Total CVEs

145,521

Critical Severity

4,252

High Severity

15,657

Last 7 Days

2,367
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 23,641 - 23,660 of 41,926 CVEs
CVE-2026-35040 MEDIUM - 5.3

fast-jwt provides fast JSON Web Token (JWT) implementation. Prior to 6.2.1, using certain modifiers on RegExp objects in the allowedAud, allowedIss, allowedSub, allowedJti, or allowedNonce options in verify functions can cause certain unintended behaviours. This is because some modifiers are statefu...

Vendor: nearform
Product: fast-jwt
Published: Apr 09, 2026
Source: NVD
CVE-2026-34020 HIGH - 7.5

Use of GET Request Method With Sensitive Query Strings vulnerability in Apache OpenMeetings. The REST login endpoint uses HTTP GET method with username and password passed as query parameters.Β Please check references regarding possible impact This issue affects Apache OpenMeetings: from 3.1.3 bef...

Vendor: Apache Software Foundation
Product: Apache OpenMeetings
Published: Apr 09, 2026
Source: NVD
CVE-2026-33266 HIGH - 7.5

Use of Hard-coded Cryptographic Key vulnerability in Apache OpenMeetings. The remember-me cookie encryption key is set to default value in openmeetings.properties and not being auto-rotated. In case OM admin hasn't changed the default encryption key, an attacker who has stolen a cookie from a ...

Vendor: Apache Software Foundation
Product: Apache OpenMeetings
Published: Apr 09, 2026
Source: NVD
CVE-2026-33005 MEDIUM - 4.3

Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID (metadata only NOT contents). Metadata includes id, type, name and some other field. Full list of fields ...

Vendor: Apache Software Foundation
Product: Apache OpenMeetings
Published: Apr 09, 2026
Source: NVD
CVE-2025-70365 MEDIUM - 5.4

A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user can inject arbitrary JavaScript code that is executed in the browser of users viewing the affected pa...

Published: Apr 09, 2026
Source: NVD
CVE-2025-70364 HIGH - 8.8

An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server.

Published: Apr 09, 2026
Source: NVD

In Ubuntu, ubuntu-desktop-provision version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, ubuntu-desktop-provision could include the user's password hash in the attached logs.

Vendor: Canonical
Product: Ubuntu
Published: Apr 09, 2026
Source: NVD

In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs.

Vendor: Canonical
Product: Ubuntu
Published: Apr 09, 2026
Source: NVD
CVE-2026-5959 MEDIUM - 6.6

A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The complexit...

Published: Apr 09, 2026
Source: NVD
CVE-2026-5445 CRITICAL - 9.1

An out-of-bounds read vulnerability exists in the `DecodeLookupTable` function within `DicomImageDecoder.cpp`. The lookup-table decoding logic used for `PALETTE COLOR` images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5444 HIGH - 7.1

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation, res...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5443 CRITICAL - 9.8

A heap buffer overflow vulnerability exists during the decoding of `PALETTE COLOR` DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memory...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5442 CRITICAL - 9.8

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation (VR) Unsigned Long (UL), instead of the expected VR Unsigned Short (US), which allows extremely large dimensions to be processed. This causes an integer overflow during fra...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5441 HIGH - 7.1

An out-of-bounds read vulnerability exists in the `DecodePsmctRle1` function of `DicomImageDecoder.cpp`. The `PMSCT_RLE1` decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A cr...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5440 HIGH - 7.5

A memory exhaustion vulnerability exists in the HTTP server due to unbounded use of the `Content-Length` header. The server allocates memory directly based on the attacker supplied header value without enforcing an upper limit. A crafted HTTP request containing an extremely large `Content-Length` v...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5439 HIGH - 7.5

A memory exhaustion vulnerability exists in ZIP archive processing. Orthanc automatically extracts ZIP archives uploaded to certain endpoints and trusts metadata fields describing the uncompressed size of archived files. An attacker can craft a small ZIP archive containing a forged size value, causi...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5438 HIGH - 7.5

A gzip decompression bomb vulnerability exists when Orthanc processes HTTP request with `Content-Encoding: gzip`. The server does not enforce limits on decompressed size and allocates memory based on attacker-controlled compression metadata. A specially crafted gzip payload can trigger excessive mem...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5437 HIGH - 7.5

An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly t...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-4116 HIGH - 7.2

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.

Published: Apr 09, 2026
Source: NVD

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.

Published: Apr 09, 2026
Source: NVD