Total CVEs

144,218

Critical Severity

4,148

High Severity

14,965

Last 7 Days

1,642
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 3,401 - 3,420 of 40,623 CVEs
CVE-2026-13776 CRITICAL - 9.8

Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2026-13775 CRITICAL - 9.8

Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2026-13774 HIGH - 8.1

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2025-71381 MEDIUM - 6.5

Hono before 4.10.2 (fixed in 4.10.3) contains a flaw in its CORS middleware: when the origin is not set to "*", the middleware copies the Vary header from the incoming request into the response. Because Vary is a response header that should be managed by the server, an attacker can supply ...

Vendor: Hono
Product: Hono
Published: Jun 30, 2026
Source: NVD
CVE-2025-71374 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files that bypass picklescan detection and achieve code execution upon deserializati...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71371 HIGH - 8.1

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load().

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71368 HIGH - 8.1

picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files embedding doctest.debug_script calls that bypass picklescan detection and execute arbitrary commands...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71363 HIGH - 8.1

picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserialization.

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD

Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to bypass static analysis and execute arbitrary code during deserialization. Attackers can craft malicious pickle files using numpy.testing._private.utils.runstring within the reduce method to i...

Vendor: Picklescan
Product: Picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71352 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle file reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with trace.Trace.runctx payloads that bypass picklescan detection and exec...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71350 HIGH - 8.1

picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims.

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71349 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using trace.Trace.run in the reduce method to achieve arbitrary code execution when pic...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2026-58450 MEDIUM - 4.3

Invoice Ninja through 5.13.26 contains an open redirect vulnerability in the client portal login that allows unauthenticated attackers to redirect authenticated victims to attacker-controlled external URLs by injecting a malicious value into the intended query parameter. Attackers can craft a client...

Vendor: invoiceninja
Product: invoiceninja
Published: Jun 30, 2026
Source: NVD
CVE-2026-58449 CRITICAL - 9.8

txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint whose function body parameter is resolved through txtai.util.Resolver, which performs __import__ and getattr on the caller-supplied dotted path with no allowlist. When the API is exposed with no TOKEN configured (authent...

Vendor: neuml
Product: txtai
Published: Jun 30, 2026
Source: NVD
CVE-2026-58448 MEDIUM - 6.5

yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected endpoint lacking the @PreAuthorize annotation. At...

Vendor: YunaiV
Product: yudao-cloud
Published: Jun 30, 2026
Source: NVD
CVE-2026-58447 MEDIUM - 6.5

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the remove_video action of the playlist endpoint. ...

Vendor: iv-org
Product: Invidious
Published: Jun 30, 2026
Source: NVD
CVE-2026-58446 MEDIUM - 6.5

Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints ...

Vendor: presenton
Product: presenton
Published: Jun 30, 2026
Source: NVD
CVE-2026-57585 HIGH - 7.5

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This is...

Vendor: msgpack
Product: msgpack-python
Published: Jun 30, 2026
Source: NVD
CVE-2026-57204 MEDIUM - 6.5

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAX_DECLARED_STREAM_LENGTH is sometimes ignored. This requires parsing a content stream wit...

Vendor: py-pdf
Product: pypdf
Published: Jun 30, 2026
Source: NVD
CVE-2026-52868 HIGH - 8.2

An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation.

Vendor: OFFIS DICOM
Product: DCMTK Toolkit
Published: Jun 30, 2026
Source: NVD