026-42012EPSS 0.04%A flaw was found in gnutls.5/26/2026
HIGH7.5CVE-2026-48048XWiki Platform's Livetable results still allow reconstructing password hashes using 768 requests5/26/2026
—CVE-2026-48047XWiki Platform vulnerable to potential arbitrary file writing using path traversal from (subwiki) admin5/26/2026
—CVE-2026-33137EPSS 0.02%XWiki Platform has an Unauthenticated XAR Import via REST /wikis/{wikiName}5/26/2026
—CVE-2026-23734EPSS 0.05%XWiki Platform has path traversal via resources parameter in ssx and jsx endpoints when using leading slash5/26/2026
HIGH8.5CVE-2026-4480EPSS 0.39%A flaw was found in the Samba printing subsystem.5/26/2026
CRITICAL9.0CVE-2026-4408EPSS 0.39%A flaw was found in Samba.5/26/2026
MEDIUM5.3CVE-2026-5223EPSS 0.07%Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override…5/25/2026
MEDIUM6.5CVE-2026-5222EPSS 0.03%Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-party registries using the sparse index protocol.5/25/2026
—CVE-2026-9256EPSS 0.24%NGINX ngx_http_rewrite_module vulnerability5/22/2026
HIGH8.3CVE-2026-46481OpenMetadata: TEST_CONNECTION workflow leaks ingestion-bot JWT and database password to regular users5/21/2026

Page 1 of 423Next →