Total CVEs

144,090

Critical Severity

4,134

High Severity

14,909

Last 7 Days

1,572
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 2,681 - 2,700 of 40,495 CVEs
CVE-2026-24250 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24249 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24248 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24247 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24246 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24245 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24244 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24243 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24242 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24240 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD

Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: OAuth
Published: Jul 01, 2026
Source: NVD

Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php.

Vendor: Wikimedia Foundation
Product: UrlShortener
Published: Jul 01, 2026
Source: NVD
CVE-2025-23351 CRITICAL - 9.0

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device.

Vendor: NVIDIA
Product: BlueField GA, BlueField LTS22, BlueField LTS23, BlueField LTS24, ConnectX GA, ConnectX LTS22, ConnectX LTS23, ConnectX LTS24, ConnectX-4, ConnectX-4 LX
Published: Jul 01, 2026
Source: NVD
CVE-2025-23350 CRITICAL - 9.0

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device.

Vendor: NVIDIA
Product: BlueField GA, BlueField LTS22, BlueField LTS23, BlueField LTS24, ConnectX GA, ConnectX LTS22, ConnectX LTS23, ConnectX LTS24
Published: Jul 01, 2026
Source: NVD
CVE-2025-15646 CRITICAL - 9.8

HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the <template> element was added to libgumbo 0.10.0 in 2015, but the walk_tree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen() ove...

Vendor: BPS
Product: HTML::Gumbo
Published: Jul 01, 2026
Source: NVD
CVE-2026-6688 HIGH - 7.6

FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled, fno.fname can be up to 255 characters; many callers copy it into short fixed buffers without bounds checks, causing overflow. This maps to CWE-120 (Buffer Copy w...

Vendor: elm-chan
Product: fatfs
Published: Jul 01, 2026
Source: NVD
CVE-2026-6687 HIGH - 7.6

FatFs R0.16 and earlier contains a stack overflow bug in f_getlabel() because exFAT label length (XDIR_NumLabel) is trusted without enforcing spec maximums. This maps to CWE-121 (Stack-based Buffer Overflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (7.6, High). The e...

Vendor: elm-chan
Product: fatfs
Published: Jul 01, 2026
Source: NVD
CVE-2026-6686 MEDIUM - 4.6

FatFs R0.16 and earlier contains an uninitialized cluster exposure when f_lseek() extends files beyond EOF without zero-filling newly allocated clusters. This maps to CWE-908 (Use of Uninitialized Resource). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (4.6, Medium). The ...

Vendor: elm-chan
Product: fatfs
Published: Jul 01, 2026
Source: NVD
CVE-2026-6685 MEDIUM - 6.1

FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during interleaved read/write on fragmented filesystems. This maps to CWE-191 (Integer Underflow). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U...

Vendor: elm-chan
Product: fatfs
Published: Jul 01, 2026
Source: NVD
CVE-2026-6684 MEDIUM - 4.6

FatFs prior to R0.16 that use GPT scanning with 'FF_LBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTH_PtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 (Loop with Unreachable Exit Condition). Estimated ...

Vendor: elm-chan
Product: fatfs
Published: Jul 01, 2026
Source: NVD