Total CVEs

143,793

Critical Severity

4,093

High Severity

14,778

Last 7 Days

1,518
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 17,141 - 17,160 of 40,198 CVEs
CVE-2026-34527 MEDIUM - 5.3

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit valu...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34464 HIGH - 8.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMED_PIPE_OPEN_REQ into a fixed WCHAR pipename[160] stack buffer using wcscat without verifying null termination. The handler only...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34462 HIGH - 7.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers (KillAllHandler, SuspendAllHandler, and RunSandboxedHandler) copy a WCHAR boxname[34] field from request structures into WCHAR[40] stack buffers using wcscpy ...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34461 HIGH - 7.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGID_SBIE_INI_RUN_SBIE_CTRL message is handled before normal sandbox and impersonation checks, and for non-sandb...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34459 HIGH - 8.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD
CVE-2026-34458 HIGH - 8.8

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration restrictions (EditAdminOnly and ConfigPassword) and inject arbitrary directives into the global Sandbox...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD

Twenty is an open source CRM built with NestJS (Node.js). In versions 1.18.0 and earlier, the SSRF protection in twenty-server's SecureHttpClientService can be bypassed using IPv4-mapped IPv6 addresses in URL IP literals. Node.js's URL parser normalizes IPv4-mapped IPv6 addresses to compre...

Vendor: twentyhq
Product: twenty
Published: May 05, 2026
Source: NVD
CVE-2026-33420 MEDIUM - 5.3

Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the get_org_collections_details endpoint (GET /api/organizations/{org_id}/collections/details) is missing the has_full_access() authorization check that exists on the sibling get_org_collections endpoint. Th...

Vendor: dani-garcia
Product: vaultwarden
Published: May 05, 2026
Source: NVD
CVE-2026-33324 HIGH - 8.8

SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided question parameter is directly concatenated into the LLM prompt without filtering or escaping, and the S...

Vendor: dataease
Product: SQLBot
Published: May 05, 2026
Source: NVD
CVE-2026-32603 MEDIUM - 6.5

Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the \Device\SandboxieDriver...

Vendor: sandboxie-plus
Product: Sandboxie
Published: May 05, 2026
Source: NVD

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix socke...

Vendor: Tunnelblick
Product: Tunnelblick
Published: May 05, 2026
Source: NVD
CVE-2024-52911 HIGH - 7.5

Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14.

Published: May 05, 2026
Source: NVD
CVE-2026-43901 MEDIUM - 6.8

Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wireshark_export_objects MCP tool that accepts an attacker-controlled dest_dir parameter and passes it to tshark...

Vendor: pip
Product: wireshark-mcp
Published: May 05, 2026
Source: GitHub
CVE-2026-42554 MEDIUM - 6.1

Fiber is a web framework for Go. Prior to 2.52.12 and 3.1.0, Cross-Site Scripting vulnerability in Go Fiber allows a remote attacker to inject arbitrary HTML/JavaScript by supplying Accept: text/html on any request whose handler passes attacker-influenced data to the AutoFormat() feature. The develo...

Vendor: go
Product: github.com/gofiber/fiber/v3
Published: May 05, 2026
Source: GitHub

Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. This vulnerability is fixed in 4.0.1.

Vendor: npm
Product: link-preview-js
Published: May 05, 2026
Source: GitHub
CVE-2026-42207 MEDIUM - 6.1

Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, Mage_ProductAlert_AddController::stockAction() reads the uenc query parameter and pas...

Vendor: composer
Product: openmage/magento-lts
Published: May 05, 2026
Source: GitHub

django-s3file is a lightweight file upload input for Django and Amazon S3. Prior to 7.0.2, S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random loca...

Vendor: pip
Product: django-s3file
Published: May 05, 2026
Source: GitHub

MinIO is a high-performance object storage system. From RELEASE.2022-07-24T01-54-52Z to before RELEASE.2026-04-14T21-32-45Z, A path traversal vulnerability in MinIO's ReadMultiple internode storage-REST endpoint allows a caller holding the cluster root JWT to read files from outside the configu...

Vendor: go
Product: github.com/minio/minio
Published: May 05, 2026
Source: GitHub
CVE-2026-42194 MEDIUM - 6.8

Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetch_metadata.php validates the resolved IP address but passes the original hostname-based URL to curl_init(), leaving a DNS rebinding TOCTOU window that allows redirecting requests...

Vendor: composer
Product: admidio/admidio
Published: May 05, 2026
Source: GitHub

Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Prior to 2.9.3, a server-side request forgery (SSRF) vulnerability exists in Geyser’s handling of Bedrock player head texture data. By supplying a crafted Base64-encoded skin texture URL via the /give command, an atta...

Vendor: maven
Product: org.geysermc.geyser:core
Published: May 05, 2026
Source: GitHub