Total CVEs

143,126

Critical Severity

4,045

High Severity

14,563

Last 7 Days

1,272
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 201 - 220 of 39,531 CVEs
CVE-2026-8650 MEDIUM - 4.5

Relative path traversal vulnerability in Progress MOVEit Transfer (Admin Settings module). This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.

Published: Jul 08, 2026
Source: NVD
CVE-2026-8649 MEDIUM - 6.4

Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer (Custom Reports modules). This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.

Published: Jul 08, 2026
Source: NVD
CVE-2026-60104 HIGH - 8.7

Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the authenticated caller, allowing a low-privileged organization member to obtain another user's vault key and a victim-scoped access token by creating a Trusted Device Encrypt...

Vendor: bitwarden
Product: server
Published: Jul 08, 2026
Source: NVD
CVE-2026-59948 HIGH - 7.0

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a maliciously crafted package from an untrusted repository other than Packagist.org or Private Packagist can cause Composer to write attacker-controlled files outside the vendor directory and outside the project durin...

Vendor: composer
Product: composer
Published: Jul 08, 2026
Source: NVD
CVE-2026-59947 MEDIUM - 4.7

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, when Composer is run with -vvv debug verbosity, it could print a credential embedded in the username slot of a repository or package URL, such as a GitHub Personal Access Token in https://TOKEN@host/, to debug output ...

Vendor: composer
Product: composer
Published: Jul 08, 2026
Source: NVD
CVE-2026-59946 MEDIUM - 6.1

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a Composer package bin entry containing .. path segments can resolve outside the package install directory and cause Composer's binary installation flow to chmod an existing host file to a world-readable and worl...

Vendor: composer
Product: composer
Published: Jul 08, 2026
Source: NVD
CVE-2026-59939 HIGH - 7.5

httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in _decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small c...

Vendor: httplib2
Product: httplib2
Published: Jul 08, 2026
Source: NVD

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in versi...

Vendor: py-pdf
Product: pypdf
Published: Jul 08, 2026
Source: NVD

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issue i...

Vendor: py-pdf
Product: pypdf
Published: Jul 08, 2026
Source: NVD

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated Authorization header to trigger an OAuth2 passthrough fallback path that replaced failed LiteLLM ...

Vendor: BerriAI
Product: litellm
Published: Jul 08, 2026
Source: NVD

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.82.0-stable, LiteLLM's Custom Code Guardrails production create and update paths did not apply the same sandboxing and validation used by the test endpoint, allowing a privileged user with access to...

Vendor: BerriAI
Product: litellm
Published: Jul 08, 2026
Source: NVD

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.7-stable, LiteLLM Skills archive extraction did not sufficiently validate file paths from uploaded skill ZIP archives, allowing an authenticated user with access to LiteLLM LLM API routes or a key who...

Vendor: BerriAI
Product: litellm
Published: Jul 08, 2026
Source: NVD

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.10-stable, LiteLLM's /health/test_connection endpoint resolved request-supplied environment and OIDC file references in litellm_params, allowing a proxy administrator or another privileged caller...

Vendor: BerriAI
Product: litellm
Published: Jul 08, 2026
Source: NVD
CVE-2026-59807 MEDIUM - 6.8

Composio SDK before 0.2.32-beta.283 contains a path validation bypass vulnerability that allows attackers to read and exfiltrate sensitive files by exploiting a missing assertSafeFileUploadPath check in the readFileFromDisk function within tool-file-uploads.ts. Attackers can exploit prompt injection...

Vendor: ComposioHQ
Product: composio
Published: Jul 08, 2026
Source: NVD
CVE-2026-59806 HIGH - 7.4

Gradio before 6.20.0 contains an open redirect and server-side request forgery vulnerability that allows attackers to redirect users to arbitrary URLs or perform client-side SSRF by supplying unvalidated HTTP/HTTPS URLs to the file_fetch() function in the /gradio_api/file= endpoint. Attackers can cr...

Vendor: gradio-app
Product: gradio
Published: Jul 08, 2026
Source: NVD
CVE-2026-59805 MEDIUM - 6.5

Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revoke_access and undo_revoke_access actions without seller ownership ...

Vendor: antiwork
Product: gumroad
Published: Jul 08, 2026
Source: NVD
CVE-2026-59804 MEDIUM - 6.8

Midscene Bridge Server through 1.10.3, fixed in commit 86f4118, contains a missing authentication and CORS misconfiguration vulnerability that allows unauthenticated remote attackers to hijack active bridge sessions by opening a cross-origin WebSocket connection to the local Socket.IO server, which ...

Vendor: web-infra-dev
Product: midscene
Published: Jul 08, 2026
Source: NVD
CVE-2026-59803 HIGH - 7.5

rpcx through 1.9.3, fixed in commit 047aec1, contains a denial-of-service vulnerability in protocol.Message.Decode (protocol/message.go). When a message has the compression flag set, the payload is gzip-decompressed via util.Unzip with no limit on the decompressed output size. The only built-in size...

Vendor: smallnest
Product: rpcx
Published: Jul 08, 2026
Source: NVD
CVE-2026-59802 HIGH - 8.2

PasswordPusher before 2.8.1 accepts data URI schemes in URL push payloads due to insufficient validation in the valid_url function. Attackers can create malicious pushes containing data:text/html URIs that execute arbitrary JavaScript in victims' browsers when clicked, enabling phishing and cre...

Vendor: PasswordPusher
Product: PasswordPusher
Published: Jul 08, 2026
Source: NVD
CVE-2026-58501 MEDIUM - 5.9

Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbid_external is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD references to fetch attacker-chosen HTTP or HTTPS URLs. This issue is fixed...

Vendor: mvantellingen
Product: python-zeep
Published: Jul 08, 2026
Source: NVD