Total CVEs

143,818

Critical Severity

4,094

High Severity

14,786

Last 7 Days

1,526
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 19,721 - 19,740 of 40,223 CVEs

F´ (F Prime) is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds check byteOffset + dataSize > fileSize uses U32 addition that wraps around on overflow. An attacker-crafted DataPacket with byteOffset=0x...

Vendor: nasa
Product: fprime
Published: Apr 22, 2026
Source: NVD
CVE-2026-41136 MEDIUM - 5.3

free5GC AMF provides Access & Mobility Management Function (AMF) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. Prior to version 1.4.3, the `HTTPUEContextTransfer` handler in `internal/sbi/api_communication.go` does not include a `default` case in the `Conte...

Vendor: free5gc
Product: amf
Published: Apr 22, 2026
Source: NVD
CVE-2026-41135 HIGH - 7.5

free5GC UDR is the Policy Control Function (PCF) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. A memory leak vulnerability in versions prior to 1.4.3 allows any unauthenticated attacker with network access to the PCF SBI interface to cause uncontrolled memory g...

Vendor: free5gc
Product: pcf
Published: Apr 22, 2026
Source: NVD
CVE-2026-41133 HIGH - 8.8

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache `role` and `permission` in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the dat...

Vendor: pyload
Product: pyload
Published: Apr 22, 2026
Source: NVD
CVE-2026-41131 MEDIUM - 5.0

OpenFGA is an authorization/permission engine built for developers. Prior to version 1.14.1, in specific scenarios, models using conditions with caching enabled can result in two different check requests producing the same cache key. This could result in OpenFGA reusing an earlier cached result for ...

Vendor: openfga
Product: openfga
Published: Apr 22, 2026
Source: NVD

Craft CMS is a content management system (CMS). In versions on the 4.x branch through 4.17.8 and the 5.x branch through 5.9.14, the `resource-js` endpoint in Craft CMS allows unauthenticated requests to proxy remote JavaScript resources. When `trustedHosts` is not explicitly restricted (default con...

Vendor: craftcms
Product: cms
Published: Apr 22, 2026
Source: NVD

Craft CMS is a content management system (CMS). Versions on the 4.x branch through 4.17.8 and the 5.x branch through 5.9.14 are vulnerable to Server-Side Request Forgery. The exploitation requires a few permissions to be enabled in the used GraphQL schema: "Edit assets in the <VolumeName>...

Vendor: craftcms
Product: cms
Published: Apr 22, 2026
Source: NVD

Craft CMS is a content management system (CMS). In versions 5.6.0 through 5.9.14, the `actionSavePermissions()` endpoint allows a user with only `viewUsers` permission to remove arbitrary users from all user groups. While `_saveUserGroups()` enforces per-group authorization for additions, it perform...

Vendor: craftcms
Product: cms
Published: Apr 22, 2026
Source: NVD
CVE-2026-41127 MEDIUM - 6.5

BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have a missing authorization that allows viewers to inject/overwrite captions Version 3.0.24 tightened the permissions on who is able to submit captions. No known workarounds are available.

Vendor: bigbluebutton
Product: bigbluebutton
Published: Apr 22, 2026
Source: NVD
CVE-2026-41126 MEDIUM - 4.3

BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have an Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL." Version 3.0.24 has adjusted the handling of requests with incorrect checksum so that the default logoutURL is used. No known worka...

Vendor: bigbluebutton
Product: bigbluebutton
Published: Apr 22, 2026
Source: NVD
CVE-2026-41064 CRITICAL - 9.3

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's `test.php` adds `escapeshellarg` for wget but leaves the `file_get_contents` and `curl` code paths unsanitized, and the URL validation regex `/^http/` accepts strings like `httpevi...

Vendor: WWBN
Product: AVideo
Published: Apr 22, 2026
Source: NVD
CVE-2026-41059 HIGH - 8.2

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 have a configuration-dependent authentication bypass. Deployments are affected when all of the following are true: Use of `skip_auth_routes` or the legacy `skip_auth_regex`; use of patt...

Vendor: oauth2-proxy
Product: oauth2-proxy
Published: Apr 22, 2026
Source: NVD
CVE-2026-5921 HIGH - 8.9

A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing side-channel attack against the notebook rendering service. When private mode was disabled, the noteboo...

Vendor: github
Product: enterprise_server
Published: Apr 21, 2026
Source: NVD

An improper authorization vulnerability in scoped user-to-server (ghu_) token authorization in GitHub Enterprise Server allows an authenticated attacker to access private repositories outside the intended installation scope, which can include write operations, via an authorization fallback that trea...

Published: Apr 21, 2026
Source: NVD

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error messa...

Published: Apr 21, 2026
Source: NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: Apr 21, 2026
Source: NVD

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Management Console administrator to execute arbitrary OS commands via shell metacharacter injection in proxy configuration fields such as http_proxy. Exploitation of ...

Published: Apr 21, 2026
Source: NVD

An incorrect regular expression vulnerability was identified in GitHub Enterprise Server that allowed an attacker to bypass OAuth redirect URI validation. An attacker with knowledge of a first-party OAuth application's registered callback URL could craft a malicious authorization link that, whe...

Published: Apr 21, 2026
Source: NVD
CVE-2026-41063 MEDIUM - 5.4

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete XSS fix in AVideo's `ParsedownSafeWithLinks` class overrides `inlineMarkup` for raw HTML but does not override `inlineLink()` or `inlineUrlTag()`, allowing `javascript:` URLs in markdown link syntax to bypas...

Vendor: WWBN
Product: AVideo
Published: Apr 21, 2026
Source: NVD
CVE-2026-41062 MEDIUM - 6.5

WWBN AVideo is an open source video platform. In versions 29.0 and below, the directory traversal fix introduced in commit 2375eb5e0 for `objects/aVideoEncoderReceiveImage.json.php` only checks the URL path component (via `parse_url($url, PHP_URL_PATH)`) for `..` sequences. However, the downstream f...

Vendor: WWBN
Product: AVideo
Published: Apr 21, 2026
Source: NVD