Total CVEs

143,232

Critical Severity

4,056

High Severity

14,610

Last 7 Days

1,242
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 721 - 740 of 39,637 CVEs

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged staff account to grant arbitrary module permissions to itself through the admin API, resulting in persistent privilege escalation. A staff user that only has `staff.create_and_edit...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Versions 0.5.3 through 0.7.2 allow authenticated clients to both read and reset API key service secrets for orders that are no longer in an `active` state (e.g., `suspended`, `canceled`). The root cause is missing order-state v...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow low-privileged staff accounts to perform unauthorized actions via admin API endpoints. The root cause is a combination of the `can_always_access` module flag (which grants all staff access to certa...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when the "Require Email Confirmation" setting is enabled, a logged-in client with an unverified email address (`email_approved = 0`) can access all client-area pages (e.g. `/client/bal...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a stored cross-site scripting (XSS) vulnerability in the client-facing email history views of FOSSBilling. Email HTML content (`content_html`) is rendered into a JavaScript template literal usi...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, low-privileged staff accounts may read sensitive data via admin API endpoints that lack permission checks. While sibling write endpoints correctly enforce fine-grained permissions, the corresponding read...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD
CVE-2026-59710 MEDIUM - 6.1

showdown contains a stored cross-site scripting vulnerability in the parseHeaders function of src/subParsers/makehtml/tables.js that fails to properly escape table header ID attributes. Attackers can inject arbitrary HTML and script-executing SVG elements through double-quote characters in markdown ...

Vendor: showdown
Product: showdown
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the PayPalEmail payment adapter accepts PayPal IPN callbacks and credits the IPN-supplied amount (`mc_gross`) to the client's balance without validating it against the invoice total. Combined with a...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow allows an authenticated client to apply a promo code beyond its configured maximum uses. By sending concurrent checkout requests before any single request compl...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, an unauthenticated mass assignment vulnerability in the client self-registration endpoint allows any visitor to assign themselves to an arbitrary client group during sign-up. Because client groups can ga...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.10 through 0.7.2 have a PHP code injection vulnerability in FOSSBilling's `Config::prettyPrintArrayToPHP()` method. When configuration values are updated, string values are written into `config.php` without es...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, when a client or staff/admin account is suspended or marked inactive, existing authenticated sessions are not invalidated. The session identity loaders in src/di.php (loggedin_client and loggedin_admin) ...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD
CVE-2026-42204 HIGH - 8.8

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.471 through 4.0.0-beta.473, a regression in SHELL_SAFE_COMMAND_PATTERN allowed ampersands in custom Docker Compose build, start, and pre/post-deployment command fields, allowing an aut...

Vendor: coollabsio
Product: coolify
Published: Jul 06, 2026
Source: NVD
CVE-2026-42153 HIGH - 8.8

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, PostgreSQL healthcheck command generation used attacker-controlled database settings (postgres_user and postgres_db) in shell-form commands, allowing an authenticated user to ...

Vendor: coollabsio
Product: coolify
Published: Jul 06, 2026
Source: NVD

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the buildHelperImage method in app/Livewire/Settings/Index.php constructs a Docker build command using the dev_helper_version field without shell escaping, allowing an attacke...

Vendor: coollabsio
Product: coolify
Published: Jul 06, 2026
Source: NVD
CVE-2026-41899 MEDIUM - 6.5

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, POST /api/feedback has no authentication, no rate limiting, and no input validation, allowing arbitrary content to be forwarded directly to a Discord webhook and enabling spam...

Vendor: coollabsio
Product: coolify
Published: Jul 06, 2026
Source: NVD
CVE-2026-38979 MEDIUM - 5.4

ajenti through v2.2.13 has a clickjacking weakness in the browser-facing login and administrative UI. In ajenti-core/aj/http.py, the core HTTP response path initializes an empty header list, forwards handler-added headers verbatim, and finalizes responses through WSGI start_response() without adding...

Published: Jul 06, 2026
Source: NVD
CVE-2026-38976 HIGH - 7.5

mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in op_super() / OP_SUPER due to a missing runtime guard for top-level super.

Published: Jul 06, 2026
Source: NVD
CVE-2026-38973 MEDIUM - 4.4

mrubyc through release3.4.1 was found to contain an out-of-bounds read in builtin missing-method lookup inside mrbc_find_method().

Published: Jul 06, 2026
Source: NVD
CVE-2026-34599 HIGH - 8.8

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, there is an authenticated command injection vulnerability in the GetLogs Livewire component which allows users with team membership (lowest privilege member role) to execute a...

Vendor: coollabsio
Product: coolify
Published: Jul 06, 2026
Source: NVD