VYPR

CVEs

345,178 total · page 76 of 6,904

  • CVE-2026-49402higJun 16, 2026
    risk 0.38cvss epss 0.00

    ## Summary Deno's `node:child_process` implementation provided an `escapeShellArg()` helper used when callers passed `shell: true` to `spawn` / `spawnSync` / `exec` and friends. On Windows, the helper failed to quote arguments that contained `cmd.exe` metacharacters such as…

  • CVE-2026-49983Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Summary In Deno, environment access is gated by the `env` permission. You can deny it with `--deny-env`, or restrict it to a specific allowlist with `--allow-env=FOO,BAR`. The expectation is that a program running without `env` permission cannot change `process.env`. …

  • CVE-2026-49860Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Summary When a WebSocket connection was opened, Deno checked the destination hostname against `--deny-net` rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially crafted domain name that passes the hostname…

  • CVE-2026-49859Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Summary When `fetch()` was called, Deno checked the destination hostname against `--deny-net` rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially crafted domain name that passes the hostname check yet…

  • CVE-2026-48491higJun 16, 2026
    risk 0.38cvss epss 0.00

    ## Summary There is a high severity vulnerability in Traefik's domain-fronting protection (`SNICheck`) that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router `TLSOptions`. When a router uses a wildcard host rule such as…

  • CVE-2026-54311Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Impact An authenticated user with permission to create or modify workflows could pollute the sandbox used by the Merge node's SQL Query mode. Because the sandbox context was cached and reused across all workflow executions on the instance, prototype mutations introduced by…

  • CVE-2026-54306Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Impact A prototype pollution vulnerability allowed a crafted public webhook payload to inject attacker-controlled fields into workflow data during internal object copying. These fields could be surfaced and consumed as normal values by downstream built-in nodes. Where a…

  • CVE-2026-54301higJun 16, 2026
    risk 0.45cvss epss 0.00

    ## Impact An authenticated user with workflow edit access could configure a `Respond to Webhook` node to serve binary content with an attacker-controlled `Content-Type`. The binary response path bypassed the central `Content-Security-Policy` sandbox header, allowing a public…

  • CVE-2026-54308Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Impact The `MicrosoftAgent365Trigger` and `StripeTrigger` node did not validate that inbound requests. As a result, an unauthenticated attacker who knows the webhook URL could submit a forged payload and cause the workflow to execute with attacker-controlled data. ## Patches…

  • CVE-2026-54313Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Impact An authenticated user with workflow edit access could supply a malicious filter value in the MongoDB node's Find And Replace operation. The value was not validated before being passed to MongoDB as a query filter, allowing unintended documents to be matched and…

  • CVE-2026-54310Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Impact An authenticated user with permission to create or modify workflows could supply a crafted parameters to the TimescaleDB and/or legacy Postgres v1 node's allowing arbitrary SQL to be injected and executed against the connected database within the privileges of the…

  • CVE-2026-49465Jun 16, 2026
    risk 0.00cvss epss 0.01

    ## Impact An authenticated user with permission to create or modify workflows could supply a local filesystem path as the source repository in the Git node's Clone operation, or as the target repository in the Push operation, bypassing the `N8N_RESTRICT_FILE_ACCESS_TO` file…

  • CVE-2026-49444higJun 16, 2026
    risk 0.45cvss epss 0.00

    ## Impact An authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This issue only affects instances where the Python Task Runner is enabled. ##…

  • CVE-2026-48746criJun 16, 2026
    risk 0.52cvss epss 0.01

    ### Summary A vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API `AuthenticationMiddleware`, which was discovered during @x41sec's source code audit. It allows to use the API without providing the…

  • CVE-2026-48520Jun 16, 2026
    risk 0.00cvss epss 0.00

    ### Summary The "Shareable Playground" (or "Public Flows" in code) contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of the flow is allowed. The execution request can contain a list…

  • CVE-2026-48519criJun 16, 2026
    risk 0.52cvss epss 0.01

    ### Summary The "Shareable Playground" (or "Public Flows" in code) contains a critical RCE vulnerability. Simply sharing a flow exposes the deployment to RCE risk by authenticated users. Tested on commit 2d67402b1dbaefcbce85a244d4a6cd5e4bda1cfe ### Details Shareable Playground…

  • CVE-2026-42867Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Summary Langflow is vulnerable to Path Traversal in the Knowledge Bases API (`POST /api/v1/knowledge_bases`). This occurs because user-supplied knowledge base names are used directly to create file paths without proper sanitization or containment checks. An authenticated…

  • CVE-2026-41523higJun 16, 2026
    risk 0.39cvss epss 0.00

    ### Summary An `assert`-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLLM runs in Python optimized mode (`python -O` or…

  • CVE-2026-33760higJun 16, 2026
    risk 0.38cvss epss 0.00

    ### Summary Langflow's `/api/v1/monitor` router exposes 7 endpoints that perform read, write, and delete operations on user-owned resources — messages, sessions, build artifacts, and LLM transaction logs — without verifying that the authenticated requester owns the targeted…

  • CVE-2026-53776CriJun 16, 2026
    risk 0.52cvss 9.1epss 0.00

    Perry before 0.5.1166 contains a JWT validation vulnerability that allows remote attackers to bypass token expiration by exploiting the unconditional setting of validate_exp = false in the verify_decode helper within the stdlib JWT verification path. Attackers in possession of a…

  • CVE-2026-44932HigJun 16, 2026
    risk 0.57cvss 8.8epss 0.00

    Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine.

  • CVE-2026-42089HigJun 16, 2026
    risk 0.49cvss 8.6epss 0.00

    Yeoman Environment provides an API to discover, create, and run generators, and to configure where and how a generator is resolved. Versions 2.9.0 through 6.0.0 install missing local generator packages from caller-supplied package names without user confirmation. In downstream…

  • CVE-2026-39927Jun 16, 2026
    risk 0.00cvss epss

    Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

  • CVE-2026-39926Jun 16, 2026
    risk 0.00cvss epss

    Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

  • CVE-2026-24228HigJun 16, 2026
    risk 0.51cvss 7.8epss 0.00

    NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure.

  • CVE-2026-24155HigJun 16, 2026
    risk 0.51cvss 7.8epss 0.00

    NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

  • CVE-2026-12412Jun 16, 2026
    risk 0.00cvss epss

    Rejected reason: loading template...

  • CVE-2026-12003MedJun 16, 2026
    risk 0.27cvss epss 0.00

    To allow builds of Python to be run from an in-tree layout (rather than an installed file layout), the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the…

  • CVE-2026-10649HigJun 16, 2026
    risk 0.49cvss 8.6epss 0.00

    A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption,…

  • CVE-2025-71261HigJun 16, 2026
    risk 0.49cvss 8.6epss 0.00

    An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere with the TLS handshake and abuse it to bypass TLS as a security control.

  • CVE-2024-38487HigJun 16, 2026
    risk 0.45cvss 7.0epss 0.00

    api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions.

  • CVE-2024-30476MedJun 16, 2026
    risk 0.35cvss 5.4epss 0.00

    PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser.

  • CVE-2024-24909HigJun 16, 2026
    risk 0.57cvss 8.8epss 0.00

    Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run…

  • CVE-2024-22451MedJun 16, 2026
    risk 0.44cvss 6.7epss 0.00

    Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution.

  • CVE-2026-9307MedJun 16, 2026
    risk 0.41cvss epss 0.00

    A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can…

  • CVE-2026-48780HigJun 16, 2026
    risk 0.46cvss 8.2epss 0.00

    Forem is open source software for building communities. Prior to commit a2ab6d4, a maliciously crafted email address could allow an attacker to bypass domain allowlist or denylist restrictions and gain access to invite-only forem deployments. The issue is patched as of…

  • CVE-2026-47684HigJun 16, 2026
    risk 0.43cvss 7.7epss 0.00

    Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version 2.3.0, the private IP blocklist regex used in the URL download feature does not match IPv4-mapped IPv6 addresses (e.g. ::ffff:127.0.0.1), allowing SSRF…

  • CVE-2026-12398HigJun 16, 2026
    risk 0.49cvss 7.5epss 0.01

    A command injection vulnerability was found in galaxy_ng. The do_git_checkout() function in the legacy role import API (v1) interpolates unsanitized git ref names (branch/tag names) into shell commands executed via subprocess.run() with shell=True. An authenticated user who…

  • CVE-2026-11317HigJun 16, 2026
    risk 0.57cvss epss 0.00

    A denial of service security issue exists in the affected product. The security issue stems from a fault occurring when a crafted CIP message is sent. Devices with less memory are more likely to be affected. This can result in a major nonrecoverable fault (MNRF). A program…

  • CVE-2026-10831MedJun 16, 2026
    risk 0.45cvss epss 0.00

    A denial-of-service vulnerability exists in NPort devices because of improper access control on the command port. The command interface does not properly validate whether a sender is associated with a valid data port session before accepting break signal commands. A remote…

  • CVE-2026-10640MedJun 16, 2026
    risk 0.20cvss 4.2epss 0.00

    Zephyr's IPv6 Neighbor Discovery send paths (net_ipv6_send_na, net_ipv6_send_ns, net_ipv6_send_rs in subsys/net/ip/ipv6_nbr.c) updated the per-interface ICMP-sent statistics by calling net_pkt_iface(pkt) after net_send_data(pkt) had already returned successfully. On the success…

  • CVE-2026-10639MedJun 16, 2026
    risk 0.24cvss 4.8epss 0.00

    In Zephyr's native IPv4 stack, icmpv4_handle_echo_request() in subsys/net/ip/icmpv4.c builds an echo-reply packet (reply), hands it to net_try_send_data(), and then, on success, calls net_stats_update_icmp_sent(net_pkt_iface(reply)). net_try_send_data() transfers ownership of…

  • CVE-2026-10638MedJun 16, 2026
    risk 0.31cvss 5.9epss 0.00

    subsys/net/ip/icmpv6.c reads the network interface from a net_pkt after that packet has been handed to net_try_send_data(). In icmpv6_handle_echo_request() and net_icmpv6_send_error(), the post-send statistics update calls net_pkt_iface(reply)/net_pkt_iface(pkt) on the just-sent…

  • CVE-2026-10637MedJun 16, 2026
    risk 0.31cvss 5.9epss 0.00

    subsys/net/ip/ipv6_mld.c:mld_send() read the packet interface via net_pkt_iface(pkt) after net_send_data(pkt) returned successfully. Per the network stack's ownership contract (include/zephyr/net/net_core.h, and the explicit warning in subsys/net/ip/net_core.c:453-460 'do not…

  • CVE-2026-10636LowJun 16, 2026
    risk 0.17cvss 3.7epss 0.00

    In Zephyr's IPv4 IGMP implementation, igmp_send() in subsys/net/ip/igmp.c read the network interface back out of the packet via net_pkt_iface(pkt) after the packet had been handed to net_send_data(). On the successful-send path the packet's last reference may already have been…

  • CVE-2026-0647HigJun 16, 2026
    risk 0.57cvss epss 0.00

    An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any…

  • CVE-2026-0646HigJun 16, 2026
    risk 0.57cvss epss 0.00

    A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing connection to its associated I/O modules, requiring a manual reset to…

  • CVE-2025-14272HigJun 16, 2026
    risk 0.54cvss epss 0.00

    A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions.

  • CVE-2025-13036CriJun 16, 2026
    risk 0.60cvss epss 0.00

    An authentication bypass security issue exists within FactoryTalk Historian Site Edition. By continually sending requests to the login endpoint, an attacker may obtain a valid authentication token.

  • CVE-2025-11694HigJun 16, 2026
    risk 0.57cvss epss 0.00

    A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service…