Search

3,062 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

CRITICAL9.1CVE-2026-46621Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection5/27/2026
CRITICAL9.8CVE-2026-46562Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override5/27/2026
CRITICAL9.1CVE-2026-44632Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`5/27/2026
HIGH7.5CVE-2026-48048XWiki Platform's Livetable results still allow reconstructing password hashes using 768 requests5/26/2026
HIGH8.3CVE-2026-46481OpenMetadata: TEST_CONNECTION workflow leaks ingestion-bot JWT and database password to regular users5/21/2026
HIGH7.5CVE-2026-45799Wire: skipGroup() missing negative-length check allows 10-byte payload to crash any Wire-decoding service5/19/2026
CRITICAL9.6CVE-2026-2587GlassFish's gadget handler is vulnerable to RCE5/19/2026
HIGH7.5CVE-2026-45367HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint5/18/2026
HIGH7.4CVE-2026-45300async-http-client: Cookie header not stripped on cross-origin redirect5/18/2026
HIGH7.2CVE-2026-45609EPSS 0.04%Spring AI MCP Security: Unvalidated URL Fetching (SSRF)5/18/2026
HIGH7.3CVE-2026-8771EPSS 0.04%org.linlinjava:litemall-wx-api has an Injection issue5/18/2026
HIGH7.3CVE-2026-8759EPSS 0.03%Beetl's SpELFunction extension function has an expression injection risk5/17/2026
HIGH7.4CVE-2026-45575EPSS 0.01%Improper Verification of Cryptographic Signature in com.oviva.telematik:epa4all-client5/15/2026
HIGH8.1CVE-2026-35194EPSS 0.07%Apache Flink: Remote code execution via SQL injection in code generation5/15/2026
HIGH8.1CVE-2026-45574EPSS 0.01%epa4all-client: TLS Certificate Validation Disabled in Production5/15/2026
HIGH8.1CVE-2026-8178EPSS 0.03%Amazon Redshift Vulnerable to Remote Code Execution via Unsafe Class Loading5/14/2026
CRITICAL9.8CVE-2026-45083EPSS 0.05%Goobi viewer - Core: Unauthenticated Solr Streaming Expression Proxy5/13/2026
CRITICAL9.1CVE-2026-33117EPSS 0.03%Security feature bypass vulnerability in Azure Key Vault Keys library for Java5/12/2026
CRITICAL9.1CVE-2026-43515EPSS 0.10%Apache Tomcat - Security constraints not correctly applied5/12/2026
LOW3.7CVE-2026-43514EPSS 0.10%Apache Tomcat - AJP secret compared in non-constant time5/12/2026
HIGH7.5CVE-2026-43513EPSS 0.08%Apache Tomcat: LockOutRealm treats user names as case-sensitive5/12/2026
CRITICAL9.8CVE-2026-43512EPSS 0.14%Apache Tomcat - Digest authenticator will authenticate any unknown user5/12/2026
HIGH7.3CVE-2026-42498EPSS 0.05%Apache Tomcat - WebSocket authentication header exposure5/12/2026
CRITICAL9.8CVE-2026-41293EPSS 0.25%Apache Tomcat - HTTP/2 request headers not validated5/12/2026
HIGH7.5CVE-2026-41284EPSS 0.05%Apache Tomcat: Unbounded read in WebDAV LOCK and PROPFIND handling5/12/2026

Page 1 of 123Next →