Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,724
Quick preset (or use dates below)
Clear Filters
Showing 11,041 - 11,060 of 14,604 CVEs
CVE-2026-3057 MEDIUM - 6.3

A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the function dateTotalForProject of the file application/common/Model/Task.php of the component Backend Interface. The manipulation of the argument projectCode results in sql injection. The attack can be launch...

Vendor: a54552239
Product: pearprojectapi
Published: Feb 24, 2026
Source: NVD
CVE-2026-3054 MEDIUM - 4.3

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this dis...

Vendor: alinto
Product: sogo
Published: Feb 24, 2026
Source: NVD
CVE-2026-27129 MEDIUM - 6.5

Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation uses `gethostbyname()`, which only resolves IPv4 addresses. When a hostname has only AAAA (IPv6) records, the function returns the...

Vendor: craftcms
Product: cms
Published: Feb 24, 2026
Source: NVD
CVE-2026-26983 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid `<map>` element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-26981 MEDIUM - 6.5

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow (OOB read) occurs in the `istream_nonparallel_read` function in `ImfContext...

Vendor: AcademySoftwareFoundation
Product: openexr
Published: Feb 24, 2026
Source: NVD
CVE-2026-26284 MEDIUM - 6.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD (Photo CD) files. The decoder contains an function that has an incorrect ini...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-26283 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a `continue` statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger a...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-26066 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT`. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2025-11848 MEDIUM - 4.9

A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-se...

Vendor: Zyxel
Product: VMG3625-T50B firmware, WX3100-T0 firmware
Published: Feb 24, 2026
Source: NVD
CVE-2025-11847 MEDIUM - 4.9

A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL.4.8)C0 could allow an authenticated attacker with administrator privileges to trigger a denial-of-s...

Vendor: Zyxel
Product: VMG3625-T50B firmware, WX3100-T0 firmware
Published: Feb 24, 2026
Source: NVD
CVE-2026-3052 MEDIUM - 6.3

A vulnerability was found in DataLinkDC dinky up to 1.2.5. The impacted element is the function proxyUba of the file dinky-admin/src/main/java/org/dinky/controller/FlinkProxyController.java of the component Flink Proxy Controller. Performing a manipulation results in server-side request forgery. It ...

Vendor: dinky
Product: dinky
Published: Feb 24, 2026
Source: NVD
CVE-2026-25988 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-40 c...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25987 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory disclo...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25986 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability exists in ReadYUVImage() (coders/yuv.c) when processing malicious YUV 4:2:2 (NoInterlace) images. The pixel-pair loop wr...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25983 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25982 MEDIUM - 6.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the `coders/dcm.c` module. When processing DICOM files with a specific configuration, the decoder loop incorrectl...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25971 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs, leading to a stack overflow. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25970 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25969 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure. However, when an exception is thrown, the allocated memory is not properly released, res...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25966 MEDIUM - 5.9

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd:<n> pseudo-filenames (e.g., fd:0, fd:1)...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD