Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,726
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 15,381 - 15,400 of 38,432 CVEs

Twenty is an open source CRM built with NestJS (Node.js). In versions 1.18.0 and earlier, the SSRF protection in twenty-server's SecureHttpClientService can be bypassed using IPv4-mapped IPv6 addresses in URL IP literals. Node.js's URL parser normalizes IPv4-mapped IPv6 addresses to compre...

Vendor: twentyhq
Product: twenty
Published: May 05, 2026
Source: NVD
CVE-2026-33420 MEDIUM - 5.3

Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the get_org_collections_details endpoint (GET /api/organizations/{org_id}/collections/details) is missing the has_full_access() authorization check that exists on the sibling get_org_collections endpoint. Th...

Vendor: dani-garcia
Product: vaultwarden
Published: May 05, 2026
Source: NVD
CVE-2026-33324 HIGH - 8.8

SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided question parameter is directly concatenated into the LLM prompt without filtering or escaping, and the S...

Vendor: dataease
Product: SQLBot
Published: May 05, 2026
Source: NVD
CVE-2026-32603 MEDIUM - 6.5

Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the \Device\SandboxieDriver...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix socke...

Vendor: Tunnelblick
Product: Tunnelblick
Published: May 05, 2026
Source: NVD
CVE-2024-52911 HIGH - 7.5

Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14.

Published: May 05, 2026
Source: NVD
CVE-2026-43901 MEDIUM - 6.8

Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wireshark_export_objects MCP tool that accepts an attacker-controlled dest_dir parameter and passes it to tshark...

Vendor: pip
Product: wireshark-mcp
Published: May 05, 2026
Source: GitHub
CVE-2026-42554 MEDIUM - 6.1

Fiber is a web framework for Go. Prior to 2.52.12 and 3.1.0, Cross-Site Scripting vulnerability in Go Fiber allows a remote attacker to inject arbitrary HTML/JavaScript by supplying Accept: text/html on any request whose handler passes attacker-influenced data to the AutoFormat() feature. The develo...

Vendor: go
Product: github.com/gofiber/fiber/v3
Published: May 05, 2026
Source: GitHub

Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. This vulnerability is fixed in 4.0.1.

Vendor: npm
Product: link-preview-js
Published: May 05, 2026
Source: GitHub
CVE-2026-42207 MEDIUM - 6.1

Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, Mage_ProductAlert_AddController::stockAction() reads the uenc query parameter and pas...

Vendor: composer
Product: openmage/magento-lts
Published: May 05, 2026
Source: GitHub

django-s3file is a lightweight file upload input for Django and Amazon S3. Prior to 7.0.2, S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random loca...

Vendor: pip
Product: django-s3file
Published: May 05, 2026
Source: GitHub

MinIO is a high-performance object storage system. From RELEASE.2022-07-24T01-54-52Z to before RELEASE.2026-04-14T21-32-45Z, A path traversal vulnerability in MinIO's ReadMultiple internode storage-REST endpoint allows a caller holding the cluster root JWT to read files from outside the configu...

Vendor: go
Product: github.com/minio/minio
Published: May 05, 2026
Source: GitHub
CVE-2026-42194 MEDIUM - 6.8

Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetch_metadata.php validates the resolved IP address but passes the original hostname-based URL to curl_init(), leaving a DNS rebinding TOCTOU window that allows redirecting requests...

Vendor: composer
Product: admidio/admidio
Published: May 05, 2026
Source: GitHub

Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Prior to 2.9.3, a server-side request forgery (SSRF) vulnerability exists in Geyser’s handling of Bedrock player head texture data. By supplying a crafted Base64-encoded skin texture URL via the /give command, an atta...

Vendor: maven
Product: org.geysermc.geyser:core
Published: May 05, 2026
Source: GitHub

OpenBao is an open source identity-based secrets management system. Prior to 2.5.3, when OpenBao's initial namespace deletion fails, subsequent retries fail to properly remove all data before marking the namespace as deleted. This can affect any outstanding leases as well as potentially leaving...

Vendor: go
Product: github.com/openbao/openbao
Published: May 05, 2026
Source: GitHub
CVE-2026-43893 HIGH - 8.2

exiftool-vendored provides cross-platform Node.js access to ExifTool. Prior to 35.19.0, exiftool-vendored starts ExifTool in -stay_open True -@ - mode, where arguments are read from stdin one per line. In affected versions, several caller-supplied strings were interpolated into ExifTool arguments wi...

Vendor: npm
Product: exiftool-vendored
Published: May 05, 2026
Source: GitHub
CVE-2026-42175 MEDIUM - 6.5

requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addresses within the RFC 6598 Shared Address Space (100.64.0.0/10). An attacker who can supply arbitrary ...

Vendor: pip
Product: requests-hardened
Published: May 05, 2026
Source: GitHub

Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, the XML-RPC / SOAP API session ID is generated using an outdated, time-based construc...

Vendor: composer
Product: openmage/magento-lts
Published: May 05, 2026
Source: GitHub
CVE-2026-7855 HIGH - 8.8

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is now ...

Vendor: dlink
Product: di-8100_firmware
Published: May 05, 2026
Source: NVD
CVE-2026-7854 CRITICAL - 9.8

A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function url_rule_asp of the file /url_rule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploi...

Vendor: dlink
Product: di-8100_firmware
Published: May 05, 2026
Source: NVD