Total CVEs

143,745

Critical Severity

4,091

High Severity

14,757

Last 7 Days

1,550
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,161 - 1,180 of 40,150 CVEs
CVE-2026-53481 CRITICAL - 9.8

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory ('Path Trav...

Vendor: Dell
Product: PowerProtect Data Domain
Published: Jul 07, 2026
Source: NVD
CVE-2026-10659 MEDIUM - 4.7

The Dhara flash translation layer disk driver (drivers/disk/ftl_dhara.c) implemented the dhara_nand_ callbacks so that, on a flash error, the error code was written unconditionally through the caller-supplied dhara_error_t err pointer (e.g. *err = DHARA_E_ECC in dhara_nand_read, and similar in dhara...

Vendor: zephyrproject
Product: zephyr
Published: Jul 07, 2026
Source: NVD
CVE-2026-45016 MEDIUM - 6.5

EGroupware Vulnerable to Local File Inclusion via file:// URI in Mail Compose

Vendor: composer
Product: egroupware/egroupware
Published: Jul 07, 2026
Source: GitHub
CVE-2026-44512 MEDIUM - 5.5

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.version_converter.convert_version() can dereference a null pointer in Upsample_6_7::adapt_upsample_6_7() in onnx/version_converter/adapters/upsample_6_7.h when processing an ...

Vendor: pip
Product: onnx
Published: Jul 07, 2026
Source: GitHub
CVE-2026-44342 MEDIUM - 5.3

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0-alpha.1, the email and WeChat account binding endpoints GET /api/oauth/email/bind and GET /api/oauth/wechat/bind used GET requests for state-changing account operations, allowing ...

Vendor: go
Product: github.com/QuantumNous/new-api
Published: Jul 07, 2026
Source: GitHub

EGroupware has Authenticated RCE via Malicious eTemplate Upload

Vendor: composer
Product: egroupware/egroupware
Published: Jul 07, 2026
Source: GitHub

XWiki Platform Old Core: Resource path traversal via /skin/ action endpoint in Jetty 12+

Vendor: maven
Product: org.xwiki.platform:xwiki-platform-oldcore
Published: Jul 07, 2026
Source: GitHub
CVE-2026-33655 HIGH - 7.7

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0-alpha.1, the default SSRF protection configuration did not apply IP filtering to hostnames; with ApplyIPFilterForDomain disabled by default, URL validation checked domain allow/bl...

Vendor: go
Product: github.com/QuantumNous/new-api
Published: Jul 07, 2026
Source: GitHub

EGroupware has a Remote Code Execution Vulnerability

Vendor: composer
Product: egroupware/egroupware
Published: Jul 07, 2026
Source: GitHub
CVE-2026-13696 HIGH - 8.8

Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in HAVELSAN Inc. Liman MYS allows LDAP Injection. This issue affects Liman MYS: before release.Master.1107.

Vendor: HAVELSAN Inc.
Product: Liman MYS
Published: Jul 07, 2026
Source: NVD
CVE-2026-11348 HIGH - 8.1

Improper verification of cryptographic signature vulnerability in HAVELSAN Inc. Liman MYS allows Fake the Source of Data. This issue affects Liman MYS: before release.Master.1107.

Vendor: HAVELSAN Inc.
Product: Liman MYS
Published: Jul 07, 2026
Source: NVD
CVE-2011-10043 CRITICAL - 9.8

Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded. Module names starting with "::" could be passed to the load function to specify arbitrary module paths. Attackers able to influence module names passed to load could use that bug to execute a...

Vendor: BINGOS
Product: Module::Load
Published: Jul 07, 2026
Source: NVD
CVE-2026-11340 HIGH - 8.3

Missing Authorization vulnerability in HAVELSAN Inc. Liman MYS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Liman MYS: before release.Master.1107.

Vendor: HAVELSAN Inc.
Product: Liman MYS
Published: Jul 07, 2026
Source: NVD
CVE-2026-49487 MEDIUM - 6.5

In Apache Airflow before 3.3.0, the REST API task-instance detail and list endpoints returned a deferred task's trigger kwargs without masking. When a deferred operator passed a secret (for example a provider API key) into its trigger, any authenticated user with DAG-scoped task-instance read a...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Jul 07, 2026
Source: NVD
CVE-2026-49296 MEDIUM - 6.5

Before apache-airflow 3.3.0, a user authorized to read one Dag could disclose the source of other Dags co-located in the same source file. `GET /api/v2/dagSources/{dag_id}` โ€” and the equivalent Dag-source view in the UI โ€” returned the entire source file without redacting Dags the caller was not auth...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Jul 07, 2026
Source: NVD
CVE-2026-48892 MEDIUM - 6.5

The Config API in Apache Airflow surfaced per-key secrets-backend overrides (environment variables like `AIRFLOW__SECRETS__BACKEND_KWARG__SECRET_ID` and `AIRFLOW__WORKERS__SECRETS_BACKEND_KWARG__SECRET_ID`) as synthetic config options whose option names were not in `sensitive_config_values`, so the ...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Jul 07, 2026
Source: NVD
CVE-2026-48891 MEDIUM - 4.3

A bug in Apache Airflow's `/ui/dependencies` scheduling graph endpoint applied the caller's readable-Dag filter to the top-level serialized Dag key but still emitted referenced Dag IDs through the `dep.source` and `dep.target` fields of trigger / sensor dependency entries. An authenticated...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Jul 07, 2026
Source: NVD
CVE-2026-48828 MEDIUM - 6.5

The Bulk Variables API in Apache Airflow called the redactor without passing the variable's key, so the key-based `should_hide_value_for_key` check (which triggers on secret-suffixed key names like `*_password` / `*_token` / `*_secret`) could not fire for JSON-decodable variable values. An auth...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Jul 07, 2026
Source: NVD
CVE-2026-33264 CRITICAL - 9.8

A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker-controlled class paths when the Scheduler / API Server loaded a serialized DAG: a DAG author could embed a malicious trigger into a DAG to gain remote code execution on the API Server / Scheduler process, c...

Vendor: Apache Software Foundation
Product: Apache Airflow
Published: Jul 07, 2026
Source: NVD
CVE-2026-14868 MEDIUM - 5.5

The encryption algorithm used to protect the configuration of user accounts, stored in the built-in user directory of PcVue projects, allย versions prior to 17.0.0, is not strong enough for the level of protection required. A local attacker could alter the existing configuration and ultimately gain p...

Vendor: arcinfo
Product: PcVue
Published: Jul 07, 2026
Source: NVD