Total CVEs

142,750

Critical Severity

4,026

High Severity

14,425

Last 7 Days

1,355
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 17,801 - 17,820 of 39,155 CVEs
CVE-2026-31683 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packet_len bytes, while a later packet can still ...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-31682 CRITICAL - 9.1

In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses neighbour discovery options from ns->opt[] and assumes that these options are in the linear part of request. Its callers only guarantee that the I...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD

In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_multiport: validate range encoding in checkentry ports_match_v1() treats any non-zero pflags entry as the start of a port range and unconditionally consumes the next ports[] element as the range end. The checkentry ...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-31680 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: flowlabel: defer exclusive option free until RCU teardown `ip6fl_seq_show()` walks the global flowlabel hash under the seq-file RCU read-side lock and prints `fl->opt->opt_nflen` when an option block is present. ...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-31679 HIGH - 7.1

In the Linux kernel, the following vulnerability has been resolved: openvswitch: validate MPLS set/set_masked payload length validate_set() accepted OVS_KEY_ATTR_MPLS as variable-sized payload for SET/SET_MASKED actions. In action handling, OVS expects fixed-size MPLS key data (struct ovs_key_mpls...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-31678 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdev_put to RCU release ovs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still obse...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - limit RX SG extraction by receive buffer budget Make af_alg_get_rsgl() limit each RX scatterlist extraction to the remaining receive buffer budget. af_alg_get_rsgl() currently uses af_alg_readable() only as a gat...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-31676 HIGH - 7.5

In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPC_CONN_SERVICE_CHALLENGING. Check that state under state_lock before running response verification and...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-31675 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_netem: fix out-of-bounds access in packet corruption In netem_enqueue(), the packet corruption logic uses get_random_u32_below(skb_headlen(skb)) to select an index for modifying skb->data. When an AF_PACKET TX_RI...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-31674 HIGH - 7.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo->addrs[]. Validate addrnr during rule installat...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-31673 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path. Meanwhile, unix_release_sock() clears u->path under unix_state_lock() and drops the path refe...

Vendor: Linux
Product: Linux
Published: Apr 25, 2026
Source: NVD
CVE-2026-6951 CRITICAL - 9.8

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks the -c option but not the equivalent --config form. If untrusted input can reach the optio...

Published: Apr 25, 2026
Source: NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: Apr 24, 2026
Source: NVD
CVE-2026-42171 HIGH - 7.8

NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).

Vendor: Nullsoft
Product: Nullsoft Scriptable Install System
Published: Apr 24, 2026
Source: NVD

LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's _url_to_size() helper (used by get_num_tokens_from_messages for image token counting) validated URLs for SSRF protection and then fetched them in a separate network operation with inde...

Vendor: langchain-ai
Product: langchain-openai
Published: Apr 24, 2026
Source: NVD
CVE-2026-41481 MEDIUM - 6.5

LangChain is a framework for building agents and LLM-powered applications. Prior to langchain-text-splitters 1.1.2, HTMLHeaderTextSplitter.split_text_from_url() validated the initial URL using validate_safe_url() but then performed the fetch with requests.get() with redirects enabled (the default)....

Vendor: langchain-ai
Product: langchain-text-splitters
Published: Apr 24, 2026
Source: NVD
CVE-2026-41478 CRITICAL - 9.9

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through syn...

Vendor: saltcorn
Product: saltcorn
Published: Apr 24, 2026
Source: NVD
CVE-2026-41473 CRITICAL - 9.1

CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoin...

Vendor: usmannasir
Product: cyberpanel
Published: Apr 24, 2026
Source: NVD
CVE-2026-41472 MEDIUM - 6.1

CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findings_json field of ScanH...

Vendor: usmannasir
Product: cyberpanel
Published: Apr 24, 2026
Source: NVD
CVE-2026-41248 CRITICAL - 9.1

Clerk JavaScript is the official JavaScript repository for Clerk authentication. createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowing them to skip middleware gating and reach downstream handlers. This vulnerability is fixed in @cler...

Vendor: clerk
Product: astro, nextjs, nuxt, shared
Published: Apr 24, 2026
Source: NVD