Total CVEs

144,714

Critical Severity

4,191

High Severity

15,264

Last 7 Days

1,966
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 4,121 - 4,140 of 41,119 CVEs
CVE-2026-58302 HIGH - 8.4

rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to lo...

Vendor: LinuxCNC
Product: LinuxCNC
Published: Jun 30, 2026
Source: NVD
CVE-2026-12243 HIGH - 7.5

NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue #3504. The `_UNSAFE_NO_PROTOCOL_RE` regex in `nltk/data.py` checks for literal `../` sequences but fails to account for percent-encoded traversal sequences such as `..%2f`. The `url2pathname()` func...

Vendor: nltk
Product: nltk
Published: Jun 30, 2026
Source: NVD
CVE-2026-8023 HIGH - 7.5

Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM is enabled) that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-...

Published: Jun 29, 2026
Source: NVD
CVE-2026-7656 HIGH - 8.1

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was '((length/hop/source/...

Published: Jun 29, 2026
Source: NVD
CVE-2026-51219 MEDIUM - 6.5

A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Published: Jun 29, 2026
Source: NVD
CVE-2026-51218 MEDIUM - 6.5

A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Published: Jun 29, 2026
Source: NVD
CVE-2026-10648 MEDIUM - 6.2

mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before checking it for NULL. smp_packet_alloc() uses net_buf_alloc(K_NO_WAIT) against the shared MCUmgr packet pool (CONFIG_MCUMGR_TRANSPORT_NETBUF_COUNT, default ...

Vendor: zephyrproject
Product: zephyr
Published: Jun 29, 2026
Source: NVD
CVE-2026-44840 HIGH - 7.5

Dgraph is an open source distributed GraphQL database. Prior to version 25.3.4, the `checkUserPassword` GraphQL query in Dgraph is vulnerable to DQL (Dgraph Query Language) injection. User-supplied password values are interpolated directly into a DQL `checkpwd()` query via `fmt.Sprintf` without any ...

Vendor: go
Product: github.com/dgraph-io/dgraph/v25
Published: Jun 29, 2026
Source: GitHub
CVE-2026-57997 MEDIUM - 5.4

Strapi users-permissions plugin fails to restrict JWT algorithms when plugin::users-permissions.jwt.algorithm is not explicitly configured, allowing acceptance of HS384 and HS512 tokens alongside HS256. Attackers possessing the jwtSecret can mint tokens with non-standard HMAC variants to bypass algo...

Vendor: strapi
Product: strapi
Published: Jun 29, 2026
Source: NVD
CVE-2026-51221 HIGH - 7.5

A buffer overflow in the Get_Attribute_List function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service (DoS) via supplying a crafted Common Packet Format (CPF) packet.

Published: Jun 29, 2026
Source: NVD
CVE-2026-34592 HIGH - 7.7

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, Coolify server and project lookups are not scoped to the current team, allowing any authenticated user to access servers and projects belonging to other teams by specifying th...

Vendor: coollabsio
Product: coolify
Published: Jun 29, 2026
Source: NVD
CVE-2026-10647 MEDIUM - 5.3

The USB CDC-NCM device class (subsys/usb/device_next/class/usbd_cdc_ncm.c) ignores the return value of usbd_ep_enqueue() in its ethernet transmit callback cdc_ncm_send(). When the enqueue fails, the function still calls k_sem_take(&data-sync_sem, K_FOREVER), blocking on a completion semaphore th...

Vendor: zephyrproject
Product: zephyr
Published: Jun 29, 2026
Source: NVD
CVE-2026-55957 HIGH - 7.3

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 throug...

Vendor: Apache Software Foundation
Product: Apache Tomcat
Published: Jun 29, 2026
Source: NVD
CVE-2026-55956 MEDIUM - 6.5

Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9...

Vendor: Apache Software Foundation
Product: Apache Tomcat
Published: Jun 29, 2026
Source: NVD
CVE-2026-55955 MEDIUM - 6.5

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, from ...

Vendor: Apache Software Foundation
Product: Apache Tomcat
Published: Jun 29, 2026
Source: NVD
CVE-2026-55276 CRITICAL - 9.1

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9....

Vendor: Apache Software Foundation
Product: Apache Tomcat
Published: Jun 29, 2026
Source: NVD
CVE-2026-53434 CRITICAL - 9.1

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version 11....

Vendor: Apache Software Foundation
Product: Apache Tomcat
Published: Jun 29, 2026
Source: NVD
CVE-2026-53404 HIGH - 7.3

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, fro...

Vendor: Apache Software Foundation
Product: Apache Tomcat
Published: Jun 29, 2026
Source: NVD
CVE-2026-50229 MEDIUM - 6.1

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...

Vendor: Apache Software Foundation
Product: Apache Tomcat
Published: Jun 29, 2026
Source: NVD
CVE-2026-41896 HIGH - 7.5

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the application's manual_webhook_secret_github field, which is used by Coolify's webhook endpoints to validate incoming requests, is nullable with no...

Vendor: coollabsio
Product: coolify
Published: Jun 29, 2026
Source: NVD