Total CVEs

145,521

Critical Severity

4,252

High Severity

15,657

Last 7 Days

2,367
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 22,341 - 22,360 of 41,926 CVEs
CVE-2026-40917 MEDIUM - 5.0

A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that proce...

Vendor: Red Hat
Product: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
Published: Apr 15, 2026
Source: NVD
CVE-2026-40916 MEDIUM - 5.0

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a variable...

Vendor: Red Hat
Product: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
Published: Apr 15, 2026
Source: NVD
CVE-2026-40915 MEDIUM - 5.5

A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when processing pixel data....

Vendor: Red Hat
Product: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
Published: Apr 15, 2026
Source: NVD
CVE-2026-39857 MEDIUM - 5.3

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the choices and counts query parameters of the REST API, where these query builders execute MongoDB distinct() operations that bypass the publicApiProjection ...

Vendor: apostrophecms
Product: apostrophe
Published: Apr 15, 2026
Source: NVD
CVE-2026-35569 HIGH - 8.7

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in SEO-related fields (SEO Title and Meta Description), where user-controlled input is rendered without proper output encoding into HTML contexts including...

Vendor: apostrophecms
Product: apostrophe
Published: Apr 15, 2026
Source: NVD
CVE-2026-33889 MEDIUM - 5.4

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in the @apostrophecms/color-field module, where color values prefixed with -- bypass TinyColor validation intended for CSS custom properties, and the laund...

Vendor: apostrophecms
Product: apostrophe
Published: Apr 15, 2026
Source: NVD
CVE-2026-33888 MEDIUM - 5.3

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the getRestQuery method of the @apostrophecms/piece-type module, where the method checks whether a MongoDB projection has already been set before applying the...

Vendor: apostrophecms
Product: apostrophe
Published: Apr 15, 2026
Source: NVD

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a timing side-channel vulnerability in the password reset endpoint (/api/v1/@apostrophecms/login/reset-request) that allows unauthenticated username and email enumeration. When a user is not found, t...

Vendor: apostrophecms
Product: apostrophe
Published: Apr 15, 2026
Source: NVD

--- title: Cross-Tenant Legacy Correlation Disclosure and Deletion draft: false hero: image: /static/img/heros/hero-legal2.svg content: "# Cross-Tenant Legacy Correlation Disclosure and Deletion" date: 2026-01-29 product: Grafana severity: Low cve: CVE-2026-21727 cvss_score: "3.3&...

Vendor: Grafana
Product: Grafana Correlations
Published: Apr 15, 2026
Source: NVD
CVE-2026-21726 MEDIUM - 5.3

The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/{namespace} Thanks to Prasanth Sundararajan for reporting this vulnerability.

Vendor: Grafana
Product: Loki
Published: Apr 15, 2026
Source: NVD
CVE-2025-41118 CRITICAL - 9.1

Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage (COS). If the database is configured to use Tencent COS as the storage backend, an attacker could extract the secret_key configuration value from the Pyr...

Vendor: Grafana
Product: Pyroscope
Published: Apr 15, 2026
Source: NVD
CVE-2026-40486 MEDIUM - 4.3

Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint (PATCH /api/users/{id}/preferences) applies submitted preference values without checking the isEnabled() flag on preference objects. Although the hourly_rate and internal_rate fields ar...

Vendor: composer
Product: kimai/kimai
Published: Apr 15, 2026
Source: GitHub
CVE-2026-40479 MEDIUM - 5.4

Kimai is an open-source time tracking application. In versions 1.16.3 through 2.52.0, the escapeForHtml() function in KimaiEscape.js does not escape double quote or single quote characters. When a user's profile alias is inserted into an HTML attribute context via the team member form prototype...

Vendor: composer
Product: kimai/kimai
Published: Apr 15, 2026
Source: GitHub
CVE-2026-40478 CRITICAL - 9.1

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly neu...

Vendor: maven
Product: org.thymeleaf:thymeleaf
Published: Apr 15, 2026
Source: GitHub
CVE-2026-40477 CRITICAL - 9.1

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly restric...

Vendor: maven
Product: org.thymeleaf:thymeleaf
Published: Apr 15, 2026
Source: GitHub
CVE-2026-40347 MEDIUM - 5.3

Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted `multipart/form-data` requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary candid...

Vendor: pip
Product: python-multipart
Published: Apr 15, 2026
Source: GitHub

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.37, NocoBase's workflow HTTP request plugin and custom request action plugin make server-side HTTP requests to user-provided URLs without any SSRF protection. An...

Vendor: npm
Product: @nocobase/plugin-workflow-request
Published: Apr 15, 2026
Source: GitHub
CVE-2026-40882 HIGH - 7.6

OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.0, the Velbus asset import path parses attacker-controlled XML without explicit XXE hardening. An authenticated user who can call the import endpoint may trigger XML external entity processing, which can lead to server-s...

Vendor: maven
Product: io.openremote:openremote-manager
Published: Apr 15, 2026
Source: GitHub
CVE-2026-40574 MEDIUM - 6.8

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Prior to 7.15.2, an authorization bypass exists in OAuth2 Proxy as part of the email_domain enforcement option. An attacker may be able to authenticate with an email claim such as attacker@evil.com@company.com and s...

Vendor: go
Product: github.com/oauth2-proxy/oauth2-proxy/v7
Published: Apr 15, 2026
Source: GitHub
CVE-2026-40575 CRITICAL - 9.1

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied `X-Forwarded-Uri` header when `--reverse-proxy` is enabled and `--skip-auth-regex` or `--skip-auth-route` is configured. An attacker can spoof this header so...

Vendor: go
Product: github.com/oauth2-proxy/oauth2-proxy/v7
Published: Apr 15, 2026
Source: GitHub