CVEs from 2026
Total
14,172
critical
critical 1,106
high
high 3,898
medium
medium 3,930
low
low 413
% Critical
7.8%
% with KEV
0.4%
% with exploit
0.4%
Top products
- firepower_threat_defense 298
- chrome 298
- firepower_threat_defense_software 295
- gcp 221
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-39461 | high | 8.8 | 8.8 | 7d ago | libcasper(3) communicates with helper processes via UNIX domain sockets, and uses the select(2) system call to wait for data to become available. However, it does not verify that its socket descript… | |
| CVE-2026-44048 | high | 8.8 | 8.8 | 7d ago | A stack-based buffer overflow via UCS-2 type confusion in convert_charset() in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of servi… | |
| CVE-2026-44047 | high | 8.8 | 8.8 | 7d ago | An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial o… | |
| CVE-2026-9126 | high | 8.8 | 8.8 | 7d ago | Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-9121 | high | 8.8 | 8.8 | 7d ago | Out of bounds read in GPU in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-9120 | high | 8.8 | 8.8 | 7d ago | Use after free in WebRTC in Google Chrome prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-9119 | high | 8.8 | 8.8 | 7d ago | Heap buffer overflow in WebRTC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… | |
| CVE-2026-9118 | high | 8.8 | 8.8 | 7d ago | Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-9114 | high | 8.8 | 8.8 | 7d ago | Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: Hig… | |
| CVE-2026-9112 | high | 8.8 | 8.8 | 7d ago | Use after free in GPU in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi… | |
| CVE-2026-9111 | high | 8.8 | 8.8 | 7d ago | Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | |
| CVE-2026-24217 | high | 8.8 | 8.8 | 7d ago | NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, … | |
| CVE-2026-44926 | high | 8.8 | 8.8 | 7d ago | InfoScale CmdServer before 7.4.2 mishandles access control. | |
| CVE-2026-44925 | high | 8.8 | 8.8 | 7d ago | Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which t… | |
| CVE-2026-5200 | high | 8.8 | 8.8 | 8d ago | The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 10.8.2. Th… | |
| CVE-2026-24425 | high | 8.8 | 8.8 | 8d ago | Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PH… | |
| CVE-2026-7522 | high | 8.8 | 8.8 | 8d ago | The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.1.0 via the 'template' parameter. This makes it possible for aut… | |
| CVE-2026-7467 | high | 8.8 | 8.8 | 8d ago | The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.7. This is due to the 'RadMoreAjax::importData' function not restricting… | |
| CVE-2026-6456 | high | 8.8 | 8.8 | 8d ago | The Account Switcher plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.2. This is due to the `rememberLogin` REST API endpoint using a loose compari… | |
| CVE-2026-32740 | high | 8.8 | 8.8 | 8d ago | libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid tile compositing, allowing an attacker to write … | |
| CVE-2026-8604 | high | 8.8 | 8.8 | 8d ago | In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage. | |
| CVE-2026-33633 | high | 8.8 | 8.8 | 8d ago | Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in load_image_data() that allows any process which can write to the terminal's stdin to crash ki… | |
| CVE-2026-36828 | high | 8.8 | 8.8 | 8d ago | A command injection vulnerability exists in the /cgi-bin/tools/ajax_cmd endpoint of Panabit PAP-XM320 up to and including v7.7. The CGI component allows authenticated users to execute arbitrary shell… | |
| CVE-2026-31069 | high | 8.8 | 8.8 | 9d ago | BillaBear (all versions prior to Jan 2026) contains a SQL Injection vulnerability in the EventRepository. User-controlled input from metric filter names and aggregation properties is directly interpo… | |
| CVE-2026-8973 | high | 8.8 | 8.8 | 9d ago | Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code… | |
| CVE-2026-8972 | high | 8.8 | 8.8 | 9d ago | Privilege escalation in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | |
| CVE-2026-8952 | high | 8.8 | 8.8 | 9d ago | Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | |
| CVE-2026-46586 | high | 8.8 | 8.8 | 9d ago | Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') vulnerability in Apache OFBiz. This issue affects Ap… | |
| CVE-2026-27648 | high | 8.8 | 8.8 | 9d ago | in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps. | |
| CVE-2026-41085 | high | 8.8 | 8.8 | 9d ago | Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a privilege escalation vulnerability that may allow an authenticated user with limited access privileges to gain unauthorized administrato… | |
| CVE-2026-7498 | high | 8.8 | 8.8 | 10d ago | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Basamak Information Technology Consulting and Organization Trade Ltd. Co. DernekWeb allows Stored… | |
| CVE-2026-3220 | high | 8.8 | 8.8 | 10d ago | The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Script… | |
| CVE-2026-8776 | high | 8.8 | 8.8 | 10d ago | A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affects the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Such manipulati… | |
| CVE-2026-8775 | high | 8.8 | 8.8 | 10d ago | A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TP… | |
| CVE-2026-8719 | high | 8.8 | 8.8 | 11d ago | The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9. This is due to missing WordPress capability enforcement in t… | |
| CVE-2026-45035 | high | 8.8 | 8.8 | 12d ago | Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supp… | |
| CVE-2026-6228 | high | 8.8 | 8.8 | 13d ago | The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 3.28.36. This is due to insufficient authorization checks in the role field… | |
| CVE-2026-43490 | high | 8.8 | 8.8 | 13d ago | In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smb_inherit_dacl() walks the parent directory DACL loaded from the security descriptor x… | |
| CVE-2026-45672 | high | 8.8 | 8.8 | 13d ago | Open WebUI: Jupyter code execution works despite `ENABLE_CODE_EXECUTION=false` — feature gate bypassed | |
| CVE-2026-8587 | high | 8.8 | 8.8 | 13d ago | Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome E… | |
| CVE-2026-8581 | high | 8.8 | 8.8 | 13d ago | Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-8577 | high | 8.8 | 8.8 | 13d ago | Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-8558 | high | 8.8 | 8.8 | 13d ago | Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-8555 | high | 8.8 | 8.8 | 13d ago | Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-8551 | high | 8.8 | 8.8 | 13d ago | Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page… | |
| CVE-2026-8549 | high | 8.8 | 8.8 | 13d ago | Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-8544 | high | 8.8 | 8.8 | 13d ago | Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-8540 | high | 8.8 | 8.8 | 13d ago | Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-8532 | high | 8.8 | 8.8 | 13d ago | Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-8531 | high | 8.8 | 8.8 | 13d ago | Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity… | |
| CVE-2026-8529 | high | 8.8 | 8.8 | 13d ago | Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Hig… | |
| CVE-2026-8527 | high | 8.8 | 8.8 | 13d ago | Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severi… | |
| CVE-2026-8526 | high | 8.8 | 8.8 | 13d ago | Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-8524 | high | 8.8 | 8.8 | 13d ago | Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hig… | |
| CVE-2026-8522 | high | 8.8 | 8.8 | 13d ago | Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | |
| CVE-2026-8519 | high | 8.8 | 8.8 | 13d ago | Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: … | |
| CVE-2026-8518 | high | 8.8 | 8.8 | 13d ago | Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical) | |
| CVE-2026-8517 | high | 8.8 | 8.8 | 13d ago | Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a cra… | |
| CVE-2026-8509 | high | 8.8 | 8.8 | 13d ago | Heap buffer overflow in WebML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Criti… | |
| CVE-2026-43909 | high | 8.8 | 8.8 | 13d ago | OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t… | |
| CVE-2026-43908 | high | 8.8 | 8.8 | 13d ago | OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in t… | |
| CVE-2026-8621 | high | 8.8 | 8.8 | 13d ago | Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers | |
| CVE-2026-44827 | high | 8.8 | 8.8 | 13d ago | Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trust_remote_code=True safeguard when loading pipelines from Hu… | |
| CVE-2026-44513 | high | 8.8 | 8.8 | 13d ago | Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trust_remote_code bypass in DiffusionPipeline.from_pretrained allows arbitrary remote code execution despite the user p… | |
| CVE-2026-6638 | high | 8.8 | 8.8 | 14d ago | SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credenti… | |
| CVE-2026-6637 | high | 8.8 | 8.8 | 14d ago | Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if… | |
| CVE-2026-6477 | high | 8.8 | 8.8 | 14d ago | Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a cli… | |
| CVE-2026-6475 | high | 8.8 | 8.8 | 14d ago | Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system accou… | |
| CVE-2026-6473 | high | 8.8 | 8.8 | 14d ago | Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code… | |
| CVE-2026-6506 | high | 8.8 | 8.8 | 14d ago | The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoo_gdpr_upddata() function missing authorization … | |
| CVE-2026-45229 | high | 8.8 | 8.8 | 14d ago | Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint that allows authenticated attackers to overwrite administrator credentials by posting an arbitrary webui… | |
| CVE-2026-6281 | high | 8.8 | 8.8 | 15d ago | A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device. | |
| CVE-2026-44293 | high | 8.8 | 8.8 | 15d ago | protobuf.js: Code injection through bytes field defaults in generated toObject code | |
| CVE-2026-41957 | high | 8.8 | 8.8 | 15d ago | An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical S… | |
| CVE-2026-3425 | high | 8.8 | 8.8 | 15d ago | The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'get_content' AJAX action. This … | |
| CVE-2026-8201 | high | 8.8 | 8.8 | 15d ago | A use-after-free vulnerability exists in MongoDB's Field-Level Encryption (FLE) query analysis component, affecting client-side uses of mongocryptd and crypt_shared. Triggering this vulnerability req… | |
| CVE-2026-8053 | high | 8.8 | 8.8 | 15d ago | An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issu… | |
| CVE-2026-28847 | high | 8.8 | 8.8 | 15d ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS … | |
| CVE-2026-28955 | high | 8.8 | 8.8 | 15d ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS … | |
| CVE-2026-28947 | high | 8.8 | 8.8 | 15d ago | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processin… | |
| CVE-2026-42289 | high | 8.8 | 8.8 | 15d ago | ChurchCRM is an open-source church management system. Prior to 7.3.2, UserEditor.php processes user account creation and permission updates entirely through $_POST parameters with no CSRF token valid… | |
| CVE-2026-45227 | high | 8.8 | 8.8 | 15d ago | Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspec… | |
| CVE-2026-44871 | high | 8.8 | 8.8 | 15d ago | Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabiliti… | |
| CVE-2026-44224 | high | 8.8 | 8.8 | 15d ago | Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation o… | |
| CVE-2026-7474 | high | 8.8 | 8.8 | 15d ago | HashiCorp Nomad vulnerable to a path traversal | |
| CVE-2026-44870 | high | 8.8 | 8.8 | 15d ago | Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabiliti… | |
| CVE-2026-44869 | high | 8.8 | 8.8 | 15d ago | Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remo… | |
| CVE-2026-44868 | high | 8.8 | 8.8 | 15d ago | Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remo… | |
| CVE-2026-44867 | high | 8.8 | 8.8 | 15d ago | Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remo… | |
| CVE-2026-44866 | high | 8.8 | 8.8 | 15d ago | Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remo… | |
| CVE-2026-8429 | high | 8.8 | 8.8 | 15d ago | SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the private space that allows attackers to execute arbitrary code in the context of the web server. Attackers can exploi… | |
| CVE-2026-23819 | high | 8.8 | 8.8 | 15d ago | A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim… | |
| CVE-2026-31222 | high | 8.8 | 8.8 | 15d ago | Snorkel Trainer.load uses an unsafe torch.load | |
| CVE-2026-31225 | high | 8.8 | 8.8 | 15d ago | Superduper: Remote code execution via unsafe eval in superduper query parsing | |
| CVE-2026-43892 | high | 8.8 | 8.8 | 15d ago | AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed i… | |
| CVE-2026-41613 | high | 8.8 | 8.8 | 15d ago | Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. | |
| CVE-2026-41109 | high | 8.8 | 8.8 | 15d ago | Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature ove… | |
| CVE-2026-41094 | high | 8.8 | 8.8 | 15d ago | Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network. | |
| CVE-2026-41086 | high | 8.8 | 8.8 | 15d ago | Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network. | |
| CVE-2026-40420 | high | 8.8 | 8.8 | 15d ago | Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally. |