Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,921
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 11,301 - 11,320 of 38,432 CVEs
CVE-2026-46678 MEDIUM - 6.8

Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

Vendor: pip
Product: pydantic-ai
Published: May 21, 2026
Source: GitHub
CVE-2026-46671 MEDIUM - 4.4

Rust OneNote File Parser: Path traversal in `Parser::parse_notebook` allows reading files outside the notebook directory

Vendor: rust
Product: onenote_parser
Published: May 21, 2026
Source: GitHub
CVE-2026-46645 MEDIUM - 4.3

SQLAdmin is a flexible Admin interface for SQLAlchemy models. Prior to version 0.25.1, the ajax_lookup endpoint in application.py bypasses the is_accessible() access control check that all other endpoints enforce. If a developer restricts model access by overriding is_accessible(), an authenticated ...

Vendor: pip
Product: sqladmin
Published: May 21, 2026
Source: GitHub

Twig: Arbitrary PHP code execution via `_self.(<string>)` macro-reference compilation

Vendor: composer
Product: twig/twig
Published: May 21, 2026
Source: GitHub

Twig: Sandbox property and method bypass via object-destructuring assignment

Vendor: composer
Product: twig/twig
Published: May 21, 2026
Source: GitHub

Twig: `{% sandbox %}{% include %}` skips checkSecurity() on cached templates (incomplete fix for CVE-2024-45411)

Vendor: composer
Product: twig/twig
Published: May 21, 2026
Source: GitHub

Twig: HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']`

Vendor: composer
Product: twig/markdown-extra
Published: May 21, 2026
Source: GitHub

Twig: Sandbox property allowlist bypass via the `column` filter (array_column on objects)

Vendor: composer
Product: twig/twig
Published: May 21, 2026
Source: GitHub

Twig: `template_from_string()` escapes a SourcePolicy-driven sandbox via synthesized template name

Vendor: composer
Product: twig/twig
Published: May 21, 2026
Source: GitHub

Twig: PHP code injection via `{% use %}` template name

Vendor: composer
Product: twig/twig
Published: May 21, 2026
Source: GitHub

twig/intl-extra: Unbounded formatter memoisation in keyed on template-controlled arguments

Vendor: composer
Product: twig/intl-extra
Published: May 21, 2026
Source: GitHub

Twig: The `spaceless` filter implicitly marks its output as safe

Vendor: composer
Product: twig/twig
Published: May 21, 2026
Source: GitHub
CVE-2026-46625 HIGH - 7.5

JavaScript Cookie is a JavaScript API for handling cookies, client-side. Prior to version 3.0.7, js-cookie's internal assign() helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object's "__proto__" member is an o...

Vendor: npm
Product: js-cookie
Published: May 21, 2026
Source: GitHub
CVE-2026-8428 HIGH - 8.8

Concrete CMS 9.5.0 and below emits a CSRF token in the local_available_update.php view ($token->output('do_update')) but the corresponding do_update() method in concrete/controllers/single_page/dashboard/system/update/update.php never calls $this->token->validate('do_update&#...

Vendor: concretecms
Product: concrete_cms
Published: May 21, 2026
Source: NVD
CVE-2026-8426 HIGH - 8.8

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepare_remote_upgrade/<remoteMPID>. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgra...

Vendor: concretecms
Product: concrete_cms
Published: May 21, 2026
Source: NVD
CVE-2026-8421 HIGH - 8.8

Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install_package() method of concrete/controllers/single_page/dashboard/extend/install.php.  An attacker who can cause an authenticated administrator to visit a crafted page,  and who has placed or caused a package to be present under ...

Vendor: concretecms
Product: concrete_cms
Published: May 21, 2026
Source: NVD
CVE-2026-8417 HIGH - 8.8

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/do_update/<pkgHandle>. The do_update() method in concrete/controllers/single_page/dashboard/extend/update.php checks only canInstallPackages() before executing upgradeCoreData() a...

Vendor: concretecms
Product: concrete_cms
Published: May 21, 2026
Source: NVD

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

Published: May 21, 2026
Source: NVD
CVE-2026-8350 HIGH - 8.8

Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access to the bulk user assignment dashboard page can add any user email to any group and can remove legitim...

Vendor: concretecms
Product: concrete_cms
Published: May 21, 2026
Source: NVD
CVE-2026-8205 MEDIUM - 5.3

Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in the Calendar Block since action_get_events does not check canView on the calendar which results in restricted event details being disclosed. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3 with vec...

Vendor: concretecms
Product: concrete_cms
Published: May 21, 2026
Source: NVD