VYPR

CVEs

38,011 total · page 14 of 761

  • CVE-2026-8589HigJun 11, 2026
    risk 0.47cvss 7.3epss 0.00

    GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to add unauthorized email addresses to a targeted user's account due…

  • CVE-2026-8464HigJun 11, 2026
    risk 0.54cvss epss 0.00

    Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0

  • CVE-2026-7250HigJun 11, 2026
    risk 0.49cvss 7.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an unauthenticated user to cause denial of service due to improper input validation in…

  • CVE-2026-6552HigJun 11, 2026
    risk 0.57cvss 8.7epss 0.00

    GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab…

  • CVE-2026-10087HigJun 11, 2026
    risk 0.57cvss 8.7epss 0.00

    GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code…

  • CVE-2026-5497HigJun 11, 2026
    risk 0.42cvss 7.5epss 0.01

    vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` method. When processing `video/jpeg` data URLs, the method splits the base64 data string on commas to…

  • CVE-2026-53901HigJun 11, 2026
    risk 0.50cvss epss 0.00

    Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add() handler attempted to remove an attacker-supplied id from $params before normalizing the request through __massageInput(). Because the normalized $input could still…

  • CVE-2023-33999HigJun 11, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.

  • CVE-2026-41856HigJun 11, 2026
    risk 0.49cvss 7.5epss 0.00

    The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security…

  • CVE-2026-41700HigJun 11, 2026
    risk 0.53cvss 8.1epss 0.00

    Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross-Site WebSocket Hijacking. An attacker can trick an authenticated user into visiting a malicious page, allowing the attacker to execute arbitrary GraphQL operations with the victim's…

  • CVE-2026-41699HigJun 11, 2026
    risk 0.53cvss 8.1epss 0.00

    Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that can lead to Remote Code Execution when the application exposes a paginated (Connection) field and the…

  • CVE-2026-40999HigJun 11, 2026
    risk 0.56cvss 8.6epss 0.00

    When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to…

  • CVE-2026-40998HigJun 11, 2026
    risk 0.53cvss 8.2epss 0.00

    Jaxp13XPathTemplate evaluated XPath expressions for StreamSource and SAXSource inputs using a code path that parsed attacker-controlled XML with the JDK's default DocumentBuilderFactory behavior instead of Spring's hardened parser configuration. Applications that evaluate XPath…

  • CVE-2026-40994HigJun 11, 2026
    risk 0.53cvss 8.2epss 0.00

    Wss4jSecurityInterceptor initialized its BSP (WS-I Basic Security Profile) compliance flag so that inbound validation disabled WSS4J BSP enforcement on RequestData. Services that validate WS-Security on the network could therefore accept messages that violate BSP rules,…

  • CVE-2026-40987HigJun 11, 2026
    risk 0.46cvss 7.1epss 0.00

    A malicious or compromised FTP/SFTP/SMB server can write arbitrary files anywhere on the client filesystem (outside the configured local-directory) with attacker-controlled content. Affected versions: Spring Integration 7.0.0 through 7.0.4; 6.5.0 through 6.5.8; 6.4.0 through…

  • CVE-2026-10795HigJun 11, 2026
    risk 0.46cvss 8.1epss 0.04

    The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.26.4 via the UpdraftPlus_Remote_Communications_V2::wp_loaded function. This is due to insufficient validation of the remote…

  • CVE-2026-53461HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions…

  • CVE-2026-53460HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in…

  • CVE-2026-52726HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, `dulwich.porcelain.submodule_update`, and by extension `porcelain.clone(..., recurse_submodules=True)`, materializes attacker-controlled…

  • CVE-2026-50223HigJun 10, 2026
    risk 0.57cvss 8.8epss 0.01

    Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks that could lead to Remote Code Execution. This issue affects…

  • CVE-2026-49218HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This…

  • CVE-2026-47342HigJun 10, 2026
    risk 0.57cvss 8.8epss 0.00

    A privilege escalation vulnerability in Apache OFBiz allows a low-privileged authenticated user to obtain higher privileges This issue affects Apache OFBiz: before 24.09.07. Users are recommended to upgrade to version 24.09.07, which fixes the issue.

  • CVE-2026-44693HigJun 10, 2026
    risk 0.50cvss 8.8epss 0.00

    Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. Prior to version 6.6.1, Pi-hole FTL contains a race condition vulnerability in the HTTP session management subsystem, introduced with the v6.0 rewrite of the embedded CivetWeb-based…

  • CVE-2026-42563HigJun 10, 2026
    risk 0.43cvss epss 0.01

    Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, Dulwich's `ProcessMergeDriver` substitutes the file path (from the git tree, controllable by an attacker via a malicious branch) into the merge…

  • CVE-2026-42558HigJun 10, 2026
    risk 0.42cvss 7.6epss 0.00

    Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.2, a vulnerability chain consisting of Stored XSS and Iframe Sandbox escape in the Xibo CMS allows users with DataSet permissions to use the…

  • CVE-2026-42305HigJun 10, 2026
    risk 0.50cvss 8.8epss 0.01

    Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's…

  • CVE-2026-53738HigJun 10, 2026
    risk 0.53cvss 8.1epss 0.00

    Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation in the cdp_action_handling AJAX handler. Attackers with an enabled role can delete posts or overwrite plugin settings via the f parameter, bypassing per-function capability checks.

  • CVE-2026-50131HigJun 10, 2026
    risk 0.49cvss 8.6epss 0.00

    Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation…

  • CVE-2026-48110HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.00

    Russh is a Rust SSH client & server library. From version 0.34.0 to before version 0.61.0, several russh client and server message handlers decoded attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote…

  • CVE-2026-46702HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.00

    Russh is a Rust SSH client & server library. From version 0.34.0 to before version 0.61.1, when SSH compression is enabled, russh accepted compressed packets whose on-wire size passed the normal transport packet-length checks but whose decompressed size was much larger. This…

  • CVE-2026-46689HigJun 10, 2026
    risk 0.50cvss epss 0.00

    Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (≈ 4–12 KB) drives the recursive-descent PEG parser past the worker thread's stack…

  • CVE-2026-46679HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.00

    libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 15.0.23, three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.js heap of any gossipsub node with default options. This issue has been patched…

  • CVE-2026-46673HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.00

    Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh releases, local SSH agent peers could still feed attacker-controlled frame lengths…

  • CVE-2026-46669HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling…

  • CVE-2026-46654HigJun 10, 2026
    risk 0.51cvss epss 0.00

    Plonky3 is a toolkit for polynomial IOPs (PIOPs). Prior to versions 0.4.3 and 0.5.3, an attacker controlling prover-side observations can craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir. This issue has been patched in…

  • CVE-2026-46625HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.00

    JavaScript Cookie is a JavaScript API for handling cookies, client-side. Prior to version 3.0.7, js-cookie's internal assign() helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object's "__proto__" member is an…

  • CVE-2026-46522HigJun 10, 2026
    risk 0.52cvss 7.5epss 0.02

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and…

  • CVE-2026-46520HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions…

  • CVE-2026-45783HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.00

    libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 16.2.6, an unauthenticated remote peer can exhaust the disk storage of any @libp2p/kad-dht node running in server mode by sending an unbounded stream of PUT_VALUE messages whose keys bypass all…

  • CVE-2026-44692HigJun 10, 2026
    risk 0.43cvss 7.7epss 0.00

    Sharp is a content management framework built for Laravel as a package. Prior to version 9.22.0, Sharp exposes a generic download endpoint that authorizes access only to the supplied Sharp entity instance, but then reads the target storage disk and path from request parameters.…

  • CVE-2026-42542HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.01

    TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are…

  • CVE-2026-42462HigJun 10, 2026
    risk 0.39cvss 7.0epss 0.00

    Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.9.11, 1.10.10, 2.0.18, 2.1.14, and 2.2.3, an attacker can make use of JSON-LD features to restructure a JSON-LD document that would change how Fedify interprets it…

  • CVE-2026-2049HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit…

  • CVE-2026-10143HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.01

    kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py,…

  • CVE-2026-10142HigJun 10, 2026
    risk 0.42cvss 7.5epss 0.00

    kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation.…

  • CVE-2026-0274HigJun 10, 2026
    risk 0.53cvss epss 0.00

    An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected resources.

  • CVE-2022-26758HigJun 10, 2026
    risk 0.46cvss 7.1epss 0.00

    A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4.

  • CVE-2026-47764higJun 10, 2026
    risk 0.38cvss epss 0.00

    InstallDestination.write_to_fs() in src/pdm/installers/installers.py overrides the base class to add symlink/hardlink support but replaces the safe _path_with_destdir() (which validates via Path.resolve() + is_relative_to()) with a bare os.path.join() that performs no path…

  • CVE-2026-6893HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.01

    A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration Protocol) options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are…

  • CVE-2026-46643HigJun 10, 2026
    risk 0.42cvss epss 0.00

    Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.1, on POSIX, escapeshellarg(‘/usr/bin/wkhtmltopdf’) returns the literal string ‘/usr/bin/wkhtmltopdf’ with the single-quote characters included.…