Total CVEs

143,793

Critical Severity

4,093

High Severity

14,778

Last 7 Days

1,529
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 12,421 - 12,440 of 40,198 CVEs
CVE-2026-44749 MEDIUM - 4.3

The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts (e.g., regex patterns) and revealing underlying URI parsing logic. Leading to low impact on confidentiality. Integrity and availability are unaffected.

Vendor: SAP_SE
Product: SAP Gateway
Published: May 26, 2026
Source: NVD
CVE-2026-44730 HIGH - 7.2

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.7, an organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization. This is due to incorrect ACL on u...

Vendor: OpenCTI-Platform
Product: opencti
Published: May 26, 2026
Source: NVD
CVE-2026-44707 MEDIUM - 6.8

Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover (Pre-ATO) vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enforced before an account became usable, an attacker could pre-register an email address they did ...

Vendor: chatwoot
Product: chatwoot
Published: May 26, 2026
Source: NVD
CVE-2026-44706 HIGH - 8.5

Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the is_greater_than or is_less_than operators, user-supplied values in the values ...

Vendor: chatwoot
Product: chatwoot
Published: May 26, 2026
Source: NVD
CVE-2026-44669 HIGH - 8.7

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into HTML/attribute contexts wit...

Vendor: factionsecurity
Product: faction
Published: May 26, 2026
Source: NVD
CVE-2026-44668 CRITICAL - 9.8

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke() without checking for a valid session. Four action methods in BoilerPlateConfig perform no local ...

Vendor: factionsecurity
Product: faction
Published: May 26, 2026
Source: NVD
CVE-2026-44667 HIGH - 8.7

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then rendered into HTML and attri...

Vendor: factionsecurity
Product: faction
Published: May 26, 2026
Source: NVD
CVE-2026-24201 MEDIUM - 5.8

NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause an out-of-bound access. A successful exploit of this vulnerability might lead to data tampering, denial of service, or information disclosure.

Vendor: NVIDIA
Product: Virtual GPU Manager
Published: May 26, 2026
Source: NVD
CVE-2026-24200 HIGH - 7.0

NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause a use-after-free for stack memory. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.

Vendor: NVIDIA
Product: Virtual GPU Manager
Published: May 26, 2026
Source: NVD
CVE-2026-24199 MEDIUM - 4.7

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla, Guest driver, Virtual GPU Manager
Published: May 26, 2026
Source: NVD
CVE-2026-24198 MEDIUM - 5.6

NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of servi...

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla
Published: May 26, 2026
Source: NVD
CVE-2026-24197 MEDIUM - 6.5

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnera...

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla, Virtual GPU Manager
Published: May 26, 2026
Source: NVD
CVE-2026-24196 HIGH - 7.1

NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure.

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla, Guest driver
Published: May 26, 2026
Source: NVD
CVE-2026-24195 HIGH - 7.1

NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service.

Vendor: NVIDIA
Product: Guest driver
Published: May 26, 2026
Source: NVD
CVE-2026-24194 HIGH - 7.8

NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execu...

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla, Guest driver
Published: May 26, 2026
Source: NVD
CVE-2026-24193 HIGH - 7.8

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla
Published: May 26, 2026
Source: NVD
CVE-2026-24192 HIGH - 7.8

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data ...

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla, Virtual GPU Manager
Published: May 26, 2026
Source: NVD
CVE-2026-24191 HIGH - 7.8

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla, Guest driver, Virtual GPU Manager
Published: May 26, 2026
Source: NVD
CVE-2026-24190 HIGH - 7.8

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and ...

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla
Published: May 26, 2026
Source: NVD
CVE-2026-24187 HIGH - 8.8

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.

Vendor: NVIDIA
Product: GeForce, RTX, Quadro, NVS, Tesla, Guest driver, Virtual GPU Manager
Published: May 26, 2026
Source: NVD