VYPR

CVEs

38,011 total · page 15 of 761

  • CVE-2026-46529HigJun 10, 2026
    risk 0.48cvss epss 0.01

    Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into…

  • CVE-2026-1220HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    Race in V8 in Google Chrome prior to 144.0.7559.99 allowed a remote attacker to potentially exploit type confusion via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-50637HigJun 10, 2026
    risk 0.53cvss 8.2epss 0.00

    Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions) allow mutiple metrics,separated by newlines, to be sent per packet. The send method does not validate the contents of the metric names…

  • CVE-2026-48060higJun 10, 2026
    risk 0.38cvss epss 0.00

    # Overview Litestar instances which use a template engine in conjunction with CSRF protection are vulnerable to HTML Injection which can be escalated to Cross Site Scripting due to the contents of the CSRF cookie being excluded from automatic escaping by the template engine…

  • CVE-2026-9151HigJun 10, 2026
    risk 0.55cvss epss 0.01

    An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to execute arbitrary commands on the device by importing a specially crafted VPN…

  • CVE-2026-50570HigJun 10, 2026
    risk 0.48cvss 8.5epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety validation for tenant-facing Environment and Function CRDs (ValidatePodSpecSafety /…

  • CVE-2026-50567HigJun 10, 2026
    risk 0.43cvss 7.7epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go joined each archive entry name with the destination directory via filepath.Join…

  • CVE-2026-49824HigJun 10, 2026
    risk 0.48cvss 8.5epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Fission Function admission webhook (pkg/webhook/function.go) validated that spec.secrets[].namespace and…

  • CVE-2026-49823HigJun 10, 2026
    risk 0.43cvss 7.7epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were…

  • CVE-2026-49822HigJun 10, 2026
    risk 0.43cvss 7.7epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a low-privilege developer who could create a KubernetesWatchTrigger (KWT) in their own namespace was able to…

  • CVE-2026-49821HigJun 10, 2026
    risk 0.43cvss 7.7epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's buildermgr controller processed Package CRDs without verifying that Package.spec.environment.namespace…

  • CVE-2026-46617HigJun 10, 2026
    risk 0.50cvss epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher…

  • CVE-2026-46612HigJun 10, 2026
    risk 0.50cvss 8.8epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission storagesvc component registers archive CRUD handlers (/v1/archive GET / POST / DELETE and…

  • CVE-2026-45062HigJun 10, 2026
    risk 0.46cvss 8.1epss 0.01

    FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos() function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an…

  • CVE-2026-20258HigJun 10, 2026
    risk 0.46cvss 7.1epss 0.00

    In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could store a malicious…

  • CVE-2026-20252HigJun 10, 2026
    risk 0.49cvss 7.6epss 0.00

    In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send…

  • CVE-2026-20251HigJun 10, 2026
    risk 0.57cvss 8.8epss 0.01

    In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold…

  • CVE-2026-11417HigJun 10, 2026
    risk 0.40cvss 7.3epss 0.01

    OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 (2.246.0 on Windows) might allow an actor who controls the value of one or more bundling properties (externalModules, define, loader, inject, or esbuildArgs) to execute arbitrary…

  • CVE-2026-47701higJun 10, 2026
    risk 0.38cvss epss 0.00

    ## Affected Repository: github.com/open-telemetry/opentelemetry-operator Component: cmd/otel-allocator (TargetAllocator) Companion: Prometheus Operator API types (CRDs) ## Summary OpenTelemetry Operator's TargetAllocator watches `ServiceMonitor` resources via the Prometheus…

  • CVE-2026-47253higJun 10, 2026
    risk 0.38cvss epss 0.00

    # Path Traversal in `clear_plugin_cache` Allows Arbitrary Directory Deletion | Field | Value | | ---------------- | ----- | | Repository | julien040/anyquery | | Affected version | 0.4.4 | | Vulnerability | CWE-22 — Improper Limitation of a Pathname to a…

  • CVE-2025-53114higJun 10, 2026
    risk 0.38cvss epss 0.00

    ### Impact Bad clients that always send a fixed batch value while the server is using the acknowledgement extension can cause the unacknowledged message queue to grow indefinitely, eventually resulting in an OutOfMemoryError. Such bad clients would always send: ```json { …

  • CVE-2026-53694HigJun 10, 2026
    risk 0.47cvss epss 0.00

    Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2.

  • CVE-2026-49759HigJun 10, 2026
    risk 0.46cvss 8.2epss 0.01

    Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctp_parse_error_chunk function in erts/emulator/drivers/common/inet_drv.c parses SCTP ERROR chunks…

  • CVE-2026-46558HigJun 10, 2026
    risk 0.47cvss 8.3epss 0.00

    Plane is an open-source project management tool. Prior to version 1.3.1, there is a cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in other Plane workspaces. This issue has been patched in version 1.3.1.

  • CVE-2026-45569HigJun 10, 2026
    risk 0.46cvss 8.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, ommit d4d10006 ("Expand validation to block .. in config_file_name and configver for improved security") added a line in app/modules/config/config.py:462. This…

  • CVE-2026-45567HigJun 10, 2026
    risk 0.54cvss 8.3epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, there is an authentication bypass vulnerability via 'api' substring in URL + unauthenticated /api/gpt. At time of publication, there are no publicly available…

  • CVE-2026-45565HigJun 10, 2026
    risk 0.53cvss 8.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, EscapedString (app/modules/roxywi/class_models.py:16-30) is the centralised Pydantic validator used on dozens of fields including SSH credential name, username,…

  • CVE-2026-25700HigJun 10, 2026
    risk 0.40cvss 7.2epss 0.00

    Improper Restriction of Security Token Assignment vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Previously issued administrative tokens were not invalidated after an administrator account was suspended, deleted, or deactivated, allowing…

  • CVE-2026-9045HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.00

    During an internal security assessment, a potential vulnerability was discovered in Lenovo Accessories and Display Manager for Enterprise for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges.

  • CVE-2026-8637HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.00

    A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local authenticated user to execute arbitrary code with elevated privileges.

  • CVE-2026-8335HigJun 10, 2026
    risk 0.46cvss epss 0.00

    A missing authentication check on the Aix‑DB "/llm/process_llm_out" endpoint allows unauthenticated clients to execute arbitrary "SELECT" SQL queries and retrieve database data, as the endpoint lacks the token validation enforced on all other application endpoints. All…

  • CVE-2026-6090HigJun 10, 2026
    risk 0.45cvss 7.0epss 0.00

    A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges.

  • CVE-2026-53689HigJun 10, 2026
    risk 0.39cvss 7.1epss 0.00

    libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfs_zdr_string in lib/libnfs-zdr.c.

  • CVE-2026-53473HigJun 10, 2026
    risk 0.40cvss 7.3epss 0.00

    A flaw was found in migration-planner-ui-app. An attacker can register a malicious discovery agent with a specially crafted credentialUrl containing JavaScript code. When an organizational user clicks this link in the user interface, the embedded malicious code executes within…

  • CVE-2026-45564HigJun 10, 2026
    risk 0.57cvss 8.8epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions//<server_ip>//save interpolates the URL-path configver parameter directly into a config-version path that ends up at…

  • CVE-2026-45549HigJun 10, 2026
    risk 0.55cvss 8.5epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, agent_action (app/routes/smon/agent_routes.py:166-179) has decorators @bp.post('/agent/action/') and @jwt_required() only — no role check, no group…

  • CVE-2026-9758HigJun 10, 2026
    risk 0.47cvss 7.3epss 0.00

    Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted

  • CVE-2026-53435HigJun 10, 2026
    risk 0.57cvss 8.8epss 0.15

    In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize arbitrary types defined in Jenkins core or plugins from an attacker-controlled `config.xml` submission in a way that allows them to handle HTTP requests afterwards.…

  • CVE-2026-52758HigJun 10, 2026
    risk 0.57cvss 8.8epss 0.00

    Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or…

  • CVE-2026-52755HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Ghidra before 12.0.4 contains a path traversal vulnerability in the theme import functionality that allows attackers to write files outside the intended theme directory. Attackers can craft malicious theme ZIP files with traversal sequences in filenames to execute arbitrary code…

  • CVE-2026-52754HigJun 10, 2026
    risk 0.50cvss 8.8epss 0.00

    Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate() that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate…

  • CVE-2026-52752HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Ghidra before 12.0.2 contains a path traversal vulnerability in the extension installer that fails to validate ZIP entry names during extraction. Attackers can craft malicious extensions with traversal sequences like ../ in filenames to write arbitrary files outside the intended…

  • CVE-2026-52751HigJun 10, 2026
    risk 0.50cvss 8.8epss 0.01

    Ghidra before 12.1 contains an unsafe deserialization vulnerability in client-side Shared-Project RMI connection code that allows unauthenticated remote code execution. Attackers can craft a malicious project file with a ghidra:// URL that, when opened via File → Open Project,…

  • CVE-2026-52750HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.01

    Ghidra before 12.1 contains a command injection vulnerability in URL annotation handling on Windows where cmd.exe metacharacters are not properly escaped. Attackers can execute arbitrary commands under the Ghidra user's privileges by embedding malicious URLs in program comments…

  • CVE-2026-49498HigJun 10, 2026
    risk 0.57cvss 8.8epss 0.00

    Ghidra 11.0 before 12.1 contains a SQL injection vulnerability in the changePassword() method of PostgresFunctionDatabase that fails to escape double quotes in usernames interpolated into ALTER ROLE statements. Authenticated attackers can inject SQL commands via crafted username…

  • CVE-2026-49069HigJun 10, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21.

  • CVE-2025-71330HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attackers can craft an ICNS buffer containing valid magic bytes and a zero-valued…

  • CVE-2025-71329HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite…

  • CVE-2026-48036higJun 10, 2026
    risk 0.38cvss epss 0.00

    **Affected:** `@hulumi/drift` `< 1.4.0` — **Fixed in:** `1.4.0` — **Severity:** Medium — **CWE-755 (Improper Handling of Exceptional Conditions)** #### Summary `@hulumi/drift` runs four adapters that each ask a different question about whether a resource has drifted…

  • CVE-2026-48035higJun 10, 2026
    risk 0.38cvss epss 0.00

    **Affected:** `@hulumi/baseline` `< 1.4.0` — **Fixed in:** `1.4.0` — **Severity:** High — **CWE-1059 (Insufficient Technical Documentation / Behavioral Inconsistency)** #### Summary The S3 bucket that `AccountFoundation` creates to receive CloudTrail and AWS Config audit…