VulnScope — package-centric CVE lookup
MEDIUM5.3 CVE-2026-42769 Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CM… 6/9/2026 HIGH7.5 Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frame… 6/9/2026 HIGH8.1 Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap… 6/9/2026 CRITICAL9.1 Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex… 6/9/2026 MEDIUM6.3 FUXA's scheduler API missing admin check enables operator-to-admin escalation via scheduled device actions 6/8/2026 MEDIUM5.3 FUXA has SQL Injection in its TDengine DAQ connector via backslash bypass of escapeTdString 6/8/2026 HIGH8.2 FUXA: Unauthenticated SSRF via Socket.IO DEVICE_WEBAPI_REQUEST and DEVICE_PROPERTY with response reading 6/8/2026 — actual Allows Electron to Run As Node 6/8/2026 MEDIUM5.4 Authlib OAuth 2.0 has Open Redirect in Authorization API that allows attacker-controlled redirect_uri through unsupported response_type 6/8/2026 — Cordova Plugin InAppBrowser: iOS: Arbitrary Cordova callback IDs can be dispatched without validation from InAppBrowser WebViews. 6/8/2026 MEDIUM4.3 MariaDB server is a community developed fork of MySQL server. 6/7/2026 MEDIUM6.3 MariaDB server is a community developed fork of MySQL server. 6/7/2026 HIGH8.0 MariaDB server is a community developed fork of MySQL server. 6/7/2026 — MariaDB server is a community developed fork of MySQL server. 6/7/2026 — MariaDB server is a community developed fork of MySQL server. 6/7/2026 HIGH8.0 MariaDB server is a community developed fork of MySQL server. 6/7/2026 HIGH8.0 MariaDB server is a community developed fork of MySQL server. 6/7/2026 MEDIUM5.0 MariaDB server is a community developed fork of MySQL server. 6/7/2026 MEDIUM4.3 Bugsink: DOS using large numbers of event tags 6/5/2026 MEDIUM4.3 Bugsink: Project scoping missing in sourcemap and debug-file lookup 6/5/2026 LOW3.1 Bugsink: Issue bulk actions can affect another project’s issue if its UUID is known 6/5/2026 LOW3.1 Bugsink: Issue event views can show an event from another project if its UUID is known 6/5/2026 HIGH8.7 TinyMCE Cross-Site Scripting (XSS) vulnerability using media plugin `data-mce-object` injection 6/5/2026 HIGH8.7 TinyMCE Cross-Site Scripting (XSS) vulnerability through `mce:protected` comments 6/5/2026 HIGH8.7 TinyMCE Cross-Site Scripting (XSS) vulnerability using through data-mce- prefixed src, href, style attributes 6/5/2026 ← Prev Page 3 of 571 Next →