Total CVEs

142,588

Critical Severity

4,002

High Severity

14,355

Last 7 Days

1,856
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 18,381 - 18,400 of 38,993 CVEs

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all ve...

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD

Rejected reason: This CVE has the been REJECTED and will not be published by the CNA.

Published: Apr 22, 2026
Source: NVD
CVE-2026-6857 HIGH - 7.5

A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the ProtoStream remote aggregation repository. A remote attacker with low privileges could exploit this by sending specially crafted data, leading to arbitrary code execution. This allows the attacker to gain...

Published: Apr 22, 2026
Source: NVD
CVE-2026-6855 HIGH - 7.1

A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the `logs_dir` parameter. This allows the attacker to create new directories and write files to arbitrary locations on the system, potentially leading to unautho...

Published: Apr 22, 2026
Source: NVD
CVE-2026-6848 MEDIUM - 5.4

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle authent...

Published: Apr 22, 2026
Source: NVD
CVE-2026-33601 MEDIUM - 4.4

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.

Vendor: PowerDNS
Product: Recursor
Published: Apr 22, 2026
Source: NVD