Total CVEs

144,090

Critical Severity

4,134

High Severity

14,909

Last 7 Days

1,573
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 2,601 - 2,620 of 40,495 CVEs
CVE-2022-46293 HIGH - 7.8

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigge...

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-46291 HIGH - 7.8

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigge...

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-46290 HIGH - 7.8

Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that sto...

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-46289 HIGH - 7.8

Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.nAtoms calculatio...

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-46280 HIGH - 7.8

A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-44451 HIGH - 7.8

A use of uninitialized pointer vulnerability exists in the MSI format atom functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-43607 HIGH - 7.8

An out-of-bounds write vulnerability exists in the MOL2 format attribute and value functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-43467 HIGH - 7.8

An out-of-bounds write vulnerability exists in the PQS format coord_file functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-42885 HIGH - 7.8

A use of uninitialized pointer vulnerability exists in the GRO format res functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-41793 HIGH - 7.8

An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2022-37331 HIGH - 7.8

An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Vendor: pip
Product: openbabel
Published: Jul 01, 2026
Source: GitHub
CVE-2026-58454 HIGH - 7.5

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTTP e...

Vendor: JAIOTlink
Product: C492A-W6 Wi-Fi IP Camera
Published: Jul 01, 2026
Source: NVD
CVE-2026-58453 CRITICAL - 9.8

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anyka_ipc HTTP service on port 80. Attacke...

Vendor: JAIOTlink
Product: C492A-W6 Wi-Fi IP Camera
Published: Jul 01, 2026
Source: NVD
CVE-2026-58452 HIGH - 8.8

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a st...

Vendor: JAIOTlink
Product: C492A-W6 Wi-Fi IP Camera
Published: Jul 01, 2026
Source: NVD
CVE-2026-57721 MEDIUM - 5.3

Missing Authorization vulnerability in WP Reloaded ApplyOnline allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ApplyOnline: from n/a through 2.6.7.6.

Vendor: WP Reloaded
Product: ApplyOnline
Published: Jul 01, 2026
Source: NVD
CVE-2026-57720 MEDIUM - 4.3

Missing Authorization vulnerability in Codexpert Inc ThumbPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ThumbPress: from n/a through 6.3.2.

Vendor: Codexpert Inc
Product: ThumbPress
Published: Jul 01, 2026
Source: NVD
CVE-2026-57516 HIGH - 8.8

Ray prior to 2.56.0 contains an unsafe deserialization vulnerability in the WebDataset reader that allows attackers to achieve remote code execution by supplying a malicious tar archive to the read_webdataset() function. The _default_decoder() function in webdataset_datasource.py unconditionally cal...

Vendor: Anyscale, Inc
Product: Ray
Published: Jul 01, 2026
Source: NVD
CVE-2026-56152 MEDIUM - 5.3

Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to vi...

Vendor: Elastic
Product: Elastic Defend
Published: Jul 01, 2026
Source: NVD
CVE-2026-56151 MEDIUM - 6.5

Improper Input Validation (CWE-20) in Kibana can lead to a denial of service via Input Data Manipulation (CAPEC-153). An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can render Fleet agent, server, and policy management functionality una...

Vendor: elastic
Product: kibana
Published: Jul 01, 2026
Source: NVD
CVE-2026-56150 MEDIUM - 6.5

Allocation of Resources Without Limits or Throttling (CWE-770) in Fleet Server can lead to a denial of service via Excessive Allocation (CAPEC-130). An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server unavai...

Vendor: Elastic
Product: Fleet Server
Published: Jul 01, 2026
Source: NVD