Total CVEs

144,269

Critical Severity

4,162

High Severity

14,979

Last 7 Days

1,670
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 3,581 - 3,600 of 40,674 CVEs
CVE-2026-49451 HIGH - 7.5

The OpenAPI.NET SDK contains a useful object model for OpenAPI documents in .NET along with common serializers to extract raw OpenAPI JSON and YAML documents from the model. From 2.0.0-preview11 until 2.7.5 and 3.5.4, a small OpenAPI document containing a circular schema reference can cause process ...

Vendor: nuget
Product: Microsoft.OpenAPI
Published: Jun 30, 2026
Source: GitHub

In the Tarfile.extract() function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract() function...

Published: Jun 30, 2026
Source: NVD
CVE-2026-48192 MEDIUM - 5.4

A vulnerability has been identified in Mendix Studio Pro 10.11 (All versions), Mendix Studio Pro 10.12 (All versions), Mendix Studio Pro 10.13 (All versions), Mendix Studio Pro 10.14 (All versions), Mendix Studio Pro 10.15 (All versions), Mendix Studio Pro 10.16 (All versions), Mendix Studio Pro 10....

Published: Jun 30, 2026
Source: NVD

A Rancher FleetWorkspace admission path allowed side effects to occur in the Rancher webhook handler for versions 0.7.0 up to 0.7.10, 0.8.0 up to 0.8.7, 0.9.0 up to 0.9.6 and 0.10.0 up to 0.10.7. An unauthenticated attacker with network access to the in-cluster rancher-webhook service could submi...

Vendor: SUSE
Product: Rancher
Published: Jun 30, 2026
Source: NVD

A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security Admission (PSA) permissions after an administrator removes those permissions from a RoleTemplate.

Vendor: SUSE
Product: Rancher
Published: Jun 30, 2026
Source: NVD
CVE-2026-27957 HIGH - 8.8

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, an authenticated command injection vulnerability in the CA Certificate management feature allows any authenticated user to execute arbitrary commands as the configured SSH use...

Vendor: coollabsio
Product: coolify
Published: Jun 30, 2026
Source: NVD
CVE-2026-27956 MEDIUM - 4.3

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, `GET /api/v1/servers/{server_uuid}/domains?uuid={app_uuid}` bypasses team scoping when the optional uuid query parameter is provided. Any authenticated API user can enumerate ...

Vendor: coollabsio
Product: coolify
Published: Jun 30, 2026
Source: NVD
CVE-2026-27955 MEDIUM - 6.6

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the executeInDocker() helper wraps commands in bash -c '{$command}' without escaping single quotes. User-controlled docker_compose_custom_build_command and docker_co...

Vendor: coollabsio
Product: coolify
Published: Jun 30, 2026
Source: NVD
CVE-2026-27883 MEDIUM - 5.0

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the `GET /api/v1/deployments/{uuid}` endpoint allows any authenticated user to access deployment details belonging to any team, bypassing team-based authorization. The $teamId...

Vendor: coollabsio
Product: coolify
Published: Jun 30, 2026
Source: NVD
CVE-2026-27882 MEDIUM - 4.8

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.461, the GitLab webhook endpoint uses a non-constant-time string comparison operator (!==) to validate the webhook secret token. This implementation is vulnerable to timing attacks...

Vendor: coollabsio
Product: coolify
Published: Jun 30, 2026
Source: NVD
CVE-2026-27881 MEDIUM - 5.0

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, `GET /api/v1/deployments/{uuid}` in DeployController.php retrieves deployment details without validating that the deployment belongs to the authenticated user's team. Any...

Vendor: coollabsio
Product: coolify
Published: Jun 30, 2026
Source: NVD

KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited authentication requests. This lack of rate‑limiting enables efficient brute‑force attacks against user accounts. When combined with vulnerability CVE-2026-35097, where pa...

Vendor: KTM System
Product: e-BOK
Published: Jun 30, 2026
Source: NVD

KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended characters. This issue was fixed in the patch published in June 2026.

Vendor: KTM System
Product: e-BOK
Published: Jun 30, 2026
Source: NVD

KTM System e-BOK is vulnerable to Cross‑Site Request Forgery (CSRF) in both the email-change and password-change functionalities. An attacker can craft a malicious website that, when visited by an authenticated user, automatically sends a forged POST request to the application. This allows the attac...

Vendor: KTM System
Product: e-BOK
Published: Jun 30, 2026
Source: NVD

KTM System e-BOK allows the session identifier to be set by the client prior to authentication. If a cookie with a valid name is set, its value remains unchanged after successful login. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. T...

Vendor: KTM System
Product: e-BOK
Published: Jun 30, 2026
Source: NVD
CVE-2026-14241 CRITICAL - 9.8

Memory safety bugs present in Firefox 152.0.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152.0.4.

Vendor: Mozilla
Product: Firefox
Published: Jun 30, 2026
Source: NVD
CVE-2026-14178 MEDIUM - 5.9

openGauss 在处理带 NLS 参数的 to_timestamp 调用时,to_timestamp_with_fmt_nls() 会将 nls_fmt_str 保存到 u_sess->parser_cxt.nls_fmt_str。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestamp_out() 仍会通过 CheckNlsFormat() 访问 u_sess->parser_cxt.nls_fmt_str,导致访问已释放内存。攻击者在...

Vendor: openGauss-server
Product: openGauss-server-7.0.0-RC2, openGauss-server-7.0.0-RC1, openGauss-server-7.0.0-RC3
Published: Jun 30, 2026
Source: NVD
CVE-2025-53648 MEDIUM - 5.4

SQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files. Users are recommended to upgrade to version 1.0.0, which fixes this issue.

Vendor: apache
Product: gravitino
Published: Jun 30, 2026
Source: NVD
CVE-2026-8655 CRITICAL - 9.8

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive ...

Vendor: citrix
Product: netscaler_application_delivery_controller
Published: Jun 30, 2026
Source: NVD
CVE-2026-8452 CRITICAL - 9.8

Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

Vendor: citrix
Product: netscaler_application_delivery_controller
Published: Jun 30, 2026
Source: NVD