Total CVEs

142,398

Critical Severity

3,966

High Severity

14,271

Last 7 Days

1,806
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 15,801 - 15,820 of 38,803 CVEs
CVE-2026-38429 CRITICAL - 9.8

OpenCMS v20 and before is vulnerable to XML External Entity (XXE) in the Admin Import DB feature due to insecure XML parsing of user supplied .zip files containing a manifest.xml.

Published: May 05, 2026
Source: NVD
CVE-2026-25589 HIGH - 8.8

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the RedisBlo...

Vendor: RedisBloom
Product: RedisBloom
Published: May 05, 2026
Source: NVD
CVE-2026-25588 HIGH - 8.8

RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the RedisTimeSeries...

Vendor: RedisTimeSeries
Product: RedisTimeSeries
Published: May 05, 2026
Source: NVD
CVE-2026-25243 HIGH - 8.8

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may lead...

Vendor: redis
Product: redis
Published: May 05, 2026
Source: NVD
CVE-2026-23631 HIGH - 8.1

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remote ...

Vendor: redis
Product: redis
Published: May 05, 2026
Source: NVD
CVE-2026-23479 HIGH - 8.8

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from `processCommandAndResetClient` when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger ...

Vendor: redis
Product: redis
Published: May 05, 2026
Source: NVD
CVE-2026-41164 MEDIUM - 4.4

nuts-node is the reference implementation of the Nuts specification. Prior to 6.2.3 and 5.4.31, the v1 access token introspection endpoint (/auth/v1/introspect_access_token) accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claim...

Vendor: go
Product: github.com/nuts-foundation/nuts-node
Published: May 05, 2026
Source: GitHub
CVE-2026-40934 MEDIUM - 6.8

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at ~/.local/share/jupyter/runtime/jupyter_cookie_secret and is never rotated when a user changes their password. After a password r...

Vendor: pip
Product: jupyter-server
Published: May 05, 2026
Source: GitHub
CVE-2026-40110 HIGH - 7.3

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pat configuration value. Because re.match() only anchors at the start of the string and does not r...

Vendor: pip
Product: jupyter-server
Published: May 05, 2026
Source: GitHub
CVE-2026-35397 HIGH - 7.1

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_dir and access sibling directories whose names begin with the same prefix as the root_dir. For example...

Vendor: pip
Product: jupyter-server
Published: May 05, 2026
Source: GitHub

A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument.ย  A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH consol...

Published: May 05, 2026
Source: NVD
CVE-2026-7846 LOW - 2.6

A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to ...

Published: May 05, 2026
Source: NVD
CVE-2026-7845 LOW - 2.6

A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument paste_image.image...

Published: May 05, 2026
Source: NVD
CVE-2026-7844 MEDIUM - 6.3

A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/list_files/retrieve_file/retrieve_file_content/delete_file of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Compatible File Serv...

Published: May 05, 2026
Source: NVD
CVE-2026-7412 HIGH - 8.6

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to arbitr...

Published: May 05, 2026
Source: NVD
CVE-2026-7411 CRITICAL - 10.0

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker to perform a path traversal attack. By supplying a maliciously crafted fileName parameter during a file upload operation, an attacke...

Published: May 05, 2026
Source: NVD
CVE-2026-6907 MEDIUM - 4.3

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. `django.middleware.cache.UpdateCacheMiddleware` erroneously caches requests where the `Vary` header contained an asterisk (`'*'`). This can lead to private data being stored and served. Earlier, unsupported Django series (s...

Vendor: djangoproject
Product: django
Published: May 05, 2026
Source: NVD
CVE-2026-5766 MEDIUM - 5.3

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated `Content-Length` header can bypass the `FILE_UPLOAD_MAX_MEMORY_SIZE` limit, potentially loading large files into memory and causing service degradation. As a reminder, Django expects a ...

Vendor: djangoproject
Product: django
Published: May 05, 2026
Source: NVD

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named '__copy_user_nocache()' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally _neither_ of th...

Vendor: Linux
Product: Linux
Published: May 05, 2026
Source: NVD

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platform_get_irq_byname() returns an int platform_get_irq_byname() will return a negative value if an error happens, so it should be checked and not just passed directly into devm_request_threaded_irq() hoping all will be...

Vendor: Linux
Product: Linux
Published: May 05, 2026
Source: NVD