Total CVEs

142,750

Critical Severity

4,026

High Severity

14,425

Last 7 Days

1,318
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 17,861 - 17,880 of 39,155 CVEs
CVE-2026-42033 HIGH - 7.4

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can (a) silently intercept and modify every JSON response before the appli...

Vendor: axios
Product: axios
Published: Apr 24, 2026
Source: NVD
CVE-2026-41898 HIGH - 9.8

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback, set_cookie_generate_cb, and set_stateless_cookie_generate_cb forwarded the user closure's ret...

Vendor: rust-openssl
Product: rust-openssl
Published: Apr 24, 2026
Source: NVD
CVE-2026-41680 HIGH - 7.5

Marked is a markdown parser and compiler. From 18.0.0 to 18.0.1, a critical Denial of Service (DoS) vulnerability exists in marked. By providing a specific 3-byte input sequence a tab, a vertical tab, and a newline (\x09\x0b\n)β€”an unauthenticated attacker can trigger an infinite recursion loop durin...

Vendor: markedjs
Product: marked
Published: Apr 24, 2026
Source: NVD
CVE-2026-6912 HIGH - 8.8

Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API c...

Published: Apr 24, 2026
Source: NVD
CVE-2026-6911 CRITICAL - 9.8

Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the dep...

Published: Apr 24, 2026
Source: NVD
CVE-2026-41411 MEDIUM - 6.6

Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve environment variables and wildcards. If the file...

Vendor: vim
Product: vim
Published: Apr 24, 2026
Source: NVD
CVE-2026-41079 MEDIUM - 4.3

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory is c...

Vendor: OpenPrinting
Product: cups
Published: Apr 24, 2026
Source: NVD
CVE-2026-40912 HIGH - 8.2

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, BasicAuth, or DigestAuth. The middleware matche...

Vendor: go
Product: github.com/traefik/traefik/v3
Published: Apr 24, 2026
Source: GitHub
CVE-2026-40068 HIGH - 8.8

In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Code ...

Vendor: npm
Product: @anthropic-ai/claude-code
Published: Apr 24, 2026
Source: GitHub
CVE-2026-39858 HIGH - 10.0

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwarded-header sanitization logic targets on...

Vendor: go
Product: github.com/traefik/traefik/v3
Published: Apr 24, 2026
Source: GitHub
CVE-2026-35051 HIGH - 10.0

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustForwardHeader=false is configured and Traefik is deployed behind a trusted upstream proxy. This is...

Vendor: go
Product: github.com/traefik/traefik/v3
Published: Apr 24, 2026
Source: GitHub
CVE-2026-33524 HIGH - 7.5

Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, a crafted payload as small as 4-5 bytes can force memory allocations of up to 16 GB, crashing any process with an OOM error (Denial of Service). This vulnerability is fixed in 2...

Vendor: maven
Product: io.github.ndsev:zserio-runtime
Published: Apr 24, 2026
Source: GitHub

Kimai is an open-source time tracking application. Prior to version 2.54.0, the Team API endpoints use #[IsGranted('edit_team')] instead of #[IsGranted('edit', 'team')], causing Symfony TeamVoter to abstain from voting. This removes entity-level ownership checks on team...

Vendor: composer
Product: kimai/kimai
Published: Apr 24, 2026
Source: GitHub

Rejected reason: This CVE is a duplicate of another CVE.

Published: Apr 24, 2026
Source: NVD
CVE-2026-39920 CRITICAL - 9.8

BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that allows unauthenticated remote attackers to execute arbitrary OS commands. Attackers can authenticate to the admin console us...

Vendor: BridgeHead Software
Product: FileStore
Published: Apr 24, 2026
Source: NVD
CVE-2026-30368 MEDIUM - 5.4

A client-side authorization flaw in Lightspeed Classroom v5.1.2.1763770643 allows unauthenticated attackers to impersonate users by bypassing integrity checks and abusing client-generated authorization tokens, leading to unauthorized control and monitoring of student devices.

Published: Apr 24, 2026
Source: NVD
CVE-2025-67259 MEDIUM - 6.5

A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low-privileged "student" user can access unauthorized course-level information by modifying intercepted API requests. Changing a captured POST request to a GET request against the /rest/v1/course Pos...

Published: Apr 24, 2026
Source: NVD
CVE-2025-59308 MEDIUM - 4.7

In Mahara before 24.04.10 and 25 before 25.04.1, an institution administrator or institution support administrator on a multi-tenanted site can masquerade as an institution member in an institution for which they are not an administrator, if they also have the 'Site staff' role.

Published: Apr 24, 2026
Source: NVD
CVE-2026-41492 CRITICAL - 9.8

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker ...

Vendor: go
Product: github.com/dgraph-io/dgraph/v25
Published: Apr 24, 2026
Source: GitHub

Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types (ray.data.arrow_tensor, ray.data.arrow_tensor_v2, ray.data.arrow_variable_shaped_tensor) globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension...

Vendor: pip
Product: ray
Published: Apr 24, 2026
Source: GitHub