VYPR

CVEs

344,989 total · page 3 of 6,900

  • CVE-2026-59879Jul 9, 2026
    risk 0.00cvss epss 0.00

    Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, List#set, List#setSize, List#setIn, List#updateIn, and the functional set, setIn, and updateIn mishandle an index or size in the range 2 ** 30 to 2 ** 31 in setListBounds in src/List.js,…

  • CVE-2026-59870Jul 9, 2026
    risk 0.00cvss epss 0.00

    js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11_SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem() to perform a linear duplicate-key scan on every insertion, causing O(n^2) CPU consumption when yaml.load() parses…

  • CVE-2026-59869Jul 9, 2026
    risk 0.00cvss epss 0.00

    js-yaml is a JavaScript YAML parser and dumper. From 3.0.0 before 3.15.0 and from 4.0.0 before 4.3.0, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This…

  • CVE-2026-59868Jul 9, 2026
    risk 0.00cvss epss 0.00

    js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.0, when merge keys are enabled, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This…

  • CVE-2026-14480criJul 9, 2026
    risk 0.64cvss 9.9epss 0.01

    OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑upload workflow. The application stores an attacker‑supplied filename (prog_file) directly into the Programs.File database field and later uses this value as the…

  • CVE-2026-38076modJul 9, 2026
    risk 0.42cvss 6.5epss 0.00

    jbig2dec: jbig2dec: Denial of Service via crafted input

  • CVE-2026-15168lowJul 8, 2026
    risk 0.16cvss 2.5epss 0.00

    wireshark: Wireshark: Information disclosure in BLF file parser

  • CVE-2026-15079Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15080Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15081Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15082Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15083Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15084Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15085Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15086Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15087Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-15089Jul 8, 2026
    risk 0.00cvss epss 0.00

    Mentioned in Drupal. See https://www.drupal.org/security for vendor details.

  • CVE-2026-59818modJul 8, 2026
    risk 0.35cvss 6.5epss 0.00

    etcd: etcd: Authentication bypass due to improper Certificate Revocation List enforcement on gRPC listener

  • CVE-2026-15166modJul 8, 2026
    risk 0.37cvss 5.7epss 0.00

    Wireshark: Wireshark: Denial of Service via IEEE 802.11 protocol dissector crash

  • CVE-2026-15174modJul 8, 2026
    risk 0.36cvss 5.5epss 0.00

    wireshark: Wireshark: Denial of Service via Catapult DCT2000 protocol dissector crash

  • CVE-2026-15172modJul 8, 2026
    risk 0.36cvss 5.5epss 0.00

    wireshark: Wireshark: Denial of service via FMP/NOTIFY protocol dissector crash

  • CVE-2026-15173modJul 8, 2026
    risk 0.26cvss epss 0.00

    Wireshark: Wireshark: Denial of Service via pcapng file parser crash

  • CVE-2026-15171modJul 8, 2026
    risk 0.36cvss 5.5epss 0.00

    wireshark: Wireshark: Denial of service via SSH protocol dissector crash

  • CVE-2026-15169modJul 8, 2026
    risk 0.36cvss 5.5epss 0.00

    wireshark: Wireshark: Denial of Service via UMTS FP protocol dissector crash

  • CVE-2026-15167modJul 8, 2026
    risk 0.42cvss 6.5epss 0.00

    wireshark: Wireshark: Denial of Service via DBS Etherwatch file parser crash

  • CVE-2026-15170modJul 8, 2026
    risk 0.36cvss 5.5epss 0.00

    wireshark: Wireshark: Denial of service via Z39.50 protocol dissector crash

  • CVE-2026-15165modJul 8, 2026
    risk 0.42cvss 6.5epss 0.00

    wireshark: Wireshark: Denial of Service via TLS ECH decryptor crash

  • CVE-2026-15163modJul 8, 2026
    risk 0.36cvss 5.5epss 0.00

    wireshark: Wireshark: Denial of Service via multiple protocol dissector infinite loops

  • CVE-2026-15164modJul 8, 2026
    risk 0.36cvss 5.5epss 0.00

    wireshark: Wireshark: Denial of Service vulnerability in ciscodump

  • CVE-2026-6352lowJul 8, 2026
    risk 0.18cvss 2.7epss 0.00

    gitlab: GitLab EE: Auditor-level users can modify compliance records via improper authorization in GraphQL

  • CVE-2026-7492modJul 8, 2026
    risk 0.34cvss 5.3epss 0.00

    gitlab-ee: gitlab: GitLab: Information disclosure of private project existence via improper authorization

  • CVE-2026-11827modJul 8, 2026
    risk 0.32cvss 4.9epss 0.00

    gitlab-ee: GitLab EE: Information disclosure via improper authorization controls

  • CVE-2026-13320impJul 8, 2026
    risk 0.47cvss 7.3epss 0.00

    gitlab: GitLab: Arbitrary script execution via improper input sanitization

  • CVE-2026-54591impJul 8, 2026
    risk 0.46cvss 8.1epss 0.00

    asyncssh: AsyncSSH: Arbitrary file write via path traversal in SCP client

  • CVE-2026-58494modJul 8, 2026
    risk 0.35cvss 6.5epss 0.00

    wasmtime: Wasmtime: Overwrite host files via insufficient permission checks in wasmtime-wasi

  • CVE-2026-59936modJul 8, 2026
    risk 0.35cvss 6.5epss 0.00

    pypdf: pypdf: Denial of Service via crafted PDF inline image

  • CVE-2026-59819modJul 8, 2026
    risk 0.25cvss 4.9epss 0.00

    litellm: LiteLLM: Information disclosure via local file read in test connection endpoint

  • CVE-2026-59820impJul 8, 2026
    risk 0.46cvss 8.1epss 0.00

    litellm: LiteLLM: Directory traversal via crafted skill archive upload

  • CVE-2026-44512modJul 8, 2026
    risk 0.35cvss 6.5epss 0.00

    onnx: ONNX: Denial of Service via crafted untrusted models

  • CVE-2026-59821impJul 8, 2026
    risk 0.40cvss 7.2epss 0.00

    litellm: LiteLLM: Arbitrary code execution and information disclosure via custom code guardrails

  • CVE-2026-15154modJul 8, 2026
    risk 0.42cvss 6.5epss 0.00

    guardrails-detectors: guardrails-detectors: Unauthenticated Regular-Expression Denial of Service (ReDoS) via detector_params.regex

  • CVE-2026-14362impJul 8, 2026
    risk 0.42cvss 7.5epss 0.00

    github.com/hashicorp/memberlist: HashiCorp memberlist: Denial of Service via push/pull state handling

  • CVE-2025-3110modJul 8, 2026
    risk 0.34cvss 5.3epss 0.00

    OpenVPN Access Server: OpenVPN Access Server: HTTP request smuggling via bare line-feed sequences in HTTP headers

  • CVE-2026-59892impJul 8, 2026
    risk 0.42cvss 7.5epss 0.00

    @opentelemetry/propagator-jaeger: OpenTelemetry JavaScript: Denial of Service via malformed HTTP header decoding

  • CVE-2026-0276lowJul 8, 2026
    risk 0.07cvss epss 0.00

    Palo Alto Networks security advisory: https://security.paloaltonetworks.com/CVE-2026-0276

  • CVE-2026-0277medJul 8, 2026
    risk 0.26cvss epss 0.00

    Palo Alto Networks security advisory: https://security.paloaltonetworks.com/CVE-2026-0277

  • CVE-2026-0278medJul 8, 2026
    risk 0.26cvss epss 0.00

    Palo Alto Networks security advisory: https://security.paloaltonetworks.com/CVE-2026-0278

  • CVE-2026-0279lowJul 8, 2026
    risk 0.07cvss epss 0.01

    Palo Alto Networks security advisory: https://security.paloaltonetworks.com/CVE-2026-0279

  • CVE-2026-0280lowJul 8, 2026
    risk 0.07cvss epss 0.00

    Palo Alto Networks security advisory: https://security.paloaltonetworks.com/CVE-2026-0280

  • CVE-2026-0281lowJul 8, 2026
    risk 0.07cvss epss 0.00

    Palo Alto Networks security advisory: https://security.paloaltonetworks.com/CVE-2026-0281