Total CVEs

145,845

Critical Severity

4,280

High Severity

15,756

Last 7 Days

2,276
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 5,321 - 5,340 of 42,250 CVEs
CVE-2026-28979 MEDIUM - 6.5

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-13763 CRITICAL - 9.8

Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This issue ...

Vendor: AWS
Product: AWS Application Load Balancer
Published: Jun 29, 2026
Source: NVD
CVE-2026-13762 CRITICAL - 9.8

Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This issue was remed...

Vendor: AWS
Product: Amazon CloudFront
Published: Jun 29, 2026
Source: NVD
CVE-2026-13593 MEDIUM - 6.5

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace.

Vendor: GTERMARS
Product: CSS::Minifier::XS
Published: Jun 29, 2026
Source: NVD

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-57700. Reason: This candidate is a reservation duplicate of CVE-2026-57700. Notes: All CVE users should reference CVE-2026-57700 instead of this candidate. All references and descriptions in this candidate have been...

Published: Jun 29, 2026
Source: NVD
CVE-2026-58000 HIGH - 8.8

luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the cl_meta parameter is interpolated into a shell command without proper escaping or quoting. An authenticated LuCI user with OpenVPN protocol configuration ac...

Vendor: openwrt
Product: luci-proto-openvpn
Published: Jun 29, 2026
Source: NVD
CVE-2026-57999 HIGH - 8.8

luci-app-tailscale-community contains a command injection vulnerability in the tailscale.do_login RPC method that allows authenticated users to execute arbitrary commands as root. The vulnerability exists because user-controlled loginserver and loginserver_authkey parameters are improperly quoted wi...

Vendor: openwrt
Product: luci-app-tailscale-community
Published: Jun 29, 2026
Source: NVD

Memory Allocation with Excessive Size Value vulnerability in leandrocp mdex allows an unauthenticated attacker to cause a denial of service through unbounded memory allocation. comrak_nif::lumis_adapter::LumisAdapter::parse_highlight_lines in native/comrak_nif/src/lumis_adapter.rs eagerly expands a...

Vendor: leandrocp
Product: mdex, mdex_native
Published: Jun 29, 2026
Source: NVD

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown. When syntax highlighting and full info-string forwarding (render: [full_info_string: true]...

Vendor: leandrocp
Product: mdex, mdex_native
Published: Jun 29, 2026
Source: NVD
CVE-2026-13757 MEDIUM - 6.2

A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when processing nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TE...

Vendor: Red Hat
Product: Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Hardened Images, Red Hat OpenShift Container Platform 4
Published: Jun 29, 2026
Source: NVD
CVE-2026-57960 MEDIUM - 6.5

Hi.Events through 1.9.0 public check-in list endpoints use short_id as sole access control, allowing unauthenticated access to retrieve full attendee lists including emails and personal information. Attackers with knowledge of the short_id can call GET /api/public/check-in-lists/{short_id}/attendees...

Vendor: HiEventsDev
Product: Hi.Events
Published: Jun 29, 2026
Source: NVD
CVE-2026-57959 MEDIUM - 5.9

Hi.Events through 1.9.0 contains a promo code validation vulnerability where reservation validates usage count before asynchronous UpdateEventStatisticsJob increments it, allowing attackers to redeem limited promo codes unlimited times. Attackers can sequentially reserve multiple orders with the sam...

Vendor: HiEventsDev
Product: Hi.Events
Published: Jun 29, 2026
Source: NVD
CVE-2026-57958 MEDIUM - 6.1

Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in authenticated users' browsers by crafting malicious OAuth callback URLs with unsanitized error query parameters. Attackers can exploit the OAuth...

Vendor: inovector
Product: mixpost
Published: Jun 29, 2026
Source: NVD
CVE-2026-57957 MEDIUM - 4.7

Papermark through 0.22.0 contains a cross-origin resource sharing (CORS) misconfiguration vulnerability that allows unauthenticated remote attackers to perform credentialed cross-origin requests by exploiting the TUS-based viewer upload endpoint reflecting arbitrary request Origins with Access-Contr...

Vendor: papermark
Product: papermark
Published: Jun 29, 2026
Source: NVD
CVE-2026-57956 MEDIUM - 6.4

SigNoz through 0.130.1 contains a broken access control vulnerability that allows authenticated users to access other organizations' alert rules by supplying a target rule UUID, as the alert rule store predicates fail to filter by organization ID. Attackers can read, edit, and delete alert rule...

Vendor: SigNoz
Product: signoz
Published: Jun 29, 2026
Source: NVD
CVE-2026-57955 HIGH - 8.5

SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of the alert-history endpoints. Attackers can manipulate the unsanitized rule ID interpolated into...

Vendor: SigNoz
Product: signoz
Published: Jun 29, 2026
Source: NVD
CVE-2026-57954 MEDIUM - 4.3

Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across all...

Vendor: yahoo
Product: elide
Published: Jun 29, 2026
Source: NVD
CVE-2026-57953 MEDIUM - 5.4

Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write operations by accessing the eventing_import_automatic_webhook endpoint registered under spectator-permitted middleware. Attackers with spectator role can...

Vendor: its-a-feature
Product: mythic
Published: Jun 29, 2026
Source: NVD
CVE-2026-57952 MEDIUM - 6.5

Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke ...

Vendor: its-a-feature
Product: mythic
Published: Jun 29, 2026
Source: NVD
CVE-2026-57951 MEDIUM - 6.5

Mythic before 3.4.0.60 contains a broken hasura permission filter on the payload_build_step table with an always-satisfied _or condition that bypasses operation-scoped access controls. Authenticated operators and spectators can query payload_build_step to read step_stdout, step_stderr, step_name, an...

Vendor: its-a-feature
Product: mythic
Published: Jun 29, 2026
Source: NVD