Total CVEs

143,208

Critical Severity

4,054

High Severity

14,598

Last 7 Days

1,280
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 81 - 100 of 1,570 CVEs

Kiwi TCMS's /init-db/ page renders and responds to requests after first use

Vendor: pip
Product: kiwitcms
Published: Jul 02, 2026
Source: GitHub

Dragonfly Manager OAuth provider client_secret disclosure via unauthenticated GET /api/v1/oauth

Vendor: go
Product: d7y.io/dragonfly/v2
Published: Jul 02, 2026
Source: GitHub

SFTPGo has stored XSS via inline parameter on public shares and user file download

Vendor: go
Product: github.com/drakkan/sftpgo/v2
Published: Jul 02, 2026
Source: GitHub

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl (tls_gen_connection module) allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. Th...

Vendor: Erlang
Product: OTP
Published: Jul 02, 2026
Source: NVD

The Adminify WordPress plugin before 4.2.10 does not perform per-user read-capability checks on the results returned by one of its administration search features, allowing users with a low-privilege role (Contributor) to disclose non-public content that WordPress would not otherwise expose to them,...

Vendor: Unknown
Product: Adminify
Published: Jul 02, 2026
Source: NVD

The Fluent Forms WordPress plugin before 6.2.5 does not properly restrict the deletion of form submission entries to the forms a restricted Manager is authorized to manage, allowing a Manager limited to specific forms to permanently delete submission entries belonging to other forms. This requires ...

Vendor: Unknown
Product: Fluent Forms
Published: Jul 02, 2026
Source: NVD

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, an authenticated admin user can trigger expensive rendition processing with purposefully crafted filter specs resulting in potentially service degradation. The vulnerability is not explo...

Vendor: torchbox
Product: wagtail
Published: Jul 01, 2026
Source: NVD

oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens

Vendor: go
Product: oras.land/oras-go/v2
Published: Jul 01, 2026
Source: GitHub

CrateDB's Blob HTTP handler bypasses authorization

Vendor: maven
Product: io.crate:crate
Published: Jul 01, 2026
Source: GitHub

Concourse login flow has an open redirect issue

Vendor: go
Product: github.com/concourse/concourse
Published: Jul 01, 2026
Source: GitHub
CVE-2026-8387 LOW - 2.4

A vulnerability in allegroai/clearml versions up to and including 1.16.5 allows for relative path traversal when extracting `.zip` archives using the `ZipFile.extractall()` method in `StorageManager._extract_to_cache()`. This issue arises due to the lack of path traversal validation, enabling an att...

Published: Jul 01, 2026
Source: NVD

The Fluent Forms WordPress plugin before 6.2.1 does not properly verify ownership before processing a subscription cancellation request, allowing authenticated users with a low-privilege account to cancel subscriptions belonging to other users.

Vendor: Unknown
Product: Fluent Forms
Published: Jul 01, 2026
Source: NVD

UltraVNC repeater through 1.8.2.2 contains an off-by-one error in the Base64 decode helper used for HTTP Basic authentication. In repeater/webgui/webutils.c:817, the wi_uudecode() function checks whether the input length exceeds the output buffer with a strict greater-than comparison (>), while t...

Vendor: uvnc
Product: UltraVNC
Published: Jul 01, 2026
Source: NVD

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries.

Vendor: ImageMagick
Product: ImageMagick
Published: Jun 30, 2026
Source: NVD

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images.

Vendor: ImageMagick
Product: ImageMagick
Published: Jun 30, 2026
Source: NVD

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.

Vendor: ImageMagick
Product: ImageMagick
Published: Jun 30, 2026
Source: NVD

ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and...

Vendor: ImageMagick
Product: ImageMagick
Published: Jun 30, 2026
Source: NVD

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash.

Vendor: ImageMagick
Product: ImageMagick
Published: Jun 30, 2026
Source: NVD

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations.

Vendor: ImageMagick
Product: ImageMagick
Published: Jun 30, 2026
Source: NVD

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dump(obj, io) and JSON::State#generate(obj, io) can write past the internal JSON gener...

Vendor: ruby
Product: json
Published: Jun 30, 2026
Source: NVD