Total CVEs

141,249

Critical Severity

3,795

High Severity

13,708

Last 7 Days

2,216
Quick preset (or use dates below)
Clear Filters
Showing 8,141 - 8,160 of 13,708 CVEs
CVE-2026-27309 HIGH - 7.8

Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: Substance3D - Stager
Published: Mar 27, 2026
Source: NVD
CVE-2019-25652 HIGH - 7.5

UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept SMT...

Vendor: Ubiquiti
Product: UniFi Network Controller
Published: Mar 27, 2026
Source: NVD
CVE-2019-25651 HIGH - 8.3

Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weaknesse...

Vendor: Ubiquiti
Product: UniFi Network Controller, UniFi UAP Firmware, UniFi UAP-AC Firmware, UniFi USW Firmware, UniFi USG Firmware
Published: Mar 27, 2026
Source: NVD
CVE-2026-4976 HIGH - 8.8

A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack can be launched remotely. The exploit has been made public and cou...

Vendor: totolink
Product: lr350_firmware
Published: Mar 27, 2026
Source: NVD
CVE-2026-33874 HIGH - 7.8

Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file. Update the gematik Authen...

Vendor: gematik
Product: app-Authenticator
Published: Mar 27, 2026
Source: NVD
CVE-2026-4975 HIGH - 8.8

A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

Vendor: tenda
Product: ac15_firmware
Published: Mar 27, 2026
Source: NVD
CVE-2026-4974 HIGH - 8.8

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack re...

Vendor: tenda
Product: ac7_firmware
Published: Mar 27, 2026
Source: NVD
CVE-2026-34391 HIGH - 7.5

Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credentials, VPN secre...

Vendor: fleetdm
Product: fleet
Published: Mar 27, 2026
Source: NVD
CVE-2026-32241 HIGH - 7.5

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that allow...

Vendor: flannel-io
Product: flannel
Published: Mar 27, 2026
Source: NVD
CVE-2026-31945 HIGH - 7.7

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery (SSRF) attack when using agent actions or MCP. Although a previous SSRF vulnerability (https://github.com/danny-avila/LibreChat/security/advisories/GHSA-rgjq-4q58-m...

Vendor: danny-avila
Product: LibreChat
Published: Mar 27, 2026
Source: NVD
CVE-2026-31943 HIGH - 8.5

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, `isPrivateIP()` in `packages/api/src/auth/domain.ts` fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP reques...

Vendor: danny-avila
Product: LibreChat
Published: Mar 27, 2026
Source: NVD
CVE-2026-34076 HIGH - 7.4

Clerk JavaScript is the official JavaScript repository for Clerk authentication. In @clerk/hono from versions 0.1.0 to before 0.1.5, @clerk/express from versions 2.0.0 to before 2.0.7, @clerk/backend from versions 3.0.0 to before 3.2.3, and @clerk/fastify from versions 3.1.0 to before 3.1.5, the cle...

Vendor: npm
Product: @clerk/backend
Published: Mar 27, 2026
Source: GitHub
CVE-2026-34070 HIGH - 7.5

LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchain_core.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an appl...

Vendor: pip
Product: langchain-core
Published: Mar 27, 2026
Source: GitHub
CVE-2026-34060 HIGH - 9.8

Ruby LSP is an implementation of the language server protocol for Ruby. Prior to Shopify.ruby-lsp version 0.10.2 and ruby-lsp version 0.26.9, the rubyLsp.branch VS Code workspace setting was interpolated without sanitization into a generated Gemfile, allowing arbitrary Ruby code execution when a use...

Vendor: rubygems
Product: ruby-lsp
Published: Mar 27, 2026
Source: GitHub

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.5.1, the `_read_flow` helper in `src/backend/base/langflow/api/v1/flows.py` branched on the `AUTO_LOGIN` setting to decide whether to filter by `user_id`. When `AUTO_LOGIN` was `False` (i.e., authentica...

Vendor: pip
Product: langflow
Published: Mar 27, 2026
Source: GitHub
CVE-2026-34042 HIGH - 8.2

act is a project which allows for local running of github actions. Prior to version 0.2.86, act's built in actions/cache server listens to connections on all interfaces and allows anyone who can connect to it including someone anywhere on the internet to create caches with arbitrary keys and re...

Vendor: go
Product: github.com/nektos/act
Published: Mar 27, 2026
Source: GitHub
CVE-2026-34041 HIGH - 9.8

act is a project which allows for local running of github actions. Prior to version 0.2.86, act unconditionally processes the deprecated ::set-env:: and ::add-path:: workflow commands, which was disabled due to environment injection risks. When a workflow step echoes untrusted data to stdout, an att...

Vendor: go
Product: github.com/nektos/act
Published: Mar 27, 2026
Source: GitHub
CVE-2026-34375 HIGH - 8.2

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the YPTWallet Stripe payment confirmation page directly echoes the `$_REQUEST['plugin']` parameter into a JavaScript block without any encoding or sanitization. The `plugin` parameter is not included in any...

Vendor: WWBN
Product: AVideo
Published: Mar 27, 2026
Source: NVD
CVE-2026-26061 HIGH - 7.5

Fleet is open source device management software. Prior to 4.81.0, Fleet contained multiple unauthenticated HTTP endpoints that read request bodies without enforcing a size limit. An unauthenticated attacker could exploit this behavior by sending large or repeated HTTP payloads, causing excessive mem...

Vendor: fleetdm
Product: fleet
Published: Mar 27, 2026
Source: NVD
CVE-2026-33989 HIGH - 8.1

Mobile Next is an MCP server for mobile development and automation. Prior to version 0.0.49, the `@mobilenext/mobile-mcp` server contains a Path Traversal vulnerability in the `mobile_save_screenshot` and `mobile_start_screen_recording` tools. The `saveTo` and `output` parameters were passed directl...

Vendor: npm
Product: @mobilenext/mobile-mcp
Published: Mar 27, 2026
Source: GitHub