Total CVEs

145,909

Critical Severity

4,292

High Severity

15,777

Last 7 Days

2,186
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 14,421 - 14,440 of 42,314 CVEs
CVE-2026-44739 HIGH - 8.7

Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 (LTS) and 12.3.6, the columnConfigAction endpoint in bundles/CustomReportsBundle/src/Controller/Reports/CustomReportController.php passes malicious SQL configuration through CustomReportController:columnConfigActio...

Vendor: composer
Product: pimcore/pimcore
Published: May 27, 2026
Source: GitHub
CVE-2026-44705 HIGH - 8.2

tmp is a temporary file and directory creator for node.js. Prior to 0.2.6, the tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix, or dir options. By embedding traversal sequences (e.g., ../...

Vendor: npm
Product: tmp
Published: May 27, 2026
Source: GitHub
CVE-2026-44646 MEDIUM - 5.3

LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, Context.spawn() creates a child Context for the {% render %} tag but does not propagate the parent context's resolved ownPropertyOnly value, resulting in a silent bypass. The...

Vendor: npm
Product: liquidjs
Published: May 27, 2026
Source: GitHub
CVE-2026-9607 MEDIUM - 6.3

A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcel_list.php. Performing a manipulation of the argument s results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public an...

Published: May 27, 2026
Source: NVD
CVE-2026-9606 HIGH - 7.3

A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /manage_user.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be us...

Published: May 27, 2026
Source: NVD
CVE-2026-9605 HIGH - 7.3

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be u...

Published: May 27, 2026
Source: NVD
CVE-2026-9312 HIGH - 8.2

A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insufficient input validation in an upload endpoint. By injecting path traversal content into request par...

Vendor: github
Product: enterprise_server
Published: May 27, 2026
Source: NVD
CVE-2026-8606 MEDIUM - 5.9

A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security advisories package lookup feature. By directing requests to an internal management service and measu...

Vendor: github
Product: enterprise_server
Published: May 27, 2026
Source: NVD
CVE-2026-44645 MEDIUM - 6.5

LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the renderLimit option can be fully bypassed by a {% for %} (or {% tablerow %}) tag whose body is empty. The renderLimit option is documented in docs/source/tutorials/dos.md as th...

Vendor: npm
Product: liquidjs
Published: May 27, 2026
Source: GitHub
CVE-2026-44644 MEDIUM - 6.1

LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. Versions 10.25.7 and below are vulnerable to XSS through a flaw in the strip_html filter logic. The strip_html filter is intended to remove HTML tags from a string before rendering, and is widely used as an XSS...

Vendor: npm
Product: liquidjs
Published: May 27, 2026
Source: GitHub
CVE-2026-44632 CRITICAL - 9.1

Yamcs is a mission control framework. Prior to 5.12.7, a server-side code injection vulnerability existed in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory, which dynamically compiled and evaluated user-controlled algorithm text through the Janino compil...

Vendor: maven
Product: org.yamcs:yamcs-core
Published: May 27, 2026
Source: GitHub
CVE-2026-44596 MEDIUM - 6.5

Yamcs is a mission control framework. Prior to 5.12.7, the authentication endpoint POST /auth/token in yamcs-core, handled by yamcs-core/src/main/java/org/yamcs/http/auth/AuthHandler.java, lacked any rate limiting, account lockout, or failed-attempt throttling, so an unauthenticated remote attacker ...

Vendor: maven
Product: org.yamcs:yamcs-core
Published: May 27, 2026
Source: GitHub
CVE-2026-44595 MEDIUM - 4.3

Yamcs is a mission control framework. Prior to 5.12.7, the IAM API endpoints listUsers, getUser, listGroups, and getGroup in yamcs-core did not enforce the required SystemPrivilege.ControlAccess check in yamcs-core/src/main/java/org/yamcs/http/api/IamApi.java, so any authenticated user, even one wit...

Vendor: maven
Product: org.yamcs:yamcs-core
Published: May 27, 2026
Source: GitHub
CVE-2026-44587 MEDIUM - 4.7

CarrierWave is a framework to upload files from Ruby applications. In versions prior to 2.2.7 and 3.1.3, the content_type_denylist check fails to escape regex metacharacters in string entries, causing the denylist to silently not match the content types it is intended to block. In lib/carrierwave/up...

Vendor: rubygems
Product: carrierwave
Published: May 27, 2026
Source: GitHub

Kata Containers have VM Escape via virtiofsd Argument Injection through Default-Enabled Pod Annotations

Vendor: go
Product: github.com/kata-containers/kata-containers
Published: May 26, 2026
Source: GitHub

Kirby is an open-source content management system. In versions 5.3.0 and above but prior to 5.4.1, Kirby did not correctly validate the provided user ID, resulting in a path traversal vulnerability. Version 5.3.0 introduced a performance improvement to the Users collection that loaded user objects l...

Vendor: composer
Product: getkirby/cms
Published: May 26, 2026
Source: GitHub

Kirby is an open-source content management system. Versions prior to 4.9.1 and 5.4.1 do not check the `pages.access` permission during page draft rendering. Permissions are defined for each user role in the user blueprint (site/blueprints/users/...). It is also possible to customize the permissions...

Vendor: composer
Product: getkirby/cms
Published: May 26, 2026
Source: GitHub

Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, Kirby did not securely sanitize the contents of the list field on save, leaving it vulnerable to cross-site scripting (XSS). Kirby's list field stores its formatted content as HTML, and unlike other field t...

Vendor: composer
Product: getkirby/cms
Published: May 26, 2026
Source: GitHub

Kirby is an open-source content management system. Prior to 4.9.1 and 5.4.1, Kirby did not validate the model attributes that were used in its collection queries, allowing attackers to include arbitrary model methods in their queries. This includes methods with sensitive data such as password() (dis...

Vendor: composer
Product: getkirby/cms
Published: May 26, 2026
Source: GitHub

FUXA Vulnerable to Unauthenticated Remote Code Execution via Script Test Mode Authorization Bypass

Vendor: npm
Product: fuxa-server
Published: May 26, 2026
Source: GitHub