Search

1,562 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

MEDIUM6.5CVE-2026-2340EPSS 0.07%A flaw was found in Samba’s vfs_worm module.5/27/2026
MEDIUM5.3CVE-2026-42015EPSS 0.25%A flaw was found in gnutls.5/26/2026
MEDIUM5.3CVE-2026-5223EPSS 0.07%Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override…5/25/2026
MEDIUM6.5CVE-2026-5222EPSS 0.03%Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-party registries using the sparse index protocol.5/25/2026
MEDIUM5.3CVE-2026-5950EPSS 0.14%An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenti…5/20/2026
MEDIUM5.9CVE-2026-5947EPSS 0.04%Undefined behavior may result due to a race condition leading to a use-after-free violation.5/20/2026
MEDIUM5.3CVE-2026-3592EPSS 0.02%BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack.5/20/2026
MEDIUM5.5CVE-2026-43620EPSS 0.02%Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a ma…5/20/2026
MEDIUM6.3CVE-2026-43619EPSS 0.01%Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, re…5/20/2026
MEDIUM4.8CVE-2026-43617EPSS 0.01%Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforc…5/20/2026
MEDIUM6.5CVE-2026-23557EPSS 0.01%Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering.5/19/2026
MEDIUM4.3CVE-2026-6575EPSS 0.03%PostgreSQL pg_restore_attribute_stats accepts values that cause query planning to read past end of stats array5/14/2026
MEDIUM6.5CVE-2026-6478EPSS 0.08%PostgreSQL discloses MD5-hashed passwords via covert timing channel5/14/2026
MEDIUM4.3CVE-2026-6474EPSS 0.03%PostgreSQL timeofday() can disclose portions of server memory5/14/2026
MEDIUM5.4CVE-2026-6472EPSS 0.03%PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege5/14/2026
MEDIUM6.5CVE-2026-42946EPSS 0.07%NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability5/13/2026
MEDIUM4.8CVE-2026-42934EPSS 0.04%NGINX ngx_http_charset_module vulnerability5/13/2026
MEDIUM4.8CVE-2026-40701EPSS 0.04%NGINX ngx_http_ssl_module vulnerability5/13/2026
MEDIUM6.5CVE-2026-40460EPSS 0.03%NGINX ngx_quic_module vulnerability5/13/2026
MEDIUM5.3CVE-2026-4893EPSS 0.03%An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 c…5/11/2026
MEDIUM5.3CVE-2026-4891EPSS 0.07%A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via…5/11/2026
MEDIUM5.5CVE-2026-45130EPSS 0.00%Vim is an open source, command line text editor.5/8/2026
MEDIUM5.3CVE-2026-44656EPSS 0.07%Vim is an open source, command line text editor.5/8/2026
MEDIUM4.4CVE-2026-42307EPSS 0.23%Vim is an open source, command line text editor.5/8/2026
MEDIUM6.5CVE-2026-33523EPSS 0.26%Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status line5/4/2026

Page 1 of 63Next →