Total CVEs

143,793

Critical Severity

4,093

High Severity

14,778

Last 7 Days

1,518
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 2,381 - 2,400 of 40,198 CVEs
CVE-2026-24264 HIGH - 7.5

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service.

Vendor: NVIDIA
Product: Triton Inference Server
Published: Jul 01, 2026
Source: NVD
CVE-2026-24260 HIGH - 8.5

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering.

Vendor: NVIDIA
Product: Container Toolkit, GPU Operator
Published: Jul 01, 2026
Source: NVD
CVE-2026-24251 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24250 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24249 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24248 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24247 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24246 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24245 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24244 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24243 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24242 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24240 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD

Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: OAuth
Published: Jul 01, 2026
Source: NVD

Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php.

Vendor: Wikimedia Foundation
Product: UrlShortener
Published: Jul 01, 2026
Source: NVD
CVE-2025-23351 CRITICAL - 9.0

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device.

Vendor: NVIDIA
Product: BlueField GA, BlueField LTS22, BlueField LTS23, BlueField LTS24, ConnectX GA, ConnectX LTS22, ConnectX LTS23, ConnectX LTS24, ConnectX-4, ConnectX-4 LX
Published: Jul 01, 2026
Source: NVD
CVE-2025-23350 CRITICAL - 9.0

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device.

Vendor: NVIDIA
Product: BlueField GA, BlueField LTS22, BlueField LTS23, BlueField LTS24, ConnectX GA, ConnectX LTS22, ConnectX LTS23, ConnectX LTS24
Published: Jul 01, 2026
Source: NVD
CVE-2025-15646 CRITICAL - 9.8

HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the <template> element was added to libgumbo 0.10.0 in 2015, but the walk_tree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen() ove...

Vendor: BPS
Product: HTML::Gumbo
Published: Jul 01, 2026
Source: NVD
CVE-2026-6688 HIGH - 7.6

FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled, fno.fname can be up to 255 characters; many callers copy it into short fixed buffers without bounds checks, causing overflow. This maps to CWE-120 (Buffer Copy w...

Vendor: elm-chan
Product: fatfs
Published: Jul 01, 2026
Source: NVD
CVE-2026-6687 HIGH - 7.6

FatFs R0.16 and earlier contains a stack overflow bug in f_getlabel() because exFAT label length (XDIR_NumLabel) is trusted without enforcing spec maximums. This maps to CWE-121 (Stack-based Buffer Overflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (7.6, High). The e...

Vendor: elm-chan
Product: fatfs
Published: Jul 01, 2026
Source: NVD