Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,604
Quick preset (or use dates below)
Clear Filters
Showing 9,121 - 9,140 of 13,738 CVEs
CVE-2026-31898 HIGH - 8.1

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of arguments of the `createAnnotation` method allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to the following method, a user can injec...

Vendor: npm
Product: jspdf
Published: Mar 17, 2026
Source: GitHub
CVE-2026-31891 HIGH - 7.7

Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the MongoLite Aggregation Optimizer. Any deployment where the `/api/content/aggregate/{model}` endpoint is...

Vendor: composer
Product: cockpit-hq/cockpit
Published: Mar 17, 2026
Source: GitHub
CVE-2026-30922 HIGH - 7.5

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the `pyasn1` library is vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested `SEQUE...

Vendor: pip
Product: pyasn1
Published: Mar 17, 2026
Source: GitHub
CVE-2026-4148 HIGH - 8.8

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline.

Published: Mar 17, 2026
Source: NVD
CVE-2026-24901 HIGH - 8.1

Outline is a service that allows for collaborative documentation. Prior to 1.4.0, an Insecure Direct Object Reference (IDOR) vulnerability in the document restoration logic allows any team member to unauthorizedly restore, view, and seize ownership of deleted drafts belonging to other users, includi...

Vendor: outline
Product: outline
Published: Mar 17, 2026
Source: NVD
CVE-2026-23759 HIGH - 7.2

Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command does not perform proper argument sanitization and passes user-supplied parameters into an �...

Vendor: Perle Systems
Product: IOLAN STS, IOLAN SCS
Published: Mar 17, 2026
Source: NVD
CVE-2026-4318 HIGH - 8.8

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

Published: Mar 17, 2026
Source: NVD
CVE-2026-3888 HIGH - 7.8

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LT...

Published: Mar 17, 2026
Source: NVD
CVE-2026-30911 HIGH - 8.1

Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop (HITL) endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgra...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Mar 17, 2026
Source: NVD
CVE-2026-28779 HIGH - 7.5

Apache Airflow versions 3.1.0 through 3.1.7 session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url. This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing ...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Mar 17, 2026
Source: NVD
CVE-2026-26929 HIGH - 7.5

Apache Airflow versions 3.0.0 through 3.1.7 FastAPI DagVersion listing API does not apply per-DAG authorization filtering when the request is made with dag_id set to "~" (wildcard for all DAGs). As a result, version metadata of DAGs that the requester is not authorized to access is returne...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Mar 17, 2026
Source: NVD

The extension fails to properly reset the generated MFA code after successful authentication. This leads to a possible MFA bypass for future login attempts by providing an empty string as MFA code to the extensions MFA provider.

Vendor: composer
Product: ralffreit/mfa-email
Published: Mar 17, 2026
Source: NVD
CVE-2026-4258 HIGH - 7.5

All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.ecc.basicKey.publicKey(). An attacker can recover a victim's ECDH private key by sending crafted off-curve public keys and observing ECDH outputs....

Vendor: npm
Product: sjcl
Published: Mar 17, 2026
Source: NVD
CVE-2026-0708 HIGH - 8.3

A flaw was found in libucl. A remote attacker could exploit this by providing a specially crafted Universal Configuration Language (UCL) input that contains a key with an embedded null byte. This can cause a segmentation fault (SEGV fault) in the `ucl_object_emit` function when parsing and emitting ...

Published: Mar 17, 2026
Source: NVD
CVE-2026-2579 HIGH - 7.5

The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing ...

Published: Mar 17, 2026
Source: NVD
CVE-2026-4289 HIGH - 7.3

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit ...

Published: Mar 17, 2026
Source: NVD
CVE-2026-4288 HIGH - 7.3

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launche...

Published: Mar 17, 2026
Source: NVD
CVE-2026-4287 HIGH - 7.3

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be in...

Published: Mar 17, 2026
Source: NVD
CVE-2026-32813 HIGH - 8.0

Admidio is an open-source user management solution. Versions 5.0.6 and below are vulnerable to arbitrary SQL Injection through the MyList configuration feature. The MyList configuration feature lets authenticated users define custom list column layouts, storing user-supplied column names, sort direc...

Vendor: composer
Product: admidio/admidio
Published: Mar 16, 2026
Source: GitHub
CVE-2026-32756 HIGH - 8.8

Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an auth...

Vendor: composer
Product: admidio/admidio
Published: Mar 16, 2026
Source: GitHub