| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-55884 | cri | 0.52 | — | 0.00 | Jun 19, 2026 | ## Summary The Tilt HUD HTTP server exposes state-changing and sensitive-read endpoints with no authentication. When the HUD is bound to a non-loopback address, a network attacker can trigger the developer's pre-defined Tiltfile resources, tamper with Tiltfile arguments, read… | ||
| CVE-2026-55883 | hig | 0.38 | — | 0.00 | Jun 19, 2026 | ## Summary The Tilt HUD WebSocket (`/ws/view`) is gated by a CSRF token, but the token is served by an unauthenticated endpoint and the upgrader accepts any client that omits an `Origin` header. When the HUD is network-exposed, an attacker can open the HUD stream and read the… | ||
| CVE-2026-55882 | hig | 0.38 | — | 0.00 | Jun 19, 2026 | ## Summary The Tilt HUD server mounts Go's `net/http/pprof` handlers under `/debug` with no access control. When the HUD is network-exposed, an attacker can read process memory — including session and apiserver tokens — and hold the process under profiling. ## Details A… | ||
| CVE-2026-9143 | 0.00 | — | 0.00 | Jun 19, 2026 | There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions. | |||
| CVE-2026-12104 | 0.00 | — | 0.01 | Jun 19, 2026 | OS command injection in the environment and tunnel configuration functionality in SIMA GmbH Bondix through version 1.25.7.5 on Linux allows an authenticated attacker with configuration write access to execute arbitrary operating-system commands via crafted configuration values… | |||
| CVE-2026-9142 | 0.00 | — | 0.00 | Jun 19, 2026 | There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network. This affects NI grpc-device 2.17.0 and… | |||
| CVE-2026-48141 | 0.00 | — | 0.00 | Jun 19, 2026 | There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion. This affects NI grpc-device 2.17.0 and prior versions. | |||
| CVE-2026-54051 | cri | 0.52 | — | — | Jun 19, 2026 | ## Summary The agent sandbox gates shell commands behind an allowlist (`SandboxPolicy.isCommandAllowed`), which THREAT_MODEL.md calls the main control against a compromised agent (Adversary 3.2). The allowlist glob-matches the whole command string, but `ShellExecutor` runs that… | ||
| CVE-2026-48140 | 0.00 | — | 0.00 | Jun 19, 2026 | There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially… | |||
| CVE-2026-48139 | 0.00 | — | 0.00 | Jun 19, 2026 | There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash. Successful exploitation requires an attacker to provide an unknown value to the data moniker service.… | |||
| CVE-2026-49872 | 0.00 | — | 0.00 | Jun 19, 2026 | Improper Authentication vulnerability in Apache APISIX. When the cas-auth plugin is used in a route, an attacker can possibly authenticate itself with credentials from a different source. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to… | |||
| CVE-2026-49871 | 0.00 | — | 0.00 | Jun 19, 2026 | Cross-Site Request Forgery (CSRF) vulnerability in the cas-auth plugin under default configurations. This defect allows a remote attacker that manages to send a victim to a webpage controlled by them can cause the victim's browser to become authenticated as a different… | |||
| CVE-2026-47341 | 0.00 | — | 0.00 | Jun 19, 2026 | Authentication Bypass by Capture-replay vulnerability in Apache APISIX. Attacker can benefit from certain configurations in hmac-auth to re-use a token forever, bypassing expiry. This issue affects Apache APISIX: from 3.11.0 through 3.16.0. Users are recommended to upgrade to… | |||
| CVE-2026-48895 | 0.00 | — | 0.00 | Jun 19, 2026 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The attacker could manipulate some client headers to perform an open-redirect, to potentially expose the session token. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are… | |||
| CVE-2026-48138 | 0.00 | — | 0.00 | Jun 19, 2026 | There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and… | |||
| CVE-2026-4027 | — | 0.00 | — | 0.00 | Jun 19, 2026 | A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 and R2 that could allow unauthorized access to attachment files due to insufficient access control. | ||
| CVE-2026-49231 | 0.00 | — | 0.00 | Jun 19, 2026 | Authentication Bypass by Spoofing vulnerability in opa plugin. An attacker could relay spoofed identity headers to upstream capitalising on non-default configuration in opa plugin. This could allow the attacker to assume higher privileges on the upstream service. This issue… | |||
| CVE-2026-49230 | 0.00 | — | 0.00 | Jun 19, 2026 | Improper Validation of Integrity Check Value vulnerability in Apache APISIX. The jwe-decrypt plugin under default configuration is vulnerable to authentication bypass. This issue affects Apache APISIX: from 3.8.0 through 3.16.0. Users are recommended to upgrade to version… | |||
| CVE-2026-44915 | 0.00 | — | 0.00 | Jun 19, 2026 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The default configuration of cas-auth in Apache APISIX is vulnerable to phishing and credential theft. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to… | |||
| CVE-2026-44087 | 0.00 | — | 0.00 | Jun 19, 2026 | Insufficient Verification of Data Authenticity vulnerability in Apache APISIX. The openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorized access the protected… | |||
| CVE-2026-49357 | 0.00 | — | 0.00 | Jun 19, 2026 | Line Desktop MCP is a project that, while unaffiliated with the official line-bot-mcp-server, allows users to directly operate the LINE Desktop application on Windows or Mac via MCP. `line-desktop-mcp` supports a `--http-mode` Streamable HTTP transport for use with clients such… | |||
| CVE-2026-47339 | 0.00 | — | 0.00 | Jun 19, 2026 | Incorrect Authorization vulnerability in Apache APISIX. An attacker can capitalise on authz-casdoor plugin under default configuration to authenticate themselves with credentials from a different source. This issue affects Apache APISIX: from 2.14.1 through 3.16.0. Users are… | |||
| CVE-2026-44046 | 0.00 | — | 0.00 | Jun 19, 2026 | Use of Less Trusted Source vulnerability in Apache APISIX. Attacker can take advantage of wolf-rbac plugin under default configuration to potentially pollute logs with spoofed identity information and exploit IP based access control rules. This issue affects Apache APISIX: from… | |||
| CVE-2026-39999 | 0.00 | — | 0.00 | Jun 19, 2026 | Authentication Bypass by Spoofing vulnerability in Apache APISIX. The attacker can completely bypass authentication capitalising on certain configurations of jwt-auth plugin. This issue affects Apache APISIX: from v2.2 through v3.16.0. Users are recommended to upgrade to… | |||
| CVE-2026-48137 | 0.00 | — | 0.01 | Jun 19, 2026 | There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a… | |||
| CVE-2026-39998 | 0.00 | — | 0.00 | Jun 19, 2026 | Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version… | |||
| CVE-2026-4026 | 0.00 | — | 0.00 | Jun 19, 2026 | A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 that could allow an authenticated user with read-only access to account settings to escalate their privileges to Administrator level. | |||
| CVE-2026-44939 | 0.00 | — | 0.01 | Jun 19, 2026 | A command injection vulnerability in the Rancher Manager cluster before 2.14.2 import endpoint /v3/import/{token}_{clusterId}.yaml through unsanitized YAML parameters could allow remote attackers to break out of an image, and execute e.g. malicious containers. | |||
| CVE-2026-50242 | 0.00 | — | 0.00 | Jun 19, 2026 | In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible | |||
| CVE-2026-56142 | 0.00 | — | 0.00 | Jun 19, 2026 | In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible | |||
| CVE-2026-56141 | 0.00 | — | 0.00 | Jun 19, 2026 | In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible | |||
| CVE-2026-53915 | 0.00 | — | 0.00 | Jun 19, 2026 | In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration | |||
| CVE-2026-12706 | 0.00 | — | 0.00 | Jun 19, 2026 | A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decode_move() function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker… | |||
| CVE-2026-11941 | 0.00 | — | 0.00 | Jun 19, 2026 | Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The “quiche_connection_id_iter_next” and “quiche_conn_retired_scid_next” functions would return a pointer to a “ConnectionId” to the applications via… | |||
| CVE-2026-41156 | — | 0.00 | — | 0.00 | Jun 19, 2026 | Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource (memory page) managed by a CPU thread of control (driver) and accessed by a GPU thread of… | ||
| CVE-2026-34192 | — | 0.00 | — | 0.00 | Jun 19, 2026 | Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error… | ||
| CVE-2026-8296 | 0.00 | — | 0.00 | Jun 19, 2026 | In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting Payload via artifacts. | |||
| CVE-2026-11576 | 0.00 | — | 0.00 | Jun 19, 2026 | The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fx_file_close() even when the file was never successfully opened. Multiple… | |||
| CVE-2026-56138 | 0.00 | — | 0.00 | Jun 19, 2026 | AIL framework contains a path traversal vulnerability in the /objects/item/diff endpoint. The endpoint accepts item identifiers through the s1 and s2 query parameters and, prior to the fix, attempted to retrieve and compare item contents without first verifying that both… | |||
| CVE-2026-46461 | 0.00 | — | 0.00 | Jun 19, 2026 | Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||
| CVE-2026-6798 | 0.00 | — | 0.00 | Jun 19, 2026 | The 2Download Connector for 2DL Hosted Checkout plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 0.1.5. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for… | |||
| CVE-2026-3640 | 0.00 | — | 0.00 | Jun 19, 2026 | The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin registers a REST API webhook endpoint at /wp-json/strabl/webhook/order with a permission_callback of __return_true, which allows… | |||
| CVE-2026-9822 | 0.00 | — | 0.00 | Jun 19, 2026 | The WP Hotel Booking WordPress plugin before 2.3.1 does not enforce capability checks in several of its AJAX handlers, allowing authenticated users with Subscriber-level access to read other users' booking line items, enumerate active coupons, and read pricing data. | |||
| CVE-2026-54414 | 0.00 | — | 0.01 | Jun 19, 2026 | FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint (/api/folder/uploadToSharedFolder.php), leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename() and… | |||
| CVE-2026-7515 | 0.00 | — | 0.01 | Jun 19, 2026 | The BetterDocs Pro plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 3.8.0 via the `doc_style` parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the… | |||
| CVE-2025-7737 | 0.00 | — | 0.00 | Jun 19, 2026 | DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E990, E1090, E1090H: before DKCMAIN Ver.93-07-21-80/00-05, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-01-80/00-07, CHB(iSCSI)… | |||
| CVE-2026-12644 | 0.00 | — | 0.00 | Jun 19, 2026 | Versions of the package ts-deepmerge before 8.0.0 are vulnerable to Uncaught Exception due to the improper handling of built-in Object.prototype methods (such as toString, valueOf). When user-controlled input contains these keys with non-function values, the resulting merged… | |||
| CVE-2026-10720 | 0.00 | — | 0.00 | Jun 19, 2026 | Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate (such as enrolled cluster members) or join token can manipulate files in an imported remote cluster… | |||
| CVE-2026-12430 | 0.00 | — | 0.00 | Jun 19, 2026 | The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with… | |||
| CVE-2026-10034 | 0.00 | — | 0.00 | Jun 19, 2026 | The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.39. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated… |
- risk 0.52cvss —epss 0.00
## Summary The Tilt HUD HTTP server exposes state-changing and sensitive-read endpoints with no authentication. When the HUD is bound to a non-loopback address, a network attacker can trigger the developer's pre-defined Tiltfile resources, tamper with Tiltfile arguments, read…
- risk 0.38cvss —epss 0.00
## Summary The Tilt HUD WebSocket (`/ws/view`) is gated by a CSRF token, but the token is served by an unauthenticated endpoint and the upgrader accepts any client that omits an `Origin` header. When the HUD is network-exposed, an attacker can open the HUD stream and read the…
- risk 0.38cvss —epss 0.00
## Summary The Tilt HUD server mounts Go's `net/http/pprof` handlers under `/debug` with no access control. When the HUD is network-exposed, an attacker can read process memory — including session and apiserver tokens — and hold the process under profiling. ## Details A…
- CVE-2026-9143Jun 19, 2026risk 0.00cvss —epss 0.00
There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions.
- CVE-2026-12104Jun 19, 2026risk 0.00cvss —epss 0.01
OS command injection in the environment and tunnel configuration functionality in SIMA GmbH Bondix through version 1.25.7.5 on Linux allows an authenticated attacker with configuration write access to execute arbitrary operating-system commands via crafted configuration values…
- CVE-2026-9142Jun 19, 2026risk 0.00cvss —epss 0.00
There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network. This affects NI grpc-device 2.17.0 and…
- CVE-2026-48141Jun 19, 2026risk 0.00cvss —epss 0.00
There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion. This affects NI grpc-device 2.17.0 and prior versions.
- risk 0.52cvss —epss —
## Summary The agent sandbox gates shell commands behind an allowlist (`SandboxPolicy.isCommandAllowed`), which THREAT_MODEL.md calls the main control against a compromised agent (Adversary 3.2). The allowlist glob-matches the whole command string, but `ShellExecutor` runs that…
- CVE-2026-48140Jun 19, 2026risk 0.00cvss —epss 0.00
There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially…
- CVE-2026-48139Jun 19, 2026risk 0.00cvss —epss 0.00
There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash. Successful exploitation requires an attacker to provide an unknown value to the data moniker service.…
- CVE-2026-49872Jun 19, 2026risk 0.00cvss —epss 0.00
Improper Authentication vulnerability in Apache APISIX. When the cas-auth plugin is used in a route, an attacker can possibly authenticate itself with credentials from a different source. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to…
- CVE-2026-49871Jun 19, 2026risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in the cas-auth plugin under default configurations. This defect allows a remote attacker that manages to send a victim to a webpage controlled by them can cause the victim's browser to become authenticated as a different…
- CVE-2026-47341Jun 19, 2026risk 0.00cvss —epss 0.00
Authentication Bypass by Capture-replay vulnerability in Apache APISIX. Attacker can benefit from certain configurations in hmac-auth to re-use a token forever, bypassing expiry. This issue affects Apache APISIX: from 3.11.0 through 3.16.0. Users are recommended to upgrade to…
- CVE-2026-48895Jun 19, 2026risk 0.00cvss —epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The attacker could manipulate some client headers to perform an open-redirect, to potentially expose the session token. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are…
- CVE-2026-48138Jun 19, 2026risk 0.00cvss —epss 0.00
There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and…
- CVE-2026-4027Jun 19, 2026risk 0.00cvss —epss 0.00
A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 and R2 that could allow unauthorized access to attachment files due to insufficient access control.
- CVE-2026-49231Jun 19, 2026risk 0.00cvss —epss 0.00
Authentication Bypass by Spoofing vulnerability in opa plugin. An attacker could relay spoofed identity headers to upstream capitalising on non-default configuration in opa plugin. This could allow the attacker to assume higher privileges on the upstream service. This issue…
- CVE-2026-49230Jun 19, 2026risk 0.00cvss —epss 0.00
Improper Validation of Integrity Check Value vulnerability in Apache APISIX. The jwe-decrypt plugin under default configuration is vulnerable to authentication bypass. This issue affects Apache APISIX: from 3.8.0 through 3.16.0. Users are recommended to upgrade to version…
- CVE-2026-44915Jun 19, 2026risk 0.00cvss —epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The default configuration of cas-auth in Apache APISIX is vulnerable to phishing and credential theft. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to…
- CVE-2026-44087Jun 19, 2026risk 0.00cvss —epss 0.00
Insufficient Verification of Data Authenticity vulnerability in Apache APISIX. The openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorized access the protected…
- CVE-2026-49357Jun 19, 2026risk 0.00cvss —epss 0.00
Line Desktop MCP is a project that, while unaffiliated with the official line-bot-mcp-server, allows users to directly operate the LINE Desktop application on Windows or Mac via MCP. `line-desktop-mcp` supports a `--http-mode` Streamable HTTP transport for use with clients such…
- CVE-2026-47339Jun 19, 2026risk 0.00cvss —epss 0.00
Incorrect Authorization vulnerability in Apache APISIX. An attacker can capitalise on authz-casdoor plugin under default configuration to authenticate themselves with credentials from a different source. This issue affects Apache APISIX: from 2.14.1 through 3.16.0. Users are…
- CVE-2026-44046Jun 19, 2026risk 0.00cvss —epss 0.00
Use of Less Trusted Source vulnerability in Apache APISIX. Attacker can take advantage of wolf-rbac plugin under default configuration to potentially pollute logs with spoofed identity information and exploit IP based access control rules. This issue affects Apache APISIX: from…
- CVE-2026-39999Jun 19, 2026risk 0.00cvss —epss 0.00
Authentication Bypass by Spoofing vulnerability in Apache APISIX. The attacker can completely bypass authentication capitalising on certain configurations of jwt-auth plugin. This issue affects Apache APISIX: from v2.2 through v3.16.0. Users are recommended to upgrade to…
- CVE-2026-48137Jun 19, 2026risk 0.00cvss —epss 0.01
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a…
- CVE-2026-39998Jun 19, 2026risk 0.00cvss —epss 0.00
Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version…
- CVE-2026-4026Jun 19, 2026risk 0.00cvss —epss 0.00
A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 that could allow an authenticated user with read-only access to account settings to escalate their privileges to Administrator level.
- CVE-2026-44939Jun 19, 2026risk 0.00cvss —epss 0.01
A command injection vulnerability in the Rancher Manager cluster before 2.14.2 import endpoint /v3/import/{token}_{clusterId}.yaml through unsanitized YAML parameters could allow remote attackers to break out of an image, and execute e.g. malicious containers.
- CVE-2026-50242Jun 19, 2026risk 0.00cvss —epss 0.00
In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible
- CVE-2026-56142Jun 19, 2026risk 0.00cvss —epss 0.00
In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible
- CVE-2026-56141Jun 19, 2026risk 0.00cvss —epss 0.00
In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible
- CVE-2026-53915Jun 19, 2026risk 0.00cvss —epss 0.00
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration
- CVE-2026-12706Jun 19, 2026risk 0.00cvss —epss 0.00
A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decode_move() function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker…
- CVE-2026-11941Jun 19, 2026risk 0.00cvss —epss 0.00
Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The “quiche_connection_id_iter_next” and “quiche_conn_retired_scid_next” functions would return a pointer to a “ConnectionId” to the applications via…
- CVE-2026-41156Jun 19, 2026risk 0.00cvss —epss 0.00
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource (memory page) managed by a CPU thread of control (driver) and accessed by a GPU thread of…
- CVE-2026-34192Jun 19, 2026risk 0.00cvss —epss 0.00
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error…
- CVE-2026-8296Jun 19, 2026risk 0.00cvss —epss 0.00
In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting Payload via artifacts.
- CVE-2026-11576Jun 19, 2026risk 0.00cvss —epss 0.00
The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fx_file_close() even when the file was never successfully opened. Multiple…
- CVE-2026-56138Jun 19, 2026risk 0.00cvss —epss 0.00
AIL framework contains a path traversal vulnerability in the /objects/item/diff endpoint. The endpoint accepts item identifiers through the s1 and s2 query parameters and, prior to the fix, attempted to retrieve and compare item contents without first verifying that both…
- CVE-2026-46461Jun 19, 2026risk 0.00cvss —epss 0.00
Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
- CVE-2026-6798Jun 19, 2026risk 0.00cvss —epss 0.00
The 2Download Connector for 2DL Hosted Checkout plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 0.1.5. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for…
- CVE-2026-3640Jun 19, 2026risk 0.00cvss —epss 0.00
The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin registers a REST API webhook endpoint at /wp-json/strabl/webhook/order with a permission_callback of __return_true, which allows…
- CVE-2026-9822Jun 19, 2026risk 0.00cvss —epss 0.00
The WP Hotel Booking WordPress plugin before 2.3.1 does not enforce capability checks in several of its AJAX handlers, allowing authenticated users with Subscriber-level access to read other users' booking line items, enumerate active coupons, and read pricing data.
- CVE-2026-54414Jun 19, 2026risk 0.00cvss —epss 0.01
FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint (/api/folder/uploadToSharedFolder.php), leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename() and…
- CVE-2026-7515Jun 19, 2026risk 0.00cvss —epss 0.01
The BetterDocs Pro plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 3.8.0 via the `doc_style` parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the…
- CVE-2025-7737Jun 19, 2026risk 0.00cvss —epss 0.00
DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E990, E1090, E1090H: before DKCMAIN Ver.93-07-21-80/00-05, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-01-80/00-07, CHB(iSCSI)…
- CVE-2026-12644Jun 19, 2026risk 0.00cvss —epss 0.00
Versions of the package ts-deepmerge before 8.0.0 are vulnerable to Uncaught Exception due to the improper handling of built-in Object.prototype methods (such as toString, valueOf). When user-controlled input contains these keys with non-function values, the resulting merged…
- CVE-2026-10720Jun 19, 2026risk 0.00cvss —epss 0.00
Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate (such as enrolled cluster members) or join token can manipulate files in an imported remote cluster…
- CVE-2026-12430Jun 19, 2026risk 0.00cvss —epss 0.00
The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…
- CVE-2026-10034Jun 19, 2026risk 0.00cvss —epss 0.00
The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.39. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated…