Total CVEs

143,701

Critical Severity

4,088

High Severity

14,745

Last 7 Days

1,551
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,261 - 1,280 of 40,106 CVEs
CVE-2026-55431 HIGH - 7.7

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `coder open app` opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the `$SESSION_TOKEN` placeholder th...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55078 MEDIUM - 6.5

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `POST /api/v2/files` converts zip uploads to tar in memory via `CreateTarFromZip`, which enforced a per-entry size limit but no ...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55430 MEDIUM - 5.8

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the workspace app proxy resolves the target app from `httpapi.RequestHost()` which prefers the `X-Forwarded-Host` header over the real `Host` header. No middle...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55428 HIGH - 8.2

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the tailnet coordinator validates that an agent's `Addresses` derive from its authenticated UUID but applies no equivalent check to `AllowedIPs`. The coor...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55429 HIGH - 8.7

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `UpsertWorkspaceApp` overwrites an existing app's `agent_id` on a primary-key conflict and `insertAgentApp` accepts the app ID from the provisioner's...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55079 MEDIUM - 4.9

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.24.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `NewDataBuilder` in `provisionersdk/proto/dataupload.go` allocated a byte slice using the client-supplied `FileSize` from a `Dat...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55427 HIGH - 8.3

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `coder config-ssh` wrote server-supplied SSH settings (`HostnameSuffix`, `SSHConfigOptions`) into the user's `~/.ssh/config` without sanitizing embedded n...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55077 HIGH - 7.2

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the `PUT /api/v2/users/{user}/password` endpoint authorized only `ActionUpdatePersonal` and did not prevent a `user-admin` from resetting an `owner` account�...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55075 HIGH - 7.4

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, two flaws in Coder's OIDC login chained into account takeover. Email-based user matching fell back to linking by email without checking for an existing li...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55076 HIGH - 7.4

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, Coder's OIDC callback checked `email_verified` with a direct Go `bool` type assertion. When an IdP returned the claim as a non-boolean (for example the st...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-54640 HIGH - 7.6

OpenRemote has an incomplete fix for CVE-2026-40882: XXE in KNXProtocol.startAssetImport() allows arbitrary file read via unprotected XMLInputFactory

Vendor: maven
Product: io.openremote:openremote-agent
Published: Jul 06, 2026
Source: GitHub
CVE-2026-54641 HIGH - 7.7

OpenRemote has Cross-Realm User Information Disclosure in UserResourceImpl

Vendor: maven
Product: io.openremote:openremote-manager
Published: Jul 06, 2026
Source: GitHub
CVE-2026-53935 MEDIUM - 6.9

Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespace ...

Vendor: go
Product: github.com/cilium/cilium
Published: Jul 06, 2026
Source: GitHub
CVE-2026-53624 MEDIUM - 4.8

Fiber is an Express inspired web framework written in Go. Prior to 3.4.0, the helmet middleware in middleware/helmet/helmet.go never sets the Strict-Transport-Security response header even when HSTSMaxAge is configured because it checks c.Protocol() for https instead of c.Scheme(). This issue is fix...

Vendor: go
Product: github.com/gofiber/fiber
Published: Jul 06, 2026
Source: GitHub
CVE-2026-54771 HIGH - 8.1

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.3, a Langroid application exposing a chat interface to untrusted users may allow direct tool invocation via raw JSON payloads, even when tools are registered with `use=False, handle=True`. Version 0...

Vendor: pip
Product: langroid
Published: Jul 06, 2026
Source: GitHub
CVE-2026-54769 CRITICAL - 10.0

Langroid is a framework for building large-language-model-powered applications. Versions prior to 0.65.2 are vulnerable to a critical Sandbox Escape leading to Remote Code Execution (RCE) in its `TableChatAgent` and `VectorStore` capabilities. When these agents evaluate LLM-generated tool messages w...

Vendor: pip
Product: langroid
Published: Jul 06, 2026
Source: GitHub

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.1, the `SQLChatAgent` SQL-injection mitigation, with default `allow_dangerous_operations=False`, combines a raw-text regex blocklist (`_DANGEROUS_SQL_PATTERNS`) with a `sqlglot` SELECT-only statemen...

Vendor: pip
Product: langroid
Published: Jul 06, 2026
Source: GitHub

Dragonfly scheduler v1 and v2 gRPC unauthenticated SSRF via attacker-controlled PeerHost in DownloadTinyFile

Vendor: go
Product: d7y.io/dragonfly/v2
Published: Jul 06, 2026
Source: GitHub

Linuxfabrik Monitoring Plugins allow insecure creation of SQLite databases

Vendor: pip
Product: linuxfabrik-lib
Published: Jul 06, 2026
Source: GitHub
CVE-2026-53486 CRITICAL - 9.1

Decompress: Archive extraction can create files and links outside of the target directory

Vendor: npm
Product: @xhmikosr/decompress
Published: Jul 06, 2026
Source: GitHub