Total CVEs

143,793

Critical Severity

4,093

High Severity

14,778

Last 7 Days

1,518
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,861 - 1,880 of 40,198 CVEs
CVE-2026-57100 CRITICAL - 9.9

Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: entra_provisioning_service
Published: Jul 02, 2026
Source: NVD
CVE-2026-54998 HIGH - 8.8

Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: exchange_online
Published: Jul 02, 2026
Source: NVD
CVE-2026-45499 CRITICAL - 9.9

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: azure_openai
Published: Jul 02, 2026
Source: NVD
CVE-2026-41106 CRITICAL - 9.3

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: 365_copilot
Published: Jul 02, 2026
Source: NVD
CVE-2026-26145 MEDIUM - 4.8

Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: azure_synapse
Published: Jul 02, 2026
Source: NVD
CVE-2026-50722 HIGH - 8.1

Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH ...

Vendor: The Libreswan Project
Product: libreswan
Published: Jul 02, 2026
Source: NVD
CVE-2026-50721 HIGH - 8.1

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack t...

Vendor: The Libreswan Project
Product: libreswan
Published: Jul 02, 2026
Source: NVD
CVE-2026-12413 HIGH - 7.5

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store these in a fixed size array msg_digest.digest[PAYL...

Vendor: The Libreswan Project
Product: libreswan
Published: Jul 02, 2026
Source: NVD
CVE-2026-58460 HIGH - 7.7

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted _display_name value containing dot-dot path components through a malicious ContentProvider. Attackers...

Vendor: ajith-ab
Product: react-native-receive-sharing-intent
Published: Jul 02, 2026
Source: NVD
CVE-2026-52192 HIGH - 7.5

An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_445C5C component

Published: Jul 02, 2026
Source: NVD
CVE-2026-52191 HIGH - 7.5

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_444C8C component

Published: Jul 02, 2026
Source: NVD
CVE-2026-52189 HIGH - 7.5

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_487330 component

Published: Jul 02, 2026
Source: NVD
CVE-2026-52188 MEDIUM - 6.5

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead//sub_497498 component

Published: Jul 02, 2026
Source: NVD
CVE-2026-38972 HIGH - 7.8

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application direc...

Vendor: rizonesoft
Product: notepad3
Published: Jul 02, 2026
Source: NVD
CVE-2026-38971 CRITICAL - 9.1

ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_serial_control.cpp in GCS_MAVLINK::handle_serial_control().

Vendor: ardupilot
Product: arduplane
Published: Jul 02, 2026
Source: NVD
CVE-2026-38970 HIGH - 7.5

pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext() and parseArray() without enforcing a maximum nesting depth.

Published: Jul 02, 2026
Source: NVD
CVE-2026-38969 HIGH - 7.5

ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling.

Published: Jul 02, 2026
Source: NVD
CVE-2026-38968 CRITICAL - 9.8

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding sessio...

Vendor: ntop
Product: ntopng
Published: Jul 02, 2026
Source: NVD

Recce server has unauthenticated SQL execution that allows local file read/write through DuckDB

Vendor: pip
Product: recce
Published: Jul 02, 2026
Source: GitHub
CVE-2026-49353 HIGH - 7.5

9router has an Incomplete Fix: Local-Only Access Gate Bypass in 9router via Host Header SpoofING

Vendor: npm
Product: 9router
Published: Jul 02, 2026
Source: GitHub