Total CVEs

143,701

Critical Severity

4,088

High Severity

14,745

Last 7 Days

1,552
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,221 - 1,240 of 40,106 CVEs
CVE-2026-59713 HIGH - 8.1

Leantime contains an OIDC login CSRF vulnerability in the verifyState() method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the attack...

Vendor: Leantime
Product: Leantime
Published: Jul 06, 2026
Source: NVD
CVE-2026-59712 HIGH - 8.1

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to ...

Vendor: Leantime
Product: Leantime
Published: Jul 06, 2026
Source: NVD
CVE-2026-59711 MEDIUM - 6.1

showdown contains a cross-site scripting vulnerability in metadata title handling that allows attackers to inject arbitrary HTML and JavaScript. When completeHTMLDocument option is enabled, unescaped less-than and greater-than characters in markdown frontmatter metadata are inserted directly into HT...

Vendor: showdown
Product: showdown
Published: Jul 06, 2026
Source: NVD
CVE-2026-57573 HIGH - 8.6

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server applied its SSRF destination check on the non-streaming /crawl path but not on the streaming path. handle_stream_crawl_request passed seed URLs straight to the crawler with no destination validatio...

Vendor: unclecode
Product: crawl4ai
Published: Jul 06, 2026
Source: NVD
CVE-2026-57572 CRITICAL - 10.0

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browser_config.extra_args, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command toget...

Vendor: unclecode
Product: crawl4ai
Published: Jul 06, 2026
Source: NVD
CVE-2026-57571 CRITICAL - 9.6

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, when the crawler saves a downloaded file, the destination filename was taken from attacker-influenced input and joined to the downloads directory with no confinement. A filename containing an absolute path or traversal ...

Vendor: unclecode
Product: crawl4ai
Published: Jul 06, 2026
Source: NVD
CVE-2026-55727 HIGH - 7.5

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams.

Vendor: Genetec Inc.
Product: Genetec Security Center
Published: Jul 06, 2026
Source: NVD
CVE-2026-55574 HIGH - 7.5

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, the structured_outputs.regex API parameter passes a user-supplied regular expression string directly to the grammar compiler backends with no compilation timeout; in the xgrammar backend the string...

Vendor: vllm-project
Product: vllm
Published: Jul 06, 2026
Source: NVD
CVE-2026-55514 MEDIUM - 6.5

vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/completions request with a model using M-RoPE causes EngineCore to fail an assertion and fatally crash, shutting down the entire server application. Any remote user who is aut...

Vendor: vllm-project
Product: vllm
Published: Jul 06, 2026
Source: NVD
CVE-2026-54765 HIGH - 8.5

Traefik is an open source HTTP reverse proxy and load balancer. From v3.7.0 prior to v3.7.6, Traefik's Kubernetes Gateway API provider may resolve two accepted HTTPRoutes that target the same backend Service:port but configure different backendRef filters to the same child service and apply onl...

Vendor: traefik
Product: traefik
Published: Jul 06, 2026
Source: NVD
CVE-2026-54764 MEDIUM - 5.8

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of...

Vendor: traefik
Product: traefik
Published: Jul 06, 2026
Source: NVD
CVE-2026-54763 CRITICAL - 10.0

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's BasicAuth, DigestAuth, and ForwardAuth middlewares strip canonical-cased spoofed identity headers before writing Traefik's own value, but do not account for underscore-variant header names...

Vendor: traefik
Product: traefik
Published: Jul 06, 2026
Source: NVD

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-54637. Reason: This candidate is a duplicate of CVE-2026-54637. Notes: All CVE users should reference CVE-2026-54637 instead of this candidate.

Published: Jul 06, 2026
Source: NVD
CVE-2026-54234 HIGH - 7.5

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, a frontend-legal multi-request speculative decoding workload can cause the rejection sampler to produce a recovered token equal to the model vocabulary size boundary value, which is then converted ...

Vendor: vllm-project
Product: vllm
Published: Jul 06, 2026
Source: NVD
CVE-2026-48267 MEDIUM - 5.5

DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires...

Vendor: Adobe
Product: DNG SDK
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have an unauthenticated payment bypass vulnerability in FOSSBilling's IPN callback endpoint. When the Custom payment adapter is enabled, an attacker can mark any unpaid invoice as paid and cred...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Guest API invoice/update endpoint is missing an authorization check present in other invoice-related endpoints, allowing an unauthenticated user with knowledge of an invoice hash to modify the paymen...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD
CVE-2026-34038 CRITICAL - 9.9

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling allows users with application write permissions to achieve remote code execution and...

Vendor: coollabsio
Product: coolify
Published: Jul 06, 2026
Source: NVD

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a SQL injection vulnerability in the `Massmailer` module filter functionality. An authenticated administrator can supply crafted filter values when updating a mass email message, causing untrus...

Vendor: FOSSBilling
Product: FOSSBilling
Published: Jul 06, 2026
Source: NVD
CVE-2026-25271 HIGH - 7.8

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use.

Vendor: Qualcomm, Inc.
Product: Snapdragon
Published: Jul 06, 2026
Source: NVD