Total CVEs

143,818

Critical Severity

4,094

High Severity

14,786

Last 7 Days

1,521
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 1,881 - 1,900 of 40,223 CVEs

A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service (DoS) condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKE...

Vendor: WatchGuard
Product: Fireware OS
Published: Jul 03, 2026
Source: NVD
CVE-2026-13079 HIGH - 7.8

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and inclu...

Vendor: WatchGuard
Product: Fireware OS
Published: Jul 03, 2026
Source: NVD
CVE-2026-13054 HIGH - 7.2

A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and...

Vendor: WatchGuard
Product: Fireware OS
Published: Jul 03, 2026
Source: NVD
CVE-2026-13053 HIGH - 7.2

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2...

Vendor: WatchGuard
Product: Fireware OS
Published: Jul 03, 2026
Source: NVD

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS networkd process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fireware OS 11.8 up to and including 11.12.4_Update1, 12.0 up to...

Vendor: WatchGuard
Product: Fireware OS
Published: Jul 03, 2026
Source: NVD
CVE-2026-57100 CRITICAL - 9.9

Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: entra_provisioning_service
Published: Jul 02, 2026
Source: NVD
CVE-2026-54998 HIGH - 8.8

Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: exchange_online
Published: Jul 02, 2026
Source: NVD
CVE-2026-45499 CRITICAL - 9.9

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: azure_openai
Published: Jul 02, 2026
Source: NVD
CVE-2026-41106 CRITICAL - 9.3

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: 365_copilot
Published: Jul 02, 2026
Source: NVD
CVE-2026-26145 MEDIUM - 4.8

Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: azure_synapse
Published: Jul 02, 2026
Source: NVD
CVE-2026-50722 HIGH - 8.1

Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH ...

Vendor: The Libreswan Project
Product: libreswan
Published: Jul 02, 2026
Source: NVD
CVE-2026-50721 HIGH - 8.1

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack t...

Vendor: The Libreswan Project
Product: libreswan
Published: Jul 02, 2026
Source: NVD
CVE-2026-12413 HIGH - 7.5

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store these in a fixed size array msg_digest.digest[PAYL...

Vendor: The Libreswan Project
Product: libreswan
Published: Jul 02, 2026
Source: NVD
CVE-2026-58460 HIGH - 7.7

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted _display_name value containing dot-dot path components through a malicious ContentProvider. Attackers...

Vendor: ajith-ab
Product: react-native-receive-sharing-intent
Published: Jul 02, 2026
Source: NVD
CVE-2026-52192 HIGH - 7.5

An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_445C5C component

Published: Jul 02, 2026
Source: NVD
CVE-2026-52191 HIGH - 7.5

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_444C8C component

Published: Jul 02, 2026
Source: NVD
CVE-2026-52189 HIGH - 7.5

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_487330 component

Published: Jul 02, 2026
Source: NVD
CVE-2026-52188 MEDIUM - 6.5

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead//sub_497498 component

Published: Jul 02, 2026
Source: NVD
CVE-2026-38972 HIGH - 7.8

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application direc...

Vendor: rizonesoft
Product: notepad3
Published: Jul 02, 2026
Source: NVD
CVE-2026-38971 CRITICAL - 9.1

ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_serial_control.cpp in GCS_MAVLINK::handle_serial_control().

Vendor: ardupilot
Product: arduplane
Published: Jul 02, 2026
Source: NVD