Total CVEs

141,272

Critical Severity

3,795

High Severity

13,729

Last 7 Days

1,855
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 13,341 - 13,360 of 37,677 CVEs
CVE-2026-42291 MEDIUM - 6.8

SysReptor is a fully customizable pentest reporting platform. From version 2026.4 to before version 2026.27, the endpoints for reading and creating sharing links for personal notes is not properly authorized. This allows authenticated attackers who obtain the note ID of victim users to list and crea...

Vendor: Syslifters
Product: sysreptor
Published: May 08, 2026
Source: NVD

pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi() cast in parse_uri(). This issue has been patched in version 1.18.5.

Vendor: pupnp
Product: pupnp
Published: May 08, 2026
Source: NVD

eml_parser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.get_raw_body_text() recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who...

Vendor: pip
Product: eml_parser
Published: May 08, 2026
Source: GitHub
CVE-2026-44843 HIGH - 8.2

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths may call load() with ...

Vendor: pip
Product: langchain-core
Published: May 08, 2026
Source: GitHub
CVE-2023-49316 HIGH - 7.5

In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively large degrees can lead to a denial of service.

Vendor: composer
Product: phpseclib/phpseclib
Published: May 08, 2026
Source: GitHub
CVE-2026-44330 CRITICAL - 10.0

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can use a forged or arbitrary bearer token (e.g. Authorizat...

Vendor: go
Product: github.com/free5gc/nef
Published: May 08, 2026
Source: GitHub
CVE-2026-44329 CRITICAL - 10.0

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, a...

Vendor: go
Product: github.com/free5gc/smf
Published: May 08, 2026
Source: GitHub
CVE-2026-44328 HIGH - 8.2

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. On top of that, the DELETE /upi/v1/upNodesLinks/{upNodeRef} handler unconditionally dereferences upNode.UPF after the type-guar...

Vendor: go
Product: github.com/free5gc/smf
Published: May 08, 2026
Source: GitHub
CVE-2026-44327 CRITICAL - 10.0

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at all and the han...

Vendor: go
Product: github.com/free5gc/nef
Published: May 08, 2026
Source: GitHub
CVE-2026-44326 CRITICAL - 9.4

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscript...

Vendor: go
Product: github.com/free5gc/nef
Published: May 08, 2026
Source: GitHub
CVE-2026-44325 HIGH - 7.5

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NRF root SBI endpoint POST /oauth2/token contains a parser-level type-confusion bug family. The handler in NFs/nrf/internal/sbi/api_accesstoken.go reflects over models.NrfAccessTokenAccessTokenReq, specia...

Vendor: go
Product: github.com/free5gc/nrf
Published: May 08, 2026
Source: GitHub
CVE-2026-44324 MEDIUM - 6.5

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscriptions handler panics on a single authenticated request against a fresh UDR instance when the supplied ueI...

Vendor: go
Product: github.com/free5gc/udr
Published: May 08, 2026
Source: GitHub
CVE-2026-44323 MEDIUM - 4.3

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscriptions handler contains a nil-pointer dereference reachable from a single authenticated request, after one...

Vendor: go
Product: github.com/free5gc/udr
Published: May 08, 2026
Source: GitHub
CVE-2026-44322 HIGH - 7.5

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF PATCH /3gpp-pfd-management/v1/{afId}/transactions/{transId}/applications/{appId} handler panics with a nil-pointer dereference when the upstream UDR call fails AND the consumer wrapper returns err != ...

Vendor: go
Product: github.com/free5gc/nef
Published: May 08, 2026
Source: GitHub
CVE-2026-44321 HIGH - 7.5

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into UpNodesFrom...

Vendor: go
Product: github.com/free5gc/smf
Published: May 08, 2026
Source: GitHub
CVE-2026-44320 HIGH - 7.3

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbitrary bearer token (e.g. Authorization: Bearer not-a-real-token) is enough to reach the SMF-call...

Vendor: go
Product: github.com/free5gc/nef
Published: May 08, 2026
Source: GitHub
CVE-2026-44319 HIGH - 7.5

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNotifier.FlushNotifications(), the notifier calls NnefPFDmanagementNotify(...) and on any delivery...

Vendor: go
Product: github.com/free5gc/nef
Published: May 08, 2026
Source: GitHub
CVE-2026-44318 MEDIUM - 6.5

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's BSF PUT /nbsf-management/v1/subscriptions/{subId} handler has an unsynchronized write on the global Subscriptions map. The handler first reads the map under RLock() via BSFContext.GetSubscription(subId), ...

Vendor: go
Product: github.com/free5gc/bsf
Published: May 08, 2026
Source: GitHub
CVE-2026-44317 MEDIUM - 6.5

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-policyauthorization/v1/app-sessions handler panics on a single authenticated request whose ascReqData.suppFeat == "1" (enabling traffic-routing feature negotiation) and whose medC...

Vendor: go
Product: github.com/free5gc/pcf
Published: May 08, 2026
Source: GitHub
CVE-2026-44316 HIGH - 7.5

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler (HandleCreateSmPolicyRequest) panics with a nil-pointer dereference when a downstream OpenAPI consumer call (UDR lookup) returns 404 Not Found and the...

Vendor: go
Product: github.com/free5gc/pcf
Published: May 08, 2026
Source: GitHub