Total CVEs

145,521

Critical Severity

4,252

High Severity

15,657

Last 7 Days

2,330
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 4,701 - 4,720 of 41,926 CVEs
CVE-2026-13779 HIGH - 8.1

Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2026-13778 HIGH - 7.8

Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2026-13777 HIGH - 8.8

Insufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2026-13776 CRITICAL - 9.8

Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2026-13775 CRITICAL - 9.8

Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2026-13774 HIGH - 8.1

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 30, 2026
Source: NVD
CVE-2025-71381 MEDIUM - 6.5

Hono before 4.10.2 (fixed in 4.10.3) contains a flaw in its CORS middleware: when the origin is not set to "*", the middleware copies the Vary header from the incoming request into the response. Because Vary is a response header that should be managed by the server, an attacker can supply ...

Vendor: Hono
Product: Hono
Published: Jun 30, 2026
Source: NVD
CVE-2025-71374 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files that bypass picklescan detection and achieve code execution upon deserializati...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71371 HIGH - 8.1

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load().

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71368 HIGH - 8.1

picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files embedding doctest.debug_script calls that bypass picklescan detection and execute arbitrary commands...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71363 HIGH - 8.1

picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserialization.

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD

Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to bypass static analysis and execute arbitrary code during deserialization. Attackers can craft malicious pickle files using numpy.testing._private.utils.runstring within the reduce method to i...

Vendor: Picklescan
Product: Picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71352 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle file reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with trace.Trace.runctx payloads that bypass picklescan detection and exec...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71350 HIGH - 8.1

picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims.

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2025-71349 HIGH - 8.1

picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using trace.Trace.run in the reduce method to achieve arbitrary code execution when pic...

Vendor: picklescan
Product: picklescan
Published: Jun 30, 2026
Source: NVD
CVE-2026-58450 MEDIUM - 4.3

Invoice Ninja through 5.13.26 contains an open redirect vulnerability in the client portal login that allows unauthenticated attackers to redirect authenticated victims to attacker-controlled external URLs by injecting a malicious value into the intended query parameter. Attackers can craft a client...

Vendor: invoiceninja
Product: invoiceninja
Published: Jun 30, 2026
Source: NVD
CVE-2026-58449 CRITICAL - 9.8

txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint whose function body parameter is resolved through txtai.util.Resolver, which performs __import__ and getattr on the caller-supplied dotted path with no allowlist. When the API is exposed with no TOKEN configured (authent...

Vendor: neuml
Product: txtai
Published: Jun 30, 2026
Source: NVD
CVE-2026-58448 MEDIUM - 6.5

yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected endpoint lacking the @PreAuthorize annotation. At...

Vendor: YunaiV
Product: yudao-cloud
Published: Jun 30, 2026
Source: NVD
CVE-2026-58447 MEDIUM - 6.5

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the remove_video action of the playlist endpoint. ...

Vendor: iv-org
Product: Invidious
Published: Jun 30, 2026
Source: NVD
CVE-2026-58446 MEDIUM - 6.5

Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints ...

Vendor: presenton
Product: presenton
Published: Jun 30, 2026
Source: NVD