Total CVEs

141,537

Critical Severity

3,871

High Severity

13,923

Last 7 Days

1,636
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 14,261 - 14,280 of 37,942 CVEs

The RedirectHandler middleware in microsoft/kiota-java (com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0) and other Kiota libraries fails to strip sensitive HTTP headers when following 3xx redirects to a different host or scheme. Only the Authorization header is removed; Cookie, Proxy-Authoriz...

Vendor: maven
Product: com.microsoft.kiota:microsoft-kiota-abstractions
Published: May 07, 2026
Source: GitHub
CVE-2026-41050 CRITICAL - 9.9

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitRepo`.

Vendor: go
Product: github.com/rancher/fleet
Published: May 07, 2026
Source: GitHub
CVE-2026-25705 HIGH - 8.4

A vulnerability has been identified in [Rancher's Extensions](https://ranchermanager.docs.rancher.com/integrations-in-rancher/rancher-extensions) where malicious code can be injected in Rancher through a path traversal in the `compressedEndpoint` field inside a `UIPlugin` deployment. A maliciou...

Vendor: go
Product: github.com/rancher/rancher
Published: May 07, 2026
Source: GitHub

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011.

Vendor: torproject
Product: Tor
Published: May 07, 2026
Source: NVD
CVE-2026-42597 MEDIUM - 5.9

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers. The default Chromium deny-list intentionally exempts file:///tmp/ so HTML/Markdown routes can load ...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: May 07, 2026
Source: GitHub
CVE-2026-42596 CRITICAL - 9.4

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, the default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is regex-based and case-sensitive, an unauthenticated attacker can supply URLs such as http://[::fff...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: May 07, 2026
Source: GitHub
CVE-2026-42594 HIGH - 7.5

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handler returns ErrAsyncProcess and Echo recycles the context back to its sync.Pool. When a concurrent...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: May 07, 2026
Source: GitHub
CVE-2026-42593 MEDIUM - 5.3

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, pdfengines/merge, pdfengines/split, libreoffice/convert, chromium/convert/url, chromium/convert/html, and chromium/convert/markdown accept stampSource=pdf + stampExpression=/path and watermarkSource=pdf + watermarkExpression...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: May 07, 2026
Source: GitHub
CVE-2026-42592 MEDIUM - 5.3

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when it n...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: May 07, 2026
Source: GitHub
CVE-2026-42591 HIGH - 8.2

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint (/forms/libreoffice/convert) passes uploaded documents directly to LibreOffice without inspecting their content. LibreOffice then fetches any embedded external URLs on its own, completely ...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: May 07, 2026
Source: GitHub
CVE-2026-42590 HIGH - 8.2

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: May 07, 2026
Source: GitHub
CVE-2026-42589 CRITICAL - 9.8

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg's /forms/pdfengines/metadata/write HTTP endpoint accepts a JSON metadata object and passes its keys directly to ExifTool via the go-exiftool library. No validation is performed on key characters. A \n embedded...

Vendor: go
Product: github.com/gotenberg/gotenberg/v8
Published: May 07, 2026
Source: GitHub
CVE-2026-44484 CRITICAL - 9.8

PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introduced functionality consistent with a credential harvesting mechanism.

Vendor: pip
Product: pytorch-lightning
Published: May 07, 2026
Source: GitHub
CVE-2026-42587 HIGH - 7.5

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size and prevent decompression bomb attacks. This limit is correctly enforced for gzip and deflate en...

Vendor: maven
Product: io.netty:netty-codec-http
Published: May 07, 2026
Source: GitHub
CVE-2026-42586 MEDIUM - 6.8

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the Netty Redis codec encoder (RedisEncoder) writes user-controlled string content directly to the network output buffer without validating or sanitizing CRLF (\r\n) characters. Since the R...

Vendor: maven
Product: io.netty:netty-codec-redis
Published: May 07, 2026
Source: GitHub
CVE-2026-42585 MEDIUM - 6.5

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty incorrectly parses malformed Transfer-Encoding, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.

Vendor: maven
Product: io.netty:netty-codec-http
Published: May 07, 2026
Source: GitHub
CVE-2026-42584 HIGH - 7.3

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll() once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103, th...

Vendor: maven
Product: io.netty:netty-codec-http
Published: May 07, 2026
Source: GitHub
CVE-2026-42583 HIGH - 7.5

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength (up to 32 MB per block) before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if ...

Vendor: maven
Product: io.netty:netty-codec-compression
Published: May 07, 2026
Source: GitHub
CVE-2026-42582 HIGH - 7.5

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoder#decodeHuffmanEncodedLiteral may execute new byte[length] for a string literal before verifying that length byt...

Vendor: maven
Product: io.netty:netty-codec-http3
Published: May 07, 2026
Source: GitHub
CVE-2026-42581 MEDIUM - 5.8

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both Transfer-Encoding: chunked and Content-Length, but only for HTTP/1.1 messages. The guard is absent f...

Vendor: maven
Product: io.netty:netty-codec-http
Published: May 07, 2026
Source: GitHub