CVEs from 2026
Total
13,464
critical
critical 1,177
high
high 4,294
medium
medium 4,166
low
low 442
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-40886 | high | 7.7 | 7.7 | 1mo ago | Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows Controller | |||
| CVE-2026-32324 | high | 7.7 | 7.7 | 1mo ago | Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction with device messaging channels at s… | |||
| CVE-2026-22664 | high | 7.7 | 7.7 | 2mo ago | prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in the Fal.ai media status polling feature that allows authenticated users to perform arbitrary outbound requ… | |||
| CVE-2026-32441 | high | 7.7 | 7.7 | 2mo ago | Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects… | |||
| CVE-2026-24969 | high | 7.7 | 7.7 | 2mo ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Instant VA instantva allows Path Traversal.This issue affects Instant VA: from n/a throu… | |||
| CVE-2026-22558 | high | 7.7 | 7.7 | 2mo ago | An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges. | |||
| CVE-2026-20100 | high | 7.7 | 7.7 | 3mo ago | A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could… | |||
| CVE-2026-3052 | high | 7.7 | 7.7 | 3mo ago | A vulnerability was found in DataLinkDC dinky up to 1.2.5. The impacted element is the function proxyUba of the file dinky-admin/src/main/java/org/dinky/controller/FlinkProxyController.java of the co… | |||
| CVE-2026-49374 | high | 7.6 | 7.6 | 2d ago | In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters | |||
| CVE-2026-9809 | high | 7.6 | 7.6 | 2d ago | A stored Cross-Site Scripting (XSS) vulnerability exists in the Projects component of Mautic 7. When displaying project tags and popovers on administrative detail views (such as campaigns, emails, or… | |||
| CVE-2026-46426 | high | 7.6 | 7.6 | 4d ago | Budibase: Unrestricted Upload of File with Dangerous Type | |||
| CVE-2026-45082 | high | 7.6 | 7.6 | 5d ago | Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery (SSRF) protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following proces… | |||
| CVE-2026-34207 | high | 7.6 | 7.6 | 9d ago | TypeBot is a chatbot builder tool. In versions prior to 3.16.0, SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It … | |||
| CVE-2026-9047 | high | 7.6 | 7.6 | 9d ago | Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of a user's password to bypass the user's multi-fac… | |||
| CVE-2026-44068 | high | 7.6 | 7.6 | 10d ago | Incomplete sanitization of extended attribute (EA) path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via… | |||
| CVE-2026-9144 | high | 7.6 | 7.6 | 11d ago | Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a stored cross-site scripting vulnerability in the embedded web configuration interface that allows authenticated attackers to execute pe… | |||
| CVE-2026-5783 | high | 7.6 | 7.6 | 11d ago | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Beyaz Computer Software Design Industry and Trade Ltd. Co. CityPLus allows Reflected XSS. This i… | |||
| CVE-2026-42383 | high | 7.6 | 7.6 | 11d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection. This issue affects YITH WooCom… | |||
| CVE-2026-33233 | high | 7.6 | 7.6 | 13d ago | AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.6.34 through 0.6.51, the backend deserializes Redis cache byte… | |||
| CVE-2026-6347 | high | 7.6 | 7.6 | 13d ago | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to sanitize sensitive configuration fields in the Mattermost Calls plugin which allows an attacker with access to a su… | |||
| CVE-2026-46367 | high | 7.6 | 7.6 | 16d ago | phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl() that allows authenticated users to inject JavaScript via malformed URLs in comments. Attackers can craf… | |||
| CVE-2026-44555 | high | 7.6 | 7.6 | 16d ago | Open WebUI's Base Model Routing Bypasses Access Control via Model Chaining | |||
| CVE-2026-46408 | high | 7.6 | 7.6 | 16d ago | Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the checkout endpoint accepts a user-controlled cart_id and uses it to enter … | |||
| CVE-2026-42897 | medium | 6.1 | 7.6 | 17d ago | Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be e… | |||
| CVE-2026-44516 | high | 7.6 | 7.6 | 17d ago | Valtimo has sensitive data exposure through HTTP request/response logging in LoggingRestClientCustomizer | |||
| CVE-2026-45225 | high | 7.6 | 7.6 | 19d ago | Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted… | |||
| CVE-2026-44166 | high | 7.6 | 7.6 | 19d ago | PocketBase vulnerable to account pre-hijacking via OAuth2 unverfied->verified autolinking upgrade | |||
| CVE-2026-45213 | high | 7.6 | 7.6 | 19d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a thro… | |||
| CVE-2026-43350 | high | 7.6 | 7.6 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parse_dacl() treats an ACE SID matching sid_unix_NFS_mode as an… | |||
| CVE-2026-43510 | high | 7.6 | 7.6 | 24d ago | manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. F… | |||
| CVE-2026-41904 | high | 7.6 | 7.6 | 24d ago | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user with updateAutoReply permission can store an XSS payload in the mailbox auto-reply … | |||
| CVE-2026-42224 | high | 7.6 | 7.6 | 1mo ago | ipl/web is vulnerable to reflected XSS by malformed search requests | |||
| CVE-2026-42646 | high | 7.6 | 7.6 | 1mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Steve Burge TaxoPress simple-tags allows Blind SQL Injection.This issue affects TaxoPress: from n… | |||
| CVE-2026-41912 | high | 7.6 | 7.6 | 1mo ago | OpenClaw has Browser SSRF Policy Bypass via Interaction-Triggered Navigation | |||
| CVE-2026-39475 | high | 7.6 | 7.6 | 2mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Fe… | |||
| CVE-2026-32606 | high | 7.6 | 7.6 | 3mo ago | IncusOS has a LUKS encryption bypass due to insufficient TPM policy in github.com/lxc/incus-os/incus-osd | |||
| CVE-2026-32459 | high | 7.6 | 7.6 | 3mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects Up… | |||
| CVE-2026-3051 | high | 7.6 | 7.6 | 3mo ago | A vulnerability has been found in DataLinkDC dinky up to 1.2.5. The affected element is the function getProjectDir of the file dinky-admin/src/main/java/org/dinky/utils/GitRepository.java of the comp… | |||
| CVE-2026-2469 | high | 7.6 | 7.6 | 4mo ago | ImapEngine affected by command injection via the ID command parameters | |||
| CVE-2026-24624 | high | 7.6 | 7.6 | 4mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in saeros1984 Neoforum neoforum allows Blind SQL Injection.This issue affects Neoforum: from n/a thr… | |||
| CVE-2026-9757 | high | 7.5 | 7.5 | 1d ago | The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $_SERVER['QUERY… | |||
| CVE-2026-7459 | high | 7.5 | 7.5 | 1d ago | The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated (Subscriber+) account takeover in all versions up to, and including, 5.26.0 via the ev… | |||
| CVE-2026-47123 | high | 7.5 | 7.5 | 2d ago | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processing pipeline in FreeScout's FetchEmails command has two code paths for identifyin… | |||
| CVE-2026-44422 | high | 7.5 | 7.5 | 2d ago | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without track… | |||
| CVE-2026-49372 | high | 7.5 | 7.5 | 2d ago | In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible | |||
| CVE-2026-10108 | high | 7.5 | 7.5 | 2d ago | xiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/{file_path:path} endpoint that allows unauthenticated attackers to read arbitrary files outside the intende… | |||
| CVE-2026-10069 | high | 7.5 | 7.5 | 2d ago | A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be la… | |||
| CVE-2026-10073 | high | 7.5 | 7.5 | 2d ago | DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative Path Traversal to download arbitrary system files. | |||
| CVE-2026-10056 | high | 7.5 | 7.5 | 2d ago | CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before version 6.1.2, when running in the default Standard security mode, on Linux and Windows allows an unauthenticated remote a… | |||
| CVE-2026-9990 | high | 7.5 | 7.5 | 3d ago | Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruptio… | |||
| CVE-2026-9963 | high | 7.5 | 7.5 | 3d ago | Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox vi… | |||
| CVE-2026-9960 | high | 7.5 | 7.5 | 3d ago | Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font fi… | |||
| CVE-2026-9956 | high | 7.5 | 7.5 | 3d ago | Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML pag… | |||
| CVE-2026-9954 | high | 7.5 | 7.5 | 3d ago | Use after free in TabStrip in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a craft… | |||
| CVE-2026-9934 | high | 7.5 | 7.5 | 3d ago | Use after free in Aura in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Ch… | |||
| CVE-2026-9933 | high | 7.5 | 7.5 | 3d ago | Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted … | |||
| CVE-2026-9922 | high | 7.5 | 7.5 | 3d ago | Use after free in GPU in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium s… | |||
| CVE-2026-9909 | high | 7.5 | 7.5 | 3d ago | Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page… | |||
| CVE-2026-9901 | high | 7.5 | 7.5 | 3d ago | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium securi… | |||
| CVE-2026-10009 | high | 7.5 | 7.5 | 3d ago | Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page… | |||
| CVE-2026-10006 | high | 7.5 | 7.5 | 3d ago | Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-10005 | high | 7.5 | 7.5 | 3d ago | Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a craft… | |||
| CVE-2026-10003 | high | 7.5 | 7.5 | 3d ago | Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (C… | |||
| CVE-2026-48116 | high | 7.5 | 7.5 | 3d ago | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the filesystem-search-files agent skill passes its LLM-con… | |||
| CVE-2026-39929 | high | 7.5 | 7.5 | 3d ago | Lakeside SysTrack Agent versions prior to 11.2.1.28, 11.3.0.38, 11.4.0.24, 11.5.0.15 contain an out-of-bounds read vulnerability in the Command ID 30 UDP packet handler that allows remote attackers t… | |||
| CVE-2026-10044 | high | 7.5 | 7.5 | 3d ago | Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/{filename} endpoint on Windows deployments that allows unauthenticated remote attack… | |||
| CVE-2026-46835 | high | 7.5 | 7.5 | 3d ago | Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with n… | |||
| CVE-2026-46834 | high | 7.5 | 7.5 | 3d ago | Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with n… | |||
| CVE-2026-46829 | high | 7.5 | 7.5 | 3d ago | Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ… | |||
| CVE-2026-49128 | high | 7.5 | 7.5 | 3d ago | Music Player Daemon (MPD) before version 0.24.11 contains a path traversal vulnerability in LocalStorage::MapFSOrThrow and LocalStorage::MapUTF8 within the local storage plugin, where the on-disk pat… | |||
| CVE-2026-32847 | high | 7.5 | 7.5 | 3d ago | DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in new_ui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying… | |||
| CVE-2026-41565 | high | 7.5 | 7.5 | 3d ago | CryptX versions before 0.088_001 for Perl have a stack buffer overflow in four AEAD decrypt_verify helpers. The gcm_decrypt_verify, ccm_decrypt_verify, chacha20poly1305_decrypt_verify and eax_decryp… | |||
| CVE-2026-35672 | high | 7.5 | 7.5 | 3d ago | phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in API v4.0 where the default empty api.apiClientToken allows unauthenticated users to create and modify FAQ entries. Attackers c… | |||
| CVE-2026-46177 | high | 7.5 | 7.5 | 3d ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: Add limits to event and receive message requests The driver would just fetch events and receive messages until the BMC said… | |||
| CVE-2026-46133 | high | 7.5 | 7.5 | 3d ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 ("RDMA/rxe: Validate pad and ICRC… | |||
| CVE-2026-46124 | high | 7.5 | 7.5 | 3d ago | In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofs_export_iget isofs_fh_to_dentry() and isofs_fh_to_parent() pass an atta… | |||
| CVE-2026-46114 | high | 7.5 | 7.5 | 3d ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads atomic_write_reply() at drivers/infiniband/sw/rxe/rxe_resp.c unconditionally de… | |||
| CVE-2026-46110 | high | 7.5 | 7.5 | 3d ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU a… | |||
| CVE-2026-7797 | high | 7.5 | 7.5 | 3d ago | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'append_where_sql' parameter in all version… | |||
| CVE-2026-32995 | high | 7.5 | 7.5 | 4d ago | The Rocket.Chat DDP method autoTranslate.translateMessage in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.5, <7.13.8, and <7.10.12 accepts a client-supplied IMessage object and passes it dir… | |||
| CVE-2026-45332 | high | 7.5 | 7.5 | 4d ago | Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcr… | |||
| CVE-2026-8361 | high | 7.5 | 7.5 | 4d ago | A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome | |||
| CVE-2026-8360 | high | 7.5 | 7.5 | 4d ago | Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll) can return a NULL pointer (i.e., when no user is logged into th… | |||
| CVE-2026-8359 | high | 7.5 | 7.5 | 4d ago | When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would b… | |||
| CVE-2026-45104 | high | 7.5 | 7.5 | 4d ago | MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls _SLDApplyRuleValues(psRule, psLayer, 1); for any <Rule> carrying <ElseFil… | |||
| CVE-2026-44635 | high | 7.5 | 7.5 | 4d ago | Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters (., [, ], *, **, ?). When attacker-controlle… | |||
| CVE-2026-45088 | high | 7.5 | 7.5 | 4d ago | Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file` | |||
| CVE-2026-45090 | high | 7.5 | 7.5 | 4d ago | Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both wri… | |||
| CVE-2026-48151 | high | 7.5 | 7.5 | 4d ago | Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for… | |||
| CVE-2026-45047 | high | 7.5 | 7.5 | 4d ago | Bird-lg-go has a Fatal Out-of-Memory (OOM) Denial of Service via Unbounded JSON Decoding | |||
| CVE-2026-42459 | high | 7.5 | 7.5 | 4d ago | free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Da… | |||
| CVE-2026-44316 | high | 7.5 | 7.5 | 4d ago | free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler (HandleCreateSmPolicyRequest) panics with a nil-pointe… | |||
| CVE-2026-44319 | high | 7.5 | 7.5 | 4d ago | free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNo… | |||
| CVE-2026-44321 | high | 7.5 | 7.5 | 4d ago | free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks c… | |||
| CVE-2026-44322 | high | 7.5 | 7.5 | 4d ago | free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF PATCH /3gpp-pfd-management/v1/{afId}/transactions/{transId}/applications/{appId} handler panics with a n… | |||
| CVE-2026-44325 | high | 7.5 | 7.5 | 4d ago | free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NRF root SBI endpoint POST /oauth2/token contains a parser-level type-confusion bug family. The handler in N… | |||
| CVE-2026-44902 | high | 7.5 | 7.5 | 4d ago | opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics en… | |||
| CVE-2026-48544 | high | 7.5 | 7.5 | 4d ago | Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.get_resource() method in taipy/gui/extension/library.py that allows unauthenticated attackers to es… | |||
| CVE-2026-48922 | high | 7.5 | 7.5 | 4d ago | Jenkins Credentials Binding Plugin 720.v3f6decef43ea_ and earlier does not properly sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to w… | |||
| CVE-2026-48921 | high | 7.5 | 7.5 | 4d ago | Jenkins Pipeline: Groovy Libraries Plugin 797.v90ea_a_9b_e45a_0 and earlier does not prohibit symbolic links in shared libraries, allowing attackers able to control the content of a library used by a… |