Total CVEs

144,269

Critical Severity

4,162

High Severity

14,979

Last 7 Days

1,670
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 2,841 - 2,860 of 40,674 CVEs
CVE-2026-58126 CRITICAL - 9.8

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can chai...

Vendor: Hyland
Product: PACSgear PACS Scan
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from * before 1....

Vendor: Wikimedia Foundation
Product: timeline
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFor...

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php, includes/User/UserGroupMana...

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/InfoAction.Php. This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Api/index.Js. This issue affects MediaWiki: from * before 1.46.0, 1....

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation SyntaxHighlight_GeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlight_GeSHi: from * b...

Vendor: Wikimedia Foundation
Product: SyntaxHighlight_GeSHi
Published: Jul 01, 2026
Source: NVD

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php, includes/Specials/SpecialUnli...

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation CentralAuth. This vulnerability is associated with program files includes/Api/ApiFormatBase.Php, includes/Api/ApiHelp.Php, inc...

Vendor: Wikimedia Foundation
Product: MediaWiki, CentralAuth
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php. This issue affects AbuseFilter: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: AbuseFilter
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Parser/Parser.Php. This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/WikiImporter.Php, includes/Import/WikiRevision.Php, includes/Logging/LogEntryBase.Php. This issue affects MediaWiki: from * before 1.46.0, 1.45....

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiUserrights.Php. This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Vendor: Wikimedia Foundation
Product: MediaWiki
Published: Jul 01, 2026
Source: NVD
CVE-2026-57517 CRITICAL - 9.8

Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated remote attackers to execute arbitrary SQL queries by submitting unsanitized input through the userRes POST parameter at the user endpoint. Attackers can exploit MySQL root privileges obtained...

Vendor: Control Web Panel
Product: Control Web Panel
Published: Jul 01, 2026
Source: NVD
CVE-2026-24270 CRITICAL - 9.8

NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.

Vendor: NVIDIA
Product: AIStore framework
Published: Jul 01, 2026
Source: NVD
CVE-2026-24266 MEDIUM - 5.9

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service.

Vendor: NVIDIA
Product: Triton Inference Server
Published: Jul 01, 2026
Source: NVD
CVE-2026-24264 HIGH - 7.5

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service.

Vendor: NVIDIA
Product: Triton Inference Server
Published: Jul 01, 2026
Source: NVD
CVE-2026-24260 HIGH - 8.5

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering.

Vendor: NVIDIA
Product: Container Toolkit, GPU Operator
Published: Jul 01, 2026
Source: NVD
CVE-2026-24251 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD
CVE-2026-24250 HIGH - 7.8

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Vendor: nvidia
Product: nemo_megatron_bridge
Published: Jul 01, 2026
Source: NVD