VYPR

CVEs

100,104 total · page 111 of 2,003

  • CVE-2026-40869HigApr 21, 2026
    risk 0.42cvss 7.5epss 0.00

    Decidim is a participatory democracy framework. Starting in version 0.19.0 and prior to versions 0.30.5 and 0.31.1, a vulnerability allows any registered and authenticated user to accept or reject any amendments. The impact is on any users who have created proposals where the…

  • CVE-2026-33813HigApr 21, 2026
    risk 0.42cvss 7.5epss 0.00

    Parsing a WEBP image with an invalid, large size panics on 32-bit platforms.

  • CVE-2026-40868HigApr 21, 2026
    risk 0.46cvss 8.1epss 0.00

    Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an…

  • CVE-2026-40867HigApr 21, 2026
    risk 0.46cvss epss 0.00

    Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, a broken access control vulnerability in the helpdesk attachment viewer allows any authenticated user to view attachments from other tickets by changing the attachment ID. This can expose…

  • CVE-2026-40866HigApr 21, 2026
    risk 0.56cvss epss 0.00

    Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the…

  • CVE-2026-40865HigApr 21, 2026
    risk 0.46cvss epss 0.00

    Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document viewer allows any authenticated user to access other employees’ uploaded documents by changing the document ID in the request. This…

  • CVE-2026-40614HigApr 21, 2026
    risk 0.50cvss 8.8epss 0.00

    PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers (dec_frame[].buf) were…

  • CVE-2026-40613HigApr 21, 2026
    risk 0.42cvss 7.5epss 0.01

    Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform unsafe pointer casts from uint8_t * to uint16_t * without alignment checks. When processing a crafted STUN message with odd-aligned…

  • CVE-2026-41192HigApr 21, 2026
    risk 0.39cvss 7.1epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the reply and draft flows trust client-supplied encrypted attachment IDs. Any IDs present in `attachments_all[]` but omitted from retained lists are decrypted and passed directly to…

  • CVE-2026-40611HigApr 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Let's Encrypt client and ACME library written in Go (Lego). Prior to 4.34.0, the webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write and deletion via path traversal. A malicious ACME server can supply a crafted challenge token containing ../…

  • CVE-2026-40599HigApr 21, 2026
    risk 0.46cvss 7.1epss 0.00

    ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to…

  • CVE-2026-40588HigApr 21, 2026
    risk 0.46cvss 8.1epss 0.00

    blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the password change form at /profile/{slug}/edit/ does not include a current_password field and does not verify the user's existing password before accepting a new one. Any attacker who obtains a valid…

  • CVE-2026-41191HigApr 21, 2026
    risk 0.39cvss 7.1epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, `MailboxesController::updateSave()` persists `chat_start_new` outside the allowed-field filter. A user with only the mailbox `sig` permission sees only the signature field in the UI, but can…

  • CVE-2026-41190HigApr 21, 2026
    risk 0.39cvss 7.1epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when `APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS` is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The `save_draft` AJAX path is weaker. A…

  • CVE-2026-41189HigApr 21, 2026
    risk 0.39cvss 7.1epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through `ThreadPolicy::edit()`, which checks mailbox access but does not apply the assigned-only restriction from `ConversationPolicy`. A user who cannot…

  • CVE-2026-40591HigApr 21, 2026
    risk 0.39cvss 7.1epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled `customer_id`, `name`, `to_email`, and `phone` values and resolves the target customer in the backend without enforcing…

  • CVE-2026-40589HigApr 21, 2026
    risk 0.42cvss 7.6epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer in another mailbox. The server discloses the hidden customer’s name and…

  • CVE-2026-40586HigApr 21, 2026
    risk 0.42cvss 7.5epss 0.00

    blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed authentication attempts are processed at full network speed with no IP-based rate limiting, no per-account attempt counter, no temporary…

  • CVE-2026-40585HigApr 21, 2026
    risk 0.41cvss 7.4epss 0.00

    blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a password reset is initiated, a 128-character CSPRNG token is generated and stored alongside a password_reset_at timestamp. However, the token redemption function findUserIDFromEmailAndToken() queries…

  • CVE-2026-40584HigApr 21, 2026
    risk 0.42cvss 7.5epss 0.00

    RansomLook is a tool to monitor Ransomware groups and markets and extract their victims. Prior to 1.9.0, the API in the affected application improperly filters private location entries in website/web/api/genericapi.py. Because the code removes elements from a list while…

  • CVE-2026-40583HigApr 21, 2026
    risk 0.46cvss 8.2epss 0.00

    UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred.

  • CVE-2026-40568HigApr 21, 2026
    risk 0.48cvss 8.5epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting (XSS) vulnerability in the mailbox signature feature. The sanitization function `Helper::stripDangerousTags()` (`app/Misc/Helper.php:568`) uses an…

  • CVE-2026-40161HigApr 21, 2026
    risk 0.43cvss 7.7epss 0.00

    Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token to a…

  • CVE-2026-38834HigApr 21, 2026
    risk 0.49cvss 7.3epss 0.01

    Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

  • CVE-2026-24189HigApr 21, 2026
    risk 0.53cvss 8.2epss 0.00

    NVIDIA CUDA-Q contains a vulnerability in an endpoint, where an unauthenticated attacker could cause an out-of-bounds read by sending a maliciously crafted request. A successful exploit of this vulnerability might lead to denial of service and information disclosure.

  • CVE-2026-24177HigApr 21, 2026
    risk 0.50cvss 7.7epss 0.00

    NVIDIA KAI Scheduler contains a vulnerability where an attacker could access API endpoints without authorization. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2026-37748HigApr 21, 2026
    risk 0.47cvss 7.2epss 0.01

    Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/admin_user_insert.php and vms/php/update_1.php. The move_uploaded_file() function is called without any MIME type, extension, or content validation, allowing an authenticated admin…

  • CVE-2026-5789HigApr 21, 2026
    risk 0.51cvss 7.8epss 0.00

    Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path (C:\Program…

  • CVE-2026-3298HigApr 21, 2026
    risk 0.50cvss epss 0.00

    The method "sock_recvfrom_into()" of "asyncio.ProacterEventLoop" (Windows only) was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not…

  • CVE-2026-31019HigApr 21, 2026
    risk 0.50cvss 8.8epss 0.01

    In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functions related to system command execution. An authenticated user with permission to edit PHP content can bypass this filtering, resulting in…

  • CVE-2026-31018HigApr 21, 2026
    risk 0.50cvss 8.8epss 0.00

    In Dolibarr ERP & CRM <= 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restricted to HTML/JavaScript editing to inject PHP code through unprotected inputs…

  • CVE-2025-14362HigApr 21, 2026
    risk 0.47cvss 7.3epss 0.00

    The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be logged in to is configured to log in with an SSH Key, making the SSH key vulnerable to being guessed via Brute Force.

  • CVE-2026-6784HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150 and…

  • CVE-2026-6782HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-6781HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-6780HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-6776HigApr 21, 2026
    risk 0.51cvss 7.8epss 0.00

    Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6773HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-6772HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6769HigApr 21, 2026
    risk 0.57cvss 8.8epss 0.00

    Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6766HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6761HigApr 21, 2026
    risk 0.57cvss 8.8epss 0.00

    Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6759HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6758HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-6756HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Mitigation bypass in Firefox for Android. This vulnerability was fixed in Firefox 150.

  • CVE-2026-6754HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6753HigApr 21, 2026
    risk 0.47cvss 7.3epss 0.00

    Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6752HigApr 21, 2026
    risk 0.47cvss 7.3epss 0.00

    Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6751HigApr 21, 2026
    risk 0.47cvss 7.3epss 0.00

    Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6750HigApr 21, 2026
    risk 0.57cvss 8.8epss 0.00

    Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.