Total CVEs

145,595

Critical Severity

4,259

High Severity

15,683

Last 7 Days

2,269
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 24,021 - 24,040 of 42,000 CVEs
CVE-2026-39412 MEDIUM - 5.3

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.4, the sort_natural filter bypasses the ownPropertyOnly security option, allowing template authors to extract values of prototype-inherited properties through a sorting side-channel attack. Application...

Vendor: npm
Product: liquidjs
Published: Apr 08, 2026
Source: GitHub
CVE-2026-39411 MEDIUM - 5.0

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, the webapi authentication layer trusts a client-controlled X-lobe-chat-auth header that is only XOR-obfuscated, not signed or otherwise authenticated. Because the XOR key i...

Vendor: npm
Product: @lobehub/lobehub
Published: Apr 08, 2026
Source: GitHub
CVE-2026-39429 HIGH - 8.2

kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.30.3 and 0.29.3, the cache server is directly exposed by the root shard and has no authentication or authorization in place. This allows anyone who can access the root shard to...

Vendor: go
Product: github.com/kcp-dev/kcp
Published: Apr 08, 2026
Source: GitHub
CVE-2026-39844 MEDIUM - 5.9

NiceGUI is a Python-based UI framework. Prior to 3.10.0, Since PurePosixPath only recognizes forward slashes (/) as path separators, an attacker can bypass this sanitization on Windows by using backslashes (\) in the upload filename. Applications that construct file paths using file.name (a pattern ...

Vendor: pip
Product: nicegui
Published: Apr 08, 2026
Source: GitHub
CVE-2026-35525 HIGH - 7.5

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for {% include %}, {% render %}, and {% layout %}, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not real...

Vendor: npm
Product: liquidjs
Published: Apr 08, 2026
Source: GitHub

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, the replace filter in LiquidJS incorrectly accounts for memory usage when the memoryLimit option is enabled. It charges str.length + pattern.length + replacement.length bytes to the memory limiter, ...

Vendor: npm
Product: liquidjs
Published: Apr 08, 2026
Source: GitHub
CVE-2026-33753 MEDIUM - 6.2

rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority (TSA). By exploiting a logic ...

Vendor: pip
Product: rfc3161-client
Published: Apr 08, 2026
Source: GitHub
CVE-2026-33229 HIGH - 9.8

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Prior to 17.4.8 and 17.10.1, an improperly protected scripting API allows any user with script right to bypass the sandboxing of the Velocity scripting API and execute, e.g., arbitrary Python scr...

Vendor: maven
Product: org.xwiki.platform:xwiki-platform-oldcore
Published: Apr 08, 2026
Source: GitHub
CVE-2026-5795 HIGH - 7.4

In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals. A subsequent reque...

Vendor: maven
Product: org.eclipse.jetty.ee10:jetty-ee10
Published: Apr 08, 2026
Source: NVD
CVE-2026-35023 MEDIUM - 4.3

Wimi Teamwork On-Premises versions prior toΒ 8.2.0 contain an insecure direct object reference vulnerability in the preview.php endpoint where the item_id parameter lacks proper authorization checks. Attackers can enumerate sequential item_id values to access and retrieve image previews from other us...

Vendor: Cloud Solutions SAS
Product: Wimi Teamwork
Published: Apr 08, 2026
Source: NVD

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() Reproducer available at [1]. The ATM send path (sendmsg -> vcc_sendmsg -> sigd_send) reads the vcc pointer from msg->vcc and uses it directly without any ...

Vendor: Linux
Product: Linux
Published: Apr 08, 2026
Source: NVD
CVE-2026-2509 MEDIUM - 6.4

The Page Builder: Pagelayer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button widget's Custom Attributes field in all versions up to, and including, 2.0.8. This is due to an incomplete event handler blocklist in the 'pagelayer_xss_content' XSS filtering ...

Published: Apr 08, 2026
Source: NVD
CVE-2025-58713 MEDIUM - 6.4

A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, ...

Vendor: Red Hat
Product: Red Hat Process Automation 7
Published: Apr 08, 2026
Source: NVD
CVE-2025-57854 MEDIUM - 6.4

A container privilege escalation flaw was found in certain OpenShift Update Service (OSUS) images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, eve...

Vendor: Red Hat
Product: Red Hat OpenShift Update Service
Published: Apr 08, 2026
Source: NVD
CVE-2025-57853 MEDIUM - 6.4

A container privilege escalation flaw was found in certain Web Terminal images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root use...

Vendor: Red Hat
Product: Red Hat Web Terminal
Published: Apr 08, 2026
Source: NVD
CVE-2025-57851 MEDIUM - 6.4

A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, ...

Vendor: Red Hat
Product: Multicluster Engine for Kubernetes
Published: Apr 08, 2026
Source: NVD
CVE-2025-57847 MEDIUM - 6.4

A container privilege escalation flaw was found in certain Ansible Automation Platform images. This issue arises from the /etc/passwd file being created with group-writable permissions during the build process. In certain conditions, an attacker who can execute commands within an affected container,...

Vendor: Red Hat
Product: Red Hat Ansible Automation Platform 2
Published: Apr 08, 2026
Source: NVD

Cleartext Storage of Sensitive Information in GUI vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 an...

Vendor: Mitsubishi Electric Corporation, Mitsubishi Electric Iconics Digital Solutions
Product: GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, MC Works64
Published: Apr 08, 2026
Source: NVD

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior...

Vendor: Mitsubishi Electric Corporation, Mitsubishi Electric Iconics Digital Solutions
Product: GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, MC Works64
Published: Apr 08, 2026
Source: NVD

A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns all check-in events belonging to the respective organizer. This allows an API consumer to access information for all other events under the same organizer, even those t...

Vendor: pip
Product: pretix
Published: Apr 08, 2026
Source: NVD