Total CVEs

144,714

Critical Severity

4,191

High Severity

15,264

Last 7 Days

1,826
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 3,901 - 3,920 of 41,119 CVEs
CVE-2025-71374 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files that bypass picklescan detection and achieve code execution upon deserializati...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71371 HIGH - 8.1

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load().

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71368 HIGH - 8.1

picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files embedding doctest.debug_script calls that bypass picklescan detection and execute arbitrary commands...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71363 HIGH - 8.1

picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserialization.

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD

Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to bypass static analysis and execute arbitrary code during deserialization. Attackers can craft malicious pickle files using numpy.testing._private.utils.runstring within the reduce method to i...

Vendor: Picklescan
Product: Picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71352 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle file reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with trace.Trace.runctx payloads that bypass picklescan detection and exec...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71350 HIGH - 8.1

picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims.

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71349 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using trace.Trace.run in the reduce method to achieve arbitrary code execution when pic...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2026-58450 MEDIUM - 4.3

Invoice Ninja through 5.13.26 contains an open redirect vulnerability in the client portal login that allows unauthenticated attackers to redirect authenticated victims to attacker-controlled external URLs by injecting a malicious value into the intended query parameter. Attackers can craft a client...

Vendor: invoiceninja
Product: invoiceninja
Published: Jun 30, 2026
Source: NVD
CVE-2026-58449 CRITICAL - 9.8

txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint whose function body parameter is resolved through txtai.util.Resolver, which performs __import__ and getattr on the caller-supplied dotted path with no allowlist. When the API is exposed with no TOKEN configured (authent...

Vendor: neuml
Product: txtai
Published: Jun 30, 2026
Source: NVD
CVE-2026-58448 MEDIUM - 6.5

yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected endpoint lacking the @PreAuthorize annotation. At...

Vendor: YunaiV
Product: yudao-cloud
Published: Jun 30, 2026
Source: NVD
CVE-2026-58447 MEDIUM - 6.5

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the remove_video action of the playlist endpoint. ...

Vendor: iv-org
Product: Invidious
Published: Jun 30, 2026
Source: NVD
CVE-2026-58446 MEDIUM - 6.5

Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints ...

Vendor: presenton
Product: presenton
Published: Jun 30, 2026
Source: NVD
CVE-2026-57585 HIGH - 7.5

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This is...

Vendor: msgpack
Product: msgpack-python
Published: Jun 30, 2026
Source: NVD
CVE-2026-57204 MEDIUM - 6.5

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAX_DECLARED_STREAM_LENGTH is sometimes ignored. This requires parsing a content stream wit...

Vendor: py-pdf
Product: pypdf
Published: Jun 30, 2026
Source: NVD
CVE-2026-52868 HIGH - 8.2

An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation.

Vendor: OFFIS DICOM
Product: DCMTK Toolkit
Published: Jun 30, 2026
Source: NVD
CVE-2026-52196 HIGH - 7.5

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_416f28 component

Published: Jun 30, 2026
Source: NVD
CVE-2026-50254 HIGH - 7.5

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it.

Vendor: OFFIS DICOM
Product: DCMTK Toolkit
Published: Jun 30, 2026
Source: NVD
CVE-2026-50003 CRITICAL - 9.8

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths.

Vendor: OFFIS DICOM
Product: DCMTK Toolkit
Published: Jun 30, 2026
Source: NVD
CVE-2026-37106 CRITICAL - 9.8

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration (a non-default fea...

Published: Jun 30, 2026
Source: NVD