Total CVEs

143,126

Critical Severity

4,045

High Severity

14,563

Last 7 Days

1,257
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 261 - 280 of 39,531 CVEs
CVE-2026-59882 MEDIUM - 4.2

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.3, Uri::assertValidHost() does not reject URI host components containing authority delimiters, embedded ports, or malformed IPv6 brackets, allowing Uri::getHost() to disagree with the URI authority used for security...

Vendor: guzzle
Product: psr7
Published: Jul 08, 2026
Source: NVD

Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, List#set, List#setSize, List#setIn, List#updateIn, and the functional set, setIn, and updateIn mishandle an index or size in the range 2 ** 30 to 2 ** 31 in setListBounds in src/List.js, causing an empty List ...

Vendor: immutable-js
Product: immutable-js
Published: Jul 08, 2026
Source: NVD
CVE-2026-59731 HIGH - 8.2

Astro is a web framework for content-driven websites. Version 6.4.7 performs authorization decisions on a partially decoded pathname after reaching the iterative URL decoder limit, while later rewrite route matching performs an additional decodeURI() operation and can resolve the request to a protec...

Vendor: withastro
Product: astro
Published: Jul 08, 2026
Source: NVD
CVE-2026-59261 HIGH - 7.1

OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv files can override provider credentials. Attackers with lower-trust access to configured input paths can expose sensitive data and credentials that should remain within trusted boundaries.

Vendor: OpenClaw
Product: OpenClaw
Published: Jul 08, 2026
Source: NVD
CVE-2026-42505 MEDIUM - 5.3

Handshakes which used Encrypted Client Hello could be de-anonymized by a passive network observer due to a disclosure of pre-shared key identities in the unencrypted client hello.

Vendor: Go standard library
Product: crypto/tls
Published: Jul 08, 2026
Source: NVD
CVE-2026-39822 HIGH - 7.8

On Unix systems, opening a file in an os.Root improperly follows symlinks to locations outside of the Root when the final path component of the a path is a symbolic link and the path ends in /. For example, 'root.Open("symlink/")' will open "symlink" even when "sym...

Vendor: Go standard library
Product: os
Published: Jul 08, 2026
Source: NVD
CVE-2026-29009 HIGH - 8.2

U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfs_readlink_reply() (net/nfs-common.c) when CONFIG_CMD_NFS is enabled, allowing a malicious or compromised NFS server to overflow the 2048-byte nfs_path_buff buffer by returning multiple relative symlink targets that are appende...

Vendor: u-boot
Product: u-boot
Published: Jul 08, 2026
Source: NVD
CVE-2026-29008 HIGH - 7.5

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcp_rx_state_machine() function (net/tcp.c) that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payload_len to become negat...

Vendor: u-boot
Product: u-boot
Published: Jul 08, 2026
Source: NVD
CVE-2026-29007 MEDIUM - 5.3

U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcp_rx_state_machine() (net/tcp.c) when CONFIG_PROT_TCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. A...

Vendor: u-boot
Product: u-boot
Published: Jul 08, 2026
Source: NVD

OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed sequences inside HTTP header values, allowing remote attackers to perform HTTP request smuggling when deployed behind a reverse proxy

Published: Jul 08, 2026
Source: NVD
CVE-2026-9074 CRITICAL - 9.1

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality.

Published: Jul 08, 2026
Source: NVD

Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, Immutable.Map and Immutable.Set keep keys that share the same 32-bit hash in a HashCollisionNode collision bucket that is scanned linearly, allowing an attacker who controls keys inserted into a Map, such as t...

Vendor: immutable-js
Product: immutable-js
Published: Jul 08, 2026
Source: NVD
CVE-2026-59877 MEDIUM - 5.3

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.6.5 and 8.6.6, protobufjs parsed option names by advancing through schema tokens until reaching an = token without checking for end of input, so a crafted .proto schema that opens an option declaration and ends prema...

Vendor: protobufjs
Product: protobuf.js
Published: Jul 08, 2026
Source: NVD
CVE-2026-59876 MEDIUM - 4.8

protobufjs compiles protobuf definitions into JavaScript (JS) functions. From 8.2.0 until 8.6.5, the protobufjs Text Format extension parsed string-keyed map entries using ordinary property assignment, allowing a map entry with key __proto__ to change the prototype of the returned map object instead...

Vendor: protobufjs
Product: protobuf.js
Published: Jul 08, 2026
Source: NVD
CVE-2026-59875 MEDIUM - 5.3

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.17, node-tar does not strip NUL bytes from PAX path and linkpath records in src/pax.ts, allowing a crafted archive with values to reach fs.lstat or fs.open and terminate the process with an uncaught exception. This issue is fix...

Vendor: isaacs
Product: node-tar
Published: Jul 08, 2026
Source: NVD

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, tar.replace accepts a checksum-valid tar header with a negative base-256 encoded entry size, causing the archive scanner to make no progress while repeatedly parsing the same header. This issue is fixed in version 7.5.18.

Vendor: isaacs
Product: node-tar
Published: Jul 08, 2026
Source: NVD

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.19, node-tar does not enforce hard upper bounds on total decompressed data, entry counts, or decompression ratio in extraction and parsing paths such as src/extract.ts, allowing a small crafted gzip bomb to exhaust disk space a...

Vendor: isaacs
Product: node-tar
Published: Jul 08, 2026
Source: NVD
CVE-2026-59871 MEDIUM - 5.3

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, node-tar coerces all-digit PAX path and linkpath values in src/pax.ts to JavaScript numbers, causing downstream path handling such as normalizeWindowsPath(entry.path).split('/') to throw an uncaught TypeError. Thi...

Vendor: isaacs
Product: node-tar
Published: Jul 08, 2026
Source: NVD
CVE-2026-59870 MEDIUM - 5.3

js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11_SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem() to perform a linear duplicate-key scan on every insertion, causing O(n^2) CPU consumption when yaml.load() parses a crafted ordered-map...

Vendor: nodeca
Product: js-yaml
Published: Jul 08, 2026
Source: NVD
CVE-2026-59869 HIGH - 7.5

js-yaml is a JavaScript YAML parser and dumper. From 3.0.0 before 3.15.0 and from 4.0.0 before 4.3.0, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This issue is fixed in ver...

Vendor: nodeca
Product: js-yaml
Published: Jul 08, 2026
Source: NVD