Total CVEs

143,749

Critical Severity

4,091

High Severity

14,758

Last 7 Days

1,541
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,841 - 1,860 of 40,154 CVEs

Algernon vulnerable to server-side script source disclosure on Windows via NTFS filename

Vendor: go
Product: github.com/xyproto/algernon
Published: Jul 02, 2026
Source: GitHub
CVE-2026-52834 HIGH - 7.3

jxl-grid on 32-bit platforms has an out-of-bounds writes due to integer overflow

Vendor: rust
Product: jxl-grid
Published: Jul 02, 2026
Source: GitHub
CVE-2026-52830 CRITICAL - 9.4

fast-mcp-telegram is a Telegram MCP Server. Prior to 0.19.1, fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject path separators or normalize the path before checking w...

Vendor: pip
Product: fast-mcp-telegram
Published: Jul 02, 2026
Source: GitHub
CVE-2026-49289 HIGH - 7.5

SimpleSAMLphp has Possible DoS via XPath Transform

Vendor: composer
Product: simplesamlphp/saml2
Published: Jul 02, 2026
Source: GitHub
CVE-2026-52829 HIGH - 7.5

Zebra Address Book Aborted by IPv4-Mapped Mempool Misbehavior Update

Vendor: rust
Product: zebra-network
Published: Jul 02, 2026
Source: GitHub
CVE-2026-49283 HIGH - 8.7

SimpleSAMLphp HTTP-Artifact TLS validator confusion allows cross-IdP authentication bypass

Vendor: composer
Product: simplesamlphp/saml2
Published: Jul 02, 2026
Source: GitHub

Linuxfabrik Monitoring Plugins: Sudoers may be able to obtain privilege escalation via /usr/bin/apt-get arguments

Vendor: pip
Product: linuxfabrik-lib
Published: Jul 02, 2026
Source: GitHub
CVE-2026-59102 MEDIUM - 5.4

Forgejo before 15.0.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript in other users' browsers by setting a full name containing an HTML payload and triggering an Actions run. When the DEFAULT_SHOW_FULL_NAME option is enab...

Vendor: forgejo
Product: forgejo
Published: Jul 02, 2026
Source: NVD
CVE-2026-59101 MEDIUM - 5.8

AutoBangumi before 3.2.8 contains a server-side request forgery (SSRF) vulnerability that allows unauthenticated remote attackers to probe internal network services by supplying arbitrary host values to an unprotected setup endpoint. Attackers can send requests to the POST /api/v1/setup/test-downloa...

Vendor: EstrellaXD
Product: Auto_Bangumi
Published: Jul 02, 2026
Source: NVD
CVE-2026-59100 MEDIUM - 5.0

LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying arbitrary group identifiers. Attackers can invoke the getGroupAgents, updateAgentInGroup, and removeAgentsFr...

Vendor: lobehub
Product: lobehub
Published: Jul 02, 2026
Source: NVD
CVE-2026-59099 CRITICAL - 9.1

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution tok...

Vendor: apereo
Product: cas
Published: Jul 02, 2026
Source: NVD
CVE-2026-59098 MEDIUM - 6.5

LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method. At...

Vendor: lobehub
Product: lobehub
Published: Jul 02, 2026
Source: NVD
CVE-2026-59097 MEDIUM - 5.3

Taiga before 6.10.2 contains a missing authorization vulnerability that allows unauthenticated remote attackers to create default due-date records in any project by exploiting unprotected POST endpoints on the user-story, task, and issue due-date API viewsets. Attackers can supply an arbitrary proje...

Vendor: taiga
Product: taiga-back
Published: Jul 02, 2026
Source: NVD
CVE-2026-59096 HIGH - 7.5

Dapr Sentry's OIDC discovery endpoint derives the issuer and jwks_uri of the /.well-known/openid-configuration document from the request Host, honoring an attacker-controlled X-Forwarded-Host header without validation when no allowed-hosts list is configured (the default), and serves the docume...

Vendor: dapr
Product: dapr
Published: Jul 02, 2026
Source: NVD
CVE-2026-59095 HIGH - 7.7

LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to direct internal HTTP requests to arbitrary URLs by supplying user-controlled input to the skill import service (importFromUrl) and topic cover update (fetchImageFromUrl) endpo...

Vendor: lobehub
Product: lobehub
Published: Jul 02, 2026
Source: NVD
CVE-2026-59094 HIGH - 7.5

Pathway through 0.31.1, fixed in commit d09722e, document store applies a caller-supplied glob pattern to indexed document paths using a hand-written recursive matcher that branches two ways on each ** token without memoization, giving exponential worst-case complexity. The filepath_globpattern valu...

Vendor: pathwaycom
Product: pathway
Published: Jul 02, 2026
Source: NVD
CVE-2026-59093 HIGH - 8.8

Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by the assigned role. The assignRoleToUser and assignRoleToGroup handlers (POST /authz/users/{id}/assign and /authz/groups/{id}/assign) authorize only that the caller may assign r...

Vendor: weaviate
Product: weaviate
Published: Jul 02, 2026
Source: NVD
CVE-2026-59092 HIGH - 7.7

JuiceFS through 1.3.1, fixed in commit a46979c, contains an authentication bypass vulnerability that allows unauthenticated remote attackers to access sensitive debug and metrics endpoints by exploiting improper handler registration on the shared http.DefaultServeMux. Attackers can request the /debu...

Vendor: juicedata
Product: juicefs
Published: Jul 02, 2026
Source: NVD
CVE-2026-58580 MEDIUM - 5.9

LobeChat through 2.2.9 server-database deployments are vulnerable to broken object-level authorization in MessageModel. The updateMessagePlugin, updatePluginState, updatePluginError, updateTTS and updateTranslate methods filter target rows by message id alone, omitting the userId scope that sibling ...

Vendor: lobehub
Product: lobehub
Published: Jul 02, 2026
Source: NVD
CVE-2026-58579 MEDIUM - 5.4

RAGFlow before 0.26.3 stores an agent pipeline (DSL) node name without sanitization: the agent update endpoint normalizes the submitted DSL via normalize_dsl, which only performs JSON serialization validation and preserves the node name verbatim. The dataflow-result web UI then renders that name int...

Vendor: infiniflow
Product: ragflow
Published: Jul 02, 2026
Source: NVD