VYPR

CVEs

344,996 total · page 5 of 6,900

  • CVE-2026-59998Jul 8, 2026
    risk 0.00cvss epss 0.00

    sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.

  • CVE-2026-7017Jul 8, 2026
    risk 0.00cvss epss 0.00

    HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets. When the server returns a 3xx redirect, `_maybe_redirect` follows the `Location:` header and `_prepare_headers_and_cb` re-merges the caller's `headers` argument into the new…

  • CVE-2026-15044modJul 8, 2026
    risk 0.41cvss 6.3epss 0.00

    trustyai-service-operator: TrustyAI Service Operator: Unauthenticated access to AI guardrails and orchestrator APIs

  • CVE-2026-15063modJul 8, 2026
    risk 0.41cvss 6.3epss 0.00

    trustyai-service-operator: TrustyAI Service Operator: Gorch port bypass when auth IS enabled

  • CVE-2026-59691impJul 8, 2026
    risk 0.46cvss 7.1epss 0.00

    gstreamer: gstreamer: rfbsrc/librfb Hextile heap out-of-bounds write with 16bpp framebuffer

  • CVE-2026-59692impJul 8, 2026
    risk 0.49cvss 7.5epss 0.00

    gstreamer: gstreamer: DTLS certificate Subject DN stack buffer overflow in openssl_verify_callback

  • CVE-2026-14969modJul 7, 2026
    risk 0.29cvss 4.4epss 0.00

    389-ds-base: 389-ds-base: Static initialization vector in AES-CBC/3DES-CBC attribute encryption

  • CVE-2026-14935lowJul 7, 2026
    risk 0.24cvss 3.7epss 0.00

    gstreamer: gstreamer: webrtcbin accepts remote SDP without a=fingerprint due to inverted presence check

  • CVE-2026-14940modJul 7, 2026
    risk 0.34cvss 5.3epss 0.00

    389-ds-base: 389-ds-base: heap-buffer-overflow in DN normalization via quoted multivalued RDN

  • CVE-2026-58203Jul 7, 2026
    risk 0.00cvss epss 0.00

    pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secrets_dir. When secrets_nested_subdir=True, a directory entry inside secrets_dir that is a symbolic link pointing…

  • CVE-2026-14803Jul 7, 2026
    risk 0.00cvss epss 0.00

    Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path (`_decode_value` dispatching to `_decode_array` and `_decode_object`) recurses with no depth limit, so a small deeply nested JSON…

  • CVE-2026-14787Jul 7, 2026
    risk 0.00cvss epss 0.00

    A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmd_print in the library libr/core/cmd_print.inc of the component pb Print Command Handler. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit…

  • CVE-2026-14761Jul 7, 2026
    risk 0.00cvss epss 0.00

    A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function r_str_ndup/r_str_append of the file libr/util/str.c. The manipulation leads to integer overflow. An attack has to be approached locally. The exploit has been…

  • CVE-2026-14786Jul 7, 2026
    risk 0.00cvss epss 0.00

    A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function r_str_word_get0set of the file libr/util/str.c. The manipulation results in integer overflow. The attack must be initiated from a local position. The exploit has been released to the…

  • CVE-2026-14789Jul 7, 2026
    risk 0.00cvss epss 0.00

    A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of the component Memory64ListStream Parser. Performing a manipulation results in stack-based buffer overflow. The attack…

  • CVE-2026-14758Jul 7, 2026
    risk 0.00cvss epss 0.00

    A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmd_anal_opcode of the file libr/core/cmd_anal.inc.c of the component hexpairs Parser. Such manipulation leads to integer overflow. The attack needs to be performed locally.…

  • CVE-2026-54059Jul 7, 2026
    risk 0.00cvss epss 0.00

    Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py _load_bitmaps() read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes() without calling Image._decompression_bomb_check(), allowing crafted PCF font data to cause…

  • CVE-2026-55380Jul 7, 2026
    risk 0.00cvss epss 0.00

    Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile._open() read image dimensions from the GD 2.x header and stored them in self._size without calling Image._decompression_bomb_check(), allowing a crafted .gd file to trigger excessive C-heap…

  • CVE-2026-54060Jul 7, 2026
    risk 0.00cvss epss 0.00

    Pillow is a Python imaging library. Prior to 12.3.0, PIL/FontFile.py FontFile.compile() assembled per-glyph images into a combined bitmap with Image.new("1", (xsize, ysize)) without calling Image._decompression_bomb_check(), allowing a font to trigger excessive allocation during…

  • CVE-2026-55798Jul 7, 2026
    risk 0.00cvss epss 0.00

    Pillow is a Python imaging library. Prior to 12.3.0, WindowsViewer.get_command() constructed a cmd.exe shell command by directly embedding a file path into an f-string without escaping and passed the result to subprocess.Popen(..., shell=True), allowing shell metacharacters in…

  • CVE-2026-55379Jul 7, 2026
    risk 0.00cvss epss 0.00

    Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdf_char() read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new() without calling Image._decompression_bomb_check(), bypassing Pillow's documented…

  • CVE-2026-54291Jul 7, 2026
    risk 0.00cvss epss 0.00

    pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting…

  • CVE-2026-58380Jul 7, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscanner_gettoken() function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to…

  • CVE-2026-58404Jul 7, 2026
    risk 0.00cvss epss 0.00

    Hugo is a static site generator. From v0.162.0 through v0.163.0, the default security.http.urls policy denies requests to loopback, internal, and cloud-metadata IPv4 literals, but the deny rule only matched dotted-decimal notation, so alternate IPv4 encodings of the same…

  • CVE-2026-58403Jul 7, 2026
    risk 0.00cvss epss 0.00

    Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a…

  • CVE-2026-58402Jul 7, 2026
    risk 0.00cvss epss 0.00

    Hugo is a static site generator. From 0.60.0 until 0.163.3, Hugo's default code-block renderer wrote the Markdown code-fence language or info-string into the code class="language-…" data-lang="…" wrapper without HTML escaping. A fence info-string containing a quote and a…

  • CVE-2026-13708Jul 7, 2026
    risk 0.00cvss epss 0.00

    Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in i_readjpeg_wiol. i_readjpeg_wiol walks the marker list libjpeg returns and, for each APP13 marker, allocates a new buffer with *iptc_itext = mymalloc(...) and…

  • CVE-2026-13705Jul 7, 2026
    risk 0.00cvss epss 0.00

    Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read_rgb_16_rle. read_rgb_16_rle guards each literal run with if (count > data_left), but count is a pixel count while every 16-bit…

  • CVE-2026-11610impJul 7, 2026
    risk 0.57cvss 8.8epss 0.01

    389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND

  • CVE-2026-14474impJul 7, 2026
    risk 0.57cvss 8.8epss 0.00

    sssd: sssd: sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation

  • CVE-2026-14476modJul 7, 2026
    risk 0.52cvss 8.0epss 0.01

    sssd: sssd: GPO cache path traversal via unsanitized gPCFileSysPath allows Kerberos authentication bypass

  • CVE-2026-12352medJul 7, 2026
    risk 0.38cvss 5.9epss 0.00

    The vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device.

  • CVE-2026-12948lowJul 7, 2026
    risk 0.25cvss 3.8epss 0.00

    A stored cross-site scripting (XSS) vulnerability in the web management interface of the Digi PortServer TS, Digi One SP, Digi One SP IA, and Digi One IA allows a remote, authenticated administrator to inject script into certain system configuration fields. The script…

  • CVE-2026-20744criJul 7, 2026
    risk 0.64cvss 9.8epss 0.01

    The charging station websocket endpoint accepts connections without proper authentication, which could lead to privilege escalation.

  • CVE-2026-42952higJul 7, 2026
    risk 0.49cvss 7.5epss 0.00

    Previously, there was no throttling on repeated authentication attempts to the charging station backend, which could allow an attacker to execute a Denial-of-Service attack.

  • CVE-2026-42953higJul 7, 2026
    risk 0.51cvss 7.8epss 0.00

    The application contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution.

  • CVE-2026-42958higJul 7, 2026
    risk 0.51cvss 7.8epss 0.00

    The application contains a use-after-free vulnerability that can be exploited to cause memory corruption while parsing specially crafted files. This could allow an attacker to execute arbitrary code in the context of the current process.

  • CVE-2026-44383higJul 7, 2026
    risk 0.49cvss 7.5epss 0.01

    Multiple connections to the backend using the same charging station ID are allowed, which could allow an attacker to deploy multiple instances of malicious OCPP clients to overwhelm the backend.

  • CVE-2026-49033higJul 7, 2026
    risk 0.51cvss 7.8epss 0.00

    The application contains a stack-based buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code.

  • CVE-2025-12799modJul 7, 2026
    risk 0.42cvss 6.5epss 0.00

    jastow: Jastow Cross-Site Scripting attack due to unsanitized URI

  • CVE-2026-59710modJul 6, 2026
    risk 0.33cvss 6.1epss 0.00

    showdown: Showdown: Stored Cross-Site Scripting via unescaped table header ID attributes in markdown

  • CVE-2026-59711modJul 6, 2026
    risk 0.40cvss 6.1epss 0.00

    showdown: Showdown: Cross-site scripting via unescaped metadata title allows arbitrary code execution

  • CVE-2026-55514modJul 6, 2026
    risk 0.35cvss 6.5epss 0.00

    vllm: vLLM: Denial of Service via crafted prompt in /v1/completions request

  • CVE-2026-55574impJul 6, 2026
    risk 0.42cvss 7.5epss 0.00

    vllm: vLLM: Denial of Service via adversarial regular expression in structured outputs API

  • CVE-2026-54234impJul 6, 2026
    risk 0.42cvss 7.5epss 0.00

    vllm: vLLM: Denial of Service via malformed speculative decoding workload

  • CVE-2026-55646modJul 6, 2026
    risk 0.35cvss 6.5epss 0.00

    vllm: vLLM: Denial of Service due to excessive memory allocation via oversized audio file uploads

  • CVE-2026-48614criJul 6, 2026
    risk 0.64cvss 9.9epss 0.00

    Plesk: Plesk: Privilege escalation via improper authorization in XML API

  • CVE-2026-59195impJul 6, 2026
    risk 0.46cvss 8.2epss 0.00

    pnpm: pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config

  • CVE-2026-59194impJul 6, 2026
    risk 0.39cvss 7.1epss 0.00

    pnpm: pnpm: patch-remove could delete project-selected files outside the patches directory

  • CVE-2026-59152modJul 6, 2026
    risk 0.26cvss 5.0epss 0.00

    langsmith: LangSmith SDK TracingMiddleware: Information Disclosure via Arbitrary Server-Side File Read