Total CVEs

141,272

Critical Severity

3,795

High Severity

13,729

Last 7 Days

1,898
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 12,801 - 12,820 of 37,677 CVEs
CVE-2026-43912 HIGH - 8.7

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a groups_users.users_organizations_uuid entry belongs to the same organization as groups.groups_uuid, or a collections_groups.collections_uuid entry belongs to the same organization as co...

Vendor: dani-garcia
Product: vaultwarden
Published: May 11, 2026
Source: NVD
CVE-2026-43911 MEDIUM - 6.8

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, refresh tokens are not invalidated when the user's security_stamp is rotated by some security-sensitive operations (password change, KDF change, key rotation, email change, org admin password reset, emergency access ...

Vendor: dani-garcia
Product: vaultwarden
Published: May 11, 2026
Source: NVD
CVE-2026-43900 CRITICAL - 9.3

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, a Cross-Site Scripting (XSS) vulnerability exists due to a discrepancy between the backend validation layer and the frontend browser rendering engine. The SVGSanitizer (s...

Vendor: ThinkInAIXYZ
Product: deepchat
Published: May 11, 2026
Source: NVD
CVE-2026-43899 CRITICAL - 9.6

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulnerable to an arbitrary protocol execution bypass (RCE). While the patch correctly restricted api.openExter...

Vendor: ThinkInAIXYZ
Product: deepchat
Published: May 11, 2026
Source: NVD
CVE-2026-34963 HIGH - 8.4

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section load...

Vendor: barebox
Product: barebox
Published: May 11, 2026
Source: NVD
CVE-2026-34962 MEDIUM - 6.2

barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4_common.c where the ext4fs_iterate_dir() function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a cr...

Vendor: barebox
Product: barebox
Published: May 11, 2026
Source: NVD
CVE-2026-8344 MEDIUM - 6.3

A weakness has been identified in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this vulnerability is the function sub_445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the p...

Vendor: dlink
Product: dir-816_firmware
Published: May 11, 2026
Source: NVD
CVE-2026-7010 MEDIUM - 6.5

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the `Host:` header, and HTTP/1.1 control data field values. An attacker who controls one...

Published: May 11, 2026
Source: NVD
CVE-2026-44695 MEDIUM - 5.8

Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /auth/slack.post accepts an unsigned, session-independent OAuth state value. A third party who can obtain a Slack OAuth code for the same Outline Slack client can make a logged-in...

Vendor: outline
Product: outline
Published: May 11, 2026
Source: NVD
CVE-2026-43890 HIGH - 7.7

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route hand...

Vendor: outline
Product: outline
Published: May 11, 2026
Source: NVD
CVE-2026-43889 MEDIUM - 6.5

Outline is a service that allows for collaborative documentation. Prior to 1.7.0, the shares.create API accepts both collectionId and documentId simultaneously and, when published=false, only verifies read access for each—skipping the "share" permission check. A subsequent shares.update au...

Vendor: outline
Product: outline
Published: May 11, 2026
Source: NVD
CVE-2026-43888 HIGH - 8.7

Outline is a service that allows for collaborative documentation. Prior to 1.7.0, ZipHelper.extract computes the extraction path for each entry by passing a full filesystem path through trimFileAndExt, a filename helper that calls path.basename on its input when truncating. When a zip entry's n...

Vendor: outline
Product: outline
Published: May 11, 2026
Source: NVD
CVE-2026-43887 HIGH - 7.3

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.6.1, the Outline comment section permits users to mention other users; however, the backend does not validate or sanitize the href attribute associated with these mentions. As a result, potentially dangerous protocols...

Vendor: outline
Product: outline
Published: May 11, 2026
Source: NVD
CVE-2026-43886 HIGH - 8.2

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.6.1, a logic error in OAuthInterface.validateScope() uses Array.some() to validate requested OAuth scopes, causing the function to accept the entire scope array if any single scope is valid. An attacker can smuggle th...

Vendor: outline
Product: outline
Published: May 11, 2026
Source: NVD
CVE-2026-42564 HIGH - 8.2

jotty·page is a self-hosted app for your checklists and notes. Prior to 1.22.0, an unauthenticated path traversal vulnerability exists in /api/app-icons/[filename]. The filename route parameter is joined into a filesystem path without traversal/boundary validation, allowing file reads outside data/u...

Vendor: fccview
Product: jotty
Published: May 11, 2026
Source: NVD
CVE-2026-42046 HIGH - 7.8

libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write (heap overflow) by supplying a crafted file in the "caca" format. Depending o...

Vendor: cacalabs
Product: libcaca
Published: May 11, 2026
Source: NVD
CVE-2026-34961 MEDIUM - 6.2

barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the eh_entries field against buffer capacity in fs/ext4/ext4_common.c. Attackers can supply a malicious ext4 filesystem image via USB, SD card, or network boot to trigge...

Vendor: barebox
Product: barebox
Published: May 11, 2026
Source: NVD
CVE-2026-34960 MEDIUM - 6.5

barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcp_message_type() function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK...

Vendor: barebox
Product: barebox
Published: May 11, 2026
Source: NVD
CVE-2026-45046 MEDIUM - 5.5

Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive file-...

Vendor: go
Product: github.com/safedep/gryph
Published: May 11, 2026
Source: GitHub
CVE-2026-43668 HIGH - 7.5

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected ...

Vendor: Apple
Product: iOS and iPadOS, macOS, tvOS, visionOS, watchOS
Published: May 11, 2026
Source: NVD