Total CVEs

143,208

Critical Severity

4,054

High Severity

14,598

Last 7 Days

1,283
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 361 - 380 of 39,613 CVEs
CVE-2026-59870 MEDIUM - 5.3

js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11_SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem() to perform a linear duplicate-key scan on every insertion, causing O(n^2) CPU consumption when yaml.load() parses a crafted ordered-map...

Vendor: nodeca
Product: js-yaml
Published: Jul 08, 2026
Source: NVD
CVE-2026-59869 HIGH - 7.5

js-yaml is a JavaScript YAML parser and dumper. From 3.0.0 before 3.15.0 and from 4.0.0 before 4.3.0, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This issue is fixed in ver...

Vendor: nodeca
Product: js-yaml
Published: Jul 08, 2026
Source: NVD
CVE-2026-59868 MEDIUM - 5.3

js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.0, when merge keys are enabled, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This issue is fixed in ver...

Vendor: nodeca
Product: js-yaml
Published: Jul 08, 2026
Source: NVD
CVE-2026-59725 HIGH - 7.5

Socket.IO enables bidirectional and low-latency communication for every platform. From 4.1.0 before 6.6.7, Engine.IO protocol v4 polling transport does not properly close the HTTP response for invalid binary POST requests with Content-Type: application/octet-stream, allowing an unauthenticated attac...

Vendor: socketio
Product: socket.io
Published: Jul 08, 2026
Source: NVD
CVE-2026-59724 HIGH - 7.5

Socket.IO enables bidirectional and low-latency communication for every platform. From 6.5.0 before 6.6.7, Engine.IO servers with WebTransport enabled can resolve a crafted session ID such as __proto__ through an inherited property of the clients object during WebTransport upgrade handling, causing ...

Vendor: socketio
Product: socket.io
Published: Jul 08, 2026
Source: NVD
CVE-2026-59702 CRITICAL - 9.3

repomix contains a server-side request forgery vulnerability in the POST /api/pack endpoint that allows unauthenticated attackers to make arbitrary outbound requests. The endpoint fails to properly validate http://, https://, and file:// URLs before passing them to git clone, enabling attackers to a...

Vendor: repomix
Product: repomix
Published: Jul 08, 2026
Source: NVD
CVE-2026-59262 MEDIUM - 6.5

AFFiNE's histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emai...

Vendor: affine
Product: monorepo
Published: Jul 08, 2026
Source: NVD
CVE-2026-57439 MEDIUM - 5.0

CyberChef is a web app for encryption, encoding, compression, and data analysis. Prior to 11.2.0, the Series Chart operation accepts __proto__ as a key while parsing user-supplied CSV, allowing prototype pollution that can be chained with operations such as Parse UDP to inject malicious JavaScript i...

Vendor: gchq
Product: CyberChef
Published: Jul 08, 2026
Source: NVD

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. In versions 2.39.0 through 2.39.3 and 2.40.0 until 2.43.0, unauthenticated restore and administrator initialization endpoin...

Vendor: portainer
Product: portainer
Published: Jul 08, 2026
Source: NVD
CVE-2026-54344 MEDIUM - 4.7

ToolJet is an open-source low-code platform for building internal tools. Prior to 3.20.180, ToolJet's render preview deployment workflow interpolates github.event.comment.body directly into a bash conditional in a run step, allowing any GitHub user who can comment on an open pull request with a...

Vendor: ToolJet
Product: ToolJet
Published: Jul 08, 2026
Source: NVD

Copier is a library and CLI app for rendering project templates. In versions 9.5.0 through 9.15.1, the `trust` setting's prefix match (`copier/_settings.py`) compares the template URL against a trusted prefix with a raw `str.startswith` and no path normalization, while the URL is normalized whe...

Vendor: copier-org
Product: copier
Published: Jul 08, 2026
Source: NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: Jul 08, 2026
Source: NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: Jul 08, 2026
Source: NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: Jul 08, 2026
Source: NVD
CVE-2026-3144 HIGH - 8.1

IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update.

Published: Jul 08, 2026
Source: NVD
CVE-2026-15063 MEDIUM - 6.3

A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing the k...

Vendor: Red Hat
Product: Red Hat OpenShift AI (RHOAI)
Published: Jul 08, 2026
Source: NVD

BBOT's `github_workflows` module could be induced to write a downloaded artifact outside its configured output directory: its path-containment check did not resolve `..`, so a crafted `CODE_REPOSITORY` URL could traverse out of the intended folder. The write is bounded to two directory levels a...

Vendor: Black Lantern Security
Product: BBOT
Published: Jul 08, 2026
Source: NVD

BBOT's unarchive module rejects archives containing symlink entries before extraction, but for zip and 7z archives it failed to detect symlinks whose listing carries a DOS-attribute prefix before the unix mode, as produced by legacy versions of p7zip. Such an archive, downloaded and extracted d...

Vendor: Black Lantern Security
Product: BBOT
Published: Jul 08, 2026
Source: NVD
CVE-2026-59703 HIGH - 7.5

repomix contains a local file inclusion vulnerability in the git clone endpoint that allows unauthenticated attackers to read arbitrary local git repositories. The isValidRemoteValue function in src/core/git/gitRemoteParse.ts fails to block file:// URLs, permitting attackers to supply file:// scheme...

Vendor: repomix
Product: repomix
Published: Jul 08, 2026
Source: NVD
CVE-2026-55874 HIGH - 7.7

SeaweedFS is a distributed storage system. Prior to 4.34, the S3 API gateway does not reject dot-dot path segments in the X-Amz-Copy-Source header used by CopyObject and UploadPartCopy, allowing an authenticated identity scoped to one bucket to read objects from other buckets through server-side cop...

Vendor: seaweedfs
Product: seaweedfs
Published: Jul 08, 2026
Source: NVD