Total CVEs

145,743

Critical Severity

4,268

High Severity

15,733

Last 7 Days

2,319
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 15,461 - 15,480 of 42,148 CVEs
CVE-2026-27173 HIGH - 8.7

JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of Ai...

Vendor: Apache Software Foundation
Product: Apache Airflow CNCF Kubernetes provider
Published: May 19, 2026
Source: NVD

FileBrowser Quantum: unauthenticated user share share info

Vendor: go
Product: github.com/gtsteffaniak/filebrowser/backend
Published: May 19, 2026
Source: GitHub
CVE-2026-46374 HIGH - 7.5

SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.2.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious long query to any application using the parser to tri...

Vendor: pip
Product: sqlfluff
Published: May 19, 2026
Source: GitHub
CVE-2026-46373 HIGH - 7.5

SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.1.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious query with deliberate excessive nesting to any applic...

Vendor: pip
Product: sqlfluff
Published: May 19, 2026
Source: GitHub
CVE-2026-46372 HIGH - 8.5

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern exposes /api/search/searxng, which accepts attacker-controlled baseUrl and uses it direc...

Vendor: npm
Product: sillytavern
Published: May 19, 2026
Source: GitHub
CVE-2026-46378 HIGH - 7.5

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the selector lexer matchRegexPattern closure in (*Tokenizer).parseCurRune in selector/lexer/tokenize.go loops while tokenizing an unterminated regex literal such as r/ because...

Vendor: go
Product: github.com/tomwright/dasel/v3
Published: May 19, 2026
Source: GitHub
CVE-2026-46377 HIGH - 7.5

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the escape sequence handler in (*Tokenizer).parseCurRune in selector/lexer/tokenize.go increments past a trailing backslash in a quoted string such as "\ or '\ and t...

Vendor: go
Product: github.com/tomwright/dasel/v3
Published: May 19, 2026
Source: GitHub
CVE-2026-45783 HIGH - 7.5

libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 16.2.6, an unauthenticated remote peer can exhaust the disk storage of any @libp2p/kad-dht node running in server mode by sending an unbounded stream of PUT_VALUE messages whose keys bypass all content validation. No ...

Vendor: npm
Product: @libp2p/kad-dht
Published: May 19, 2026
Source: GitHub
CVE-2026-46354 CRITICAL - 9.1

Coder allows organizations to provision remote development environments via Terraform. In versions prior tp 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3, `azureidentity.Validate()` verifies that the PKCS#7 signer certificate chains to a trusted Azure CA but never verifies the PKCS#7 signatur...

Vendor: go
Product: github.com/coder/coder/v2
Published: May 19, 2026
Source: GitHub

Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.1.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, the /__nuxt_island/* endpoint accepts attacker-controlled props query/body...

Vendor: npm
Product: nuxt
Published: May 19, 2026
Source: GitHub
CVE-2026-46338 MEDIUM - 4.3

PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. From 10.0.1 until 10.21.3, pymdownx.snippets uses a string-prefix containment check in SnippetPreprocessor.get_snippet_path() in pymdownx/snippets.py when `restrict_base_path: True`, allowing markdown snippet directi...

Vendor: pip
Product: pymdown-extensions
Published: May 19, 2026
Source: GitHub
CVE-2026-45805 HIGH - 8.8

Penpot is an open-source design tool for design and code collaboration. Prior to 2.15.0, Penpot MCP's mcp/packages/server/src/ReplServer.ts bound the ReplServer to 0.0.0.0:4403 and exposed an unauthenticated /execute endpoint that passed the code field to PluginBridge.executePluginTask(), allow...

Vendor: npm
Product: @penpot/mcp
Published: May 19, 2026
Source: GitHub

FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. Prior to version 2.6.7, an attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion or a script time-out....

Vendor: composer
Product: setasign/fpdi
Published: May 19, 2026
Source: GitHub
CVE-2026-45799 HIGH - 7.5

Wire: skipGroup() missing negative-length check allows 10-byte payload to crash any Wire-decoding service

Vendor: maven
Product: com.squareup.wire:wire-runtime-jvm
Published: May 19, 2026
Source: GitHub
CVE-2026-45796 MEDIUM - 6.5

Coder allows organizations to provision remote development environments via Terraform. Versions prior tp 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3 are vulnerable to unauthenticated semi-blind Server-Side Request Forgery (SSRF) via the Azure instance identity endpoint (`POST /api/v2/worksp...

Vendor: go
Product: github.com/coder/coder/v2
Published: May 19, 2026
Source: GitHub
CVE-2026-46357 MEDIUM - 6.5

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the HAX CMS NodeJS application crashes when an authenticated attacker sends a specially crafted site creation request to the createSite endpoint. A single request is sufficient to take the entire applicatio...

Vendor: npm
Product: @haxtheweb/haxcms-nodejs
Published: May 19, 2026
Source: GitHub
CVE-2026-45785 MEDIUM - 6.2

OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle

Vendor: nuget
Product: OpenMcdf
Published: May 19, 2026
Source: GitHub

rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

Vendor: rust
Product: openssl
Published: May 19, 2026
Source: GitHub
CVE-2026-46339 CRITICAL - 10.0

9Router is an AI router & token saver. From 0.4.30 until 0.4.37, 9Router's src/proxy.js middleware did not protect /api/cli-tools/* and /api/mcp/*, allowing unauthenticated registration of customPlugins through src/app/api/cli-tools/cowork-settings/route.js and command execution through the...

Vendor: npm
Product: 9router
Published: May 19, 2026
Source: GitHub
CVE-2026-45695 CRITICAL - 9.8

Kopia is a cross-platform backup tool for Windows, macOS, and Linux with fast incremental backups, client-side end-to-end encryption, compression, and data deduplication. Prior to 0.23.0, Kopia's HTTP server started with --without-password accepts unauthenticated requests to /api/v1/repo/exists...

Vendor: go
Product: github.com/kopia/kopia
Published: May 19, 2026
Source: GitHub