Total CVEs

144,202

Critical Severity

4,148

High Severity

14,963

Last 7 Days

1,660
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 19,761 - 19,780 of 40,607 CVEs
CVE-2026-33656 CRITICAL - 9.1

EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, EspoCRM's built-in formula scripting engine allowing updating attachment's sourceId thus allowing an authenticated admin to overwrite the `sourceId` field on `Attachment` entities. Because `sour...

Vendor: espocrm
Product: espocrm
Published: Apr 22, 2026
Source: NVD
CVE-2026-41681 HIGH - 9.8

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx) to the out buffer. If out is smaller than that, MdCtxRef::digest_final() writes past its end, usually corrupting the stack. This is reachabl...

Vendor: rust
Product: openssl
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41683 HIGH - 8.6

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3, i18next-http-middleware wrote user-controlled language values into the Content-Language response header after passing them through utils.escape(), which i...

Vendor: npm
Product: i18next-http-middleware
Published: Apr 22, 2026
Source: GitHub

xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, seven recursive traversals in lib/dom.js operate without a depth limit. A sufficiently deeply nested...

Vendor: npm
Product: @xmldom/xmldom
Published: Apr 22, 2026
Source: GitHub

xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields (internalSubset, publicId, systemId) verbatim withou...

Vendor: npm
Product: @xmldom/xmldom
Published: Apr 22, 2026
Source: GitHub

xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled processing instruction data to be serialized into XML without...

Vendor: npm
Product: @xmldom/xmldom
Published: Apr 22, 2026
Source: GitHub

http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the generated script element. Mitigation base64-encodes the cookie value to disallow escapi...

Published: Apr 22, 2026
Source: NVD

An authenticated attacker can store a crafted tag value in _user_tags and trigger JavaScript execution when a victim opens the list/report view where tags are rendered. The vulnerable renderer interpolates tag content into HTML attributes and element content without escaping. This issue affects Frap...

Published: Apr 22, 2026
Source: NVD
CVE-2026-34066 MEDIUM - 5.3

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, `HistoryStore::put_historic_txns` uses an `assert!` to enforce invariants about `HistoricTransaction.block_number` (must be within the macro block being pushed and within the same epoch)....

Vendor: nimiq
Product: nimiq-blockchain
Published: Apr 22, 2026
Source: NVD
CVE-2026-34065 HIGH - 7.5

nimiq-primitives contains primitives (e.g., block, account, transaction) to be used in Nimiq's Rust implementation. Prior to version 1.3.0, an untrusted p2p peer can cause a node to panic by announcing an election macro block whose `validators` set contains an invalid compressed BLS voting key....

Vendor: nimiq
Product: nimiq-primitives
Published: Apr 22, 2026
Source: NVD
CVE-2026-34064 MEDIUM - 5.3

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, `VestingContract::can_change_balance` returns `AccountError::InsufficientFunds` when `new_balance < min_cap`, but it constructs the error using `balance: self.balance - min_cap`. `Coi...

Vendor: nimiq
Product: nimiq-account
Published: Apr 22, 2026
Source: NVD
CVE-2026-34063 HIGH - 7.5

Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, `network-libp2p` discovery uses a libp2p `ConnectionHandler` state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer op...

Vendor: nimiq
Product: network-libp2p
Published: Apr 22, 2026
Source: NVD
CVE-2026-34062 MEDIUM - 5.3

nimiq-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, `MessageCodec::read_request` and `read_response` call `read_to_end()` on inbound substreams, so a remote peer can send only a partial frame and keep the substream open. because `Behaviour::new` also sets `with_ma...

Vendor: nimiq
Product: network-libp2p
Published: Apr 22, 2026
Source: NVD
CVE-2026-33471 CRITICAL - 9.6

nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::verify` computes its quorum check using `BitSet.len()`, then iterates `BitSet` indices and casts each `usize` index to `u16` (`slot as u16`) for slot lookup. Prior to version 1.3.0, if an attacker ...

Vendor: nimiq
Product: nimiq-block
Published: Apr 22, 2026
Source: NVD

xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating ...

Vendor: npm
Product: @xmldom/xmldom
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41640 HIGH - 7.5

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL() function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using paramete...

Vendor: npm
Product: @nocobase/database
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41641 HIGH - 7.2

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL() validation function that blocks dangerous SQL keywords (e.g., pg_read_file, LOAD_FILE, dblink) is applied on the collections:create and sqlCollecti...

Vendor: npm
Product: @nocobase/plugin-collection-sql
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41650 MEDIUM - 6.1

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "-->" sequence in comment content or the "]]>" sequence in CDATA sections when building XML from JavaScript objects....

Vendor: npm
Product: fast-xml-parser
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41645 MEDIUM - 5.3

Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's expression evaluation engine makes it possible for a malicious target server to inject and execute supported DSL expressions. This happens when HTTP respon...

Vendor: go
Product: github.com/projectdiscovery/nuclei/v3
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41646 MEDIUM - 5.5

Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's JavaScript protocol runtime allows JavaScript templates to read local .js and .json files through the require() function, bypassing the default local file ...

Vendor: go
Product: github.com/projectdiscovery/nuclei/v3
Published: Apr 22, 2026
Source: GitHub