CVEs from 2026
Total
13,988
critical
critical 1,213
high
high 4,564
medium
medium 4,407
low
low 482
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top vendors
Top products
- chrome 503
- firepower_threat_defense_software 300
- firepower_threat_defense 298
- gcp 229
- openclaw 172
- commerce 104
- commerce_b2b 89
- saml_sso_-_service_provider 77
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-8017 | low | 3.1 | 3.1 | 27d ago | Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2026-7968 | low | 3.1 | 3.1 | 27d ago | Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafte… | |||
| CVE-2026-7966 | low | 3.1 | 3.1 | 27d ago | Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c… | |||
| CVE-2026-7965 | low | 3.1 | 3.1 | 27d ago | Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft… | |||
| CVE-2026-7959 | low | 3.1 | 3.1 | 27d ago | Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.… | |||
| CVE-2026-7954 | low | 3.1 | 3.1 | 27d ago | Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security… | |||
| CVE-2026-7949 | low | 3.1 | 3.1 | 27d ago | Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromi… | |||
| CVE-2026-7945 | low | 3.1 | 3.1 | 27d ago | Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HT… | |||
| CVE-2026-7944 | low | 3.1 | 3.1 | 27d ago | Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via … | |||
| CVE-2026-7937 | low | 3.1 | 3.1 | 27d ago | Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a c… | |||
| CVE-2026-7909 | low | 3.1 | 3.1 | 27d ago | Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pa… | |||
| CVE-2026-22741 | low | 3.1 | 3.1 | 1mo ago | Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. | |||
| CVE-2026-7360 | low | 3.1 | 3.1 | 1mo ago | Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c… | |||
| CVE-2026-7351 | low | 3.1 | 3.1 | 1mo ago | Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium se… | |||
| CVE-2026-41488 | low | 3.1 | 3.1 | 1mo ago | LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's _url_to_size() helper (used by get_num_tokens_from_messages for image token counting) va… | |||
| CVE-2026-6611 | low | 3.1 | 3.1 | 1mo ago | A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulatio… | |||
| CVE-2026-6312 | low | 3.1 | 3.1 | 2mo ago | Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML p… | |||
| CVE-2026-4590 | low | 3.1 | 3.1 | 2mo ago | A security flaw has been discovered in kalcaddle kodbox 1.64. The impacted element is an unknown function of the file /workspace/source-code/plugins/oauth/controller/bind/index.class.php of the compo… | |||
| CVE-2026-4584 | low | 3.1 | 3.1 | 2mo ago | A flaw has been found in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. This affects an unknown part of the component Cardholder Data Handler. Executing a manipulation can lead to cleartext transmissi… | |||
| CVE-2026-4477 | low | 3.1 | 3.1 | 2mo ago | A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.1_20171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-code… | |||
| CVE-2026-3668 | low | 3.1 | 3.1 | 3mo ago | A weakness has been identified in Freedom Factory dGEN1 up to 20260221. This affects the function AndroidEthereum of the component org.ethosmobile.webpwaemul. This manipulation causes improper access… | |||
| CVE-2026-3465 | low | 3.1 | 3.1 | 3mo ago | A vulnerability was determined in Tuya App and SDK 24.07.11 on Android. Affected by this vulnerability is an unknown functionality of the component JSON Data Point Handler. This manipulation of the a… | |||
| CVE-2026-3193 | low | 3.1 | 3.1 | 3mo ago | A vulnerability was detected in Chia Blockchain 2.1.0. Impacted is an unknown function of the file /send_transaction. The manipulation results in cross-site request forgery. The attack may be perform… | |||
| CVE-2026-2702 | low | 3.1 | 3.1 | 3mo ago | A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials.… | |||
| CVE-2026-1743 | low | 3.1 | 3.1 | 4mo ago | A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The mani… | |||
| CVE-2026-21947 | low | 3.1 | 3.1 | 4mo ago | Vulnerability in Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with netwo… | |||
| CVE-2026-1197 | low | 3.1 | 3.1 | 4mo ago | A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in… | |||
| CVE-2026-44072 | low | 3.0 | 3.0 | 12d ago | Netatalk 2.2.1 through 4.4.2 calls system() after a failed chdir() without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor … | |||
| CVE-2026-44218 | low | 3.0 | 3.0 | 21d ago | ciguard: Container image runs as root (no USER directive) | |||
| CVE-2026-44916 | low | 3.0 | 3.0 | 25d ago | In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing. | |||
| CVE-2026-32684 | low | 2.9 | 2.9 | 21d ago | The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information. | |||
| CVE-2026-24515 | low | 2.9 | 2.9 | 4mo ago | In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data. | |||
| CVE-2026-41963 | low | 2.8 | 2.8 | 18d ago | Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2026-10078 | low | 2.7 | 2.7 | 4d ago | A flaw was found in the Quay config-tool's GitLab OAuth validator. This vulnerability causes sensitive credentials, specifically client_id and client_secret, to be transmitted as plaintext in URL que… | |||
| CVE-2026-8477 | low | 2.7 | 2.7 | 11d ago | Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user with access to a sealed entry to retrieve its sensit… | |||
| CVE-2026-8492 | low | 2.7 | 2.7 | 14d ago | The GTranslate module provides a language switcher widget for Drupal sites. The module’s widget JavaScript did not sufficiently validate that document.currentScript referred to the executing script … | |||
| CVE-2026-5511 | low | 2.7 | 2.7 | 14d ago | In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. … | |||
| CVE-2026-2900 | low | 2.7 | 2.7 | 19d ago | GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention w… | |||
| CVE-2026-41659 | low | 2.7 | 2.7 | 1mo ago | Admidio Leaks Hidden Profile Field Values via Blind Search Oracle in Member Assignment | |||
| CVE-2026-6408 | low | 2.7 | 2.7 | 1mo ago | Tanium addressed an information disclosure vulnerability in Tanium Server. | |||
| CVE-2026-6392 | low | 2.7 | 2.7 | 1mo ago | Tanium addressed an information disclosure vulnerability in Threat Response. | |||
| CVE-2026-3307 | low | 2.7 | 2.7 | 1mo ago | An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated b… | |||
| CVE-2026-6597 | low | 2.7 | 2.7 | 1mo ago | A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flo… | |||
| CVE-2026-6570 | low | 2.7 | 2.7 | 1mo ago | A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argum… | |||
| CVE-2026-36942 | low | 2.7 | 2.7 | 2mo ago | Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php. | |||
| CVE-2026-36946 | low | 2.7 | 2.7 | 2mo ago | Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view_details.php. | |||
| CVE-2026-36874 | low | 2.7 | 2.7 | 2mo ago | Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_student.php. | |||
| CVE-2026-39510 | low | 2.7 | 2.7 | 2mo ago | Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control S… | |||
| CVE-2026-4957 | low | 2.7 | 2.7 | 2mo ago | A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handle_tool_call of the file XAgent/function_handler.py of the component API Key Handler. This mani… | |||
| CVE-2026-4285 | low | 2.7 | 2.7 | 3mo ago | A vulnerability was identified in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. Impacted is the function recognizeMarkdown of the file yudao-module-digitalcourse/yudao-module… | |||
| CVE-2026-3911 | low | 2.7 | 2.7 | 3mo ago | Keycloak: Information disclosure of disabled user attributes via administrative endpoint | |||
| CVE-2026-1588 | low | 2.7 | 2.7 | 4mo ago | A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.o… | |||
| CVE-2026-22597 | low | 2.7 | 2.7 | 5mo ago | Ghost has SSRF via External Media Inliner | |||
| CVE-2026-45155 | low | 2.6 | 2.6 | 23h ago | Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add u… | |||
| CVE-2026-45154 | low | 2.6 | 2.6 | 23h ago | Nextcloud is an open source content collaboration platform. From version 2.6.0 to before version 4.3.0, when a previous collective pages was deleted and the collective was shared view-only, guests wi… | |||
| CVE-2026-9248 | low | 2.6 | 2.6 | 11d ago | Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write access to any vault to copy documentation and attachments from an entry in a vault … | |||
| CVE-2026-7847 | low | 2.6 | 2.6 | 28d ago | Langchain-Chatchat Uses Insufficiently Random Values | |||
| CVE-2026-7846 | low | 2.6 | 2.6 | 28d ago | Langchain-Chatchat has a Race Condition in its OpenAI-Compatible File Upload API | |||
| CVE-2026-7845 | low | 2.6 | 2.6 | 28d ago | Langchain-Chatchat Uses a Broken or Risky Cryptographic Algorithm | |||
| CVE-2026-45403 | low | 2.5 | 2.5 | 5d ago | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the AnythingLLM agent filesystem copy tool validates only … | |||
| CVE-2026-45570 | low | — | 2.5 | 6d ago | go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, go-git's SSH transport constructs the remote exec command by wrapping the repository path in … | |||
| CVE-2026-35202 | low | — | 2.5 | 7d ago | Pterodactyl has a database resource limit bypass via race condition in Client API | |||
| CVE-2026-46554 | low | — | 2.5 | 12d ago | NocoDB: Stale Auth Cache After API Token Deletion | |||
| CVE-2026-46553 | low | — | 2.5 | 12d ago | NocoDB: Attachment Size Limit Bypass via Upload-by-URL | |||
| CVE-2026-46549 | low | — | 2.5 | 12d ago | NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation | |||
| CVE-2026-46668 | low | — | 2.5 | 12d ago | SpiceDB: Caveat structures with nested lists can result in improper cache reuse | |||
| CVE-2026-46497 | low | — | 2.5 | 12d ago | Crawlee for Python: SSRF via sitemap-derived URLs | |||
| CVE-2026-45305 | low | — | 2.5 | 13d ago | Symfony's YAML Parser has a ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex | |||
| CVE-2026-45072 | low | — | 2.5 | 13d ago | Symfony Vulnerable to stored XSS in WebProfiler CodeExtension::fileExcerpt() — Unescaped Non-PHP File Rendering | |||
| CVE-2026-45071 | low | — | 2.5 | 13d ago | Symfony has XXE (Local File Disclosure) in DomCrawler::addXmlContent() via validateOnParse = true | |||
| CVE-2026-45133 | low | — | 2.5 | 13d ago | Symfony hardened the parser when handling untrusted input | |||
| CVE-2026-45304 | low | — | 2.5 | 13d ago | Symfony's YAML Parser Vulnerable to Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs") | |||
| CVE-2026-46637 | low | — | 2.5 | 13d ago | Twig: HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']` | |||
| CVE-2026-46629 | low | — | 2.5 | 13d ago | twig/intl-extra: Unbounded formatter memoisation in keyed on template-controlled arguments | |||
| CVE-2026-46628 | low | — | 2.5 | 13d ago | Twig: The `spaceless` filter implicitly marks its output as safe | |||
| CVE-2026-46635 | low | — | 2.5 | 13d ago | Twig: Sandbox property allowlist bypass via the `column` filter (array_column on objects) | |||
| CVE-2026-46342 | low | — | 2.5 | 14d ago | Nuxt: `__nuxt_island` endpoint does not bind responses to request props, enabling shared-cache poisoning | |||
| CVE-2026-45739 | low | — | 2.5 | 14d ago | Strawberry GraphQL: Default GraphiQL may expose HTTP headers in URLs | |||
| CVE-2026-39373 | low | — | 2.5 | 15d ago | Low: python-jwcrypto security update | |||
| CVE-2026-45683 | low | — | 2.5 | 15d ago | OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure | |||
| CVE-2026-2728 | low | — | 2.5 | 15d ago | LibreNMS: Cross-Site Scripting in ShowConfigController | |||
| CVE-2026-44638 | low | 2.5 | 2.5 | 19d ago | libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel_decode_raw and sixel_decode causes a NULL pointe… | |||
| CVE-2026-44970 | low | — | 2.5 | 19d ago | dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction | |||
| CVE-2026-44969 | low | — | 2.5 | 19d ago | dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled | |||
| CVE-2026-44348 | low | 2.5 | 2.5 | 19d ago | PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_hash_to_sign() in src/podofo/private/OpenSSLInternal_Ripped.cpp. If EVP_DigestFin… | |||
| CVE-2026-43529 | low | 2.5 | 2.5 | 28d ago | OpenClaw: TOCTOU read in exec script preflight | |||
| CVE-2026-43864 | low | 2.5 | 2.5 | 29d ago | mutt before 2.3.2 has a show_sig_summary NULL pointer dereference. | |||
| CVE-2026-29051 | low | — | 2.5 | 1mo ago | melange has Path Traversal via .PKGINFO in --persist-lint-results | |||
| CVE-2026-35377 | low | — | 2.5 | 1mo ago | uutils coreutils has an Improper Input Validation Issue in its env Utility | |||
| CVE-2026-35381 | low | — | 2.5 | 1mo ago | A logic error in the cut utility of uutils coreutils causes the utility to ignore the -s (only-delimited) flag when using the -z (null-terminated) and -d '' (empty delimiter) options together. The im… | |||
| CVE-2026-35362 | low | — | 2.5 | 1mo ago | The safe_traversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use (TOCTOU) symlink races using file-descriptor-relative syscalls, is incorrectly limited to… | |||
| CVE-2026-35361 | low | — | 2.5 | 1mo ago | The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std… | |||
| CVE-2026-35353 | low | — | 2.5 | 1mo ago | The mkdir utility in uutils coreutils incorrectly applies permissions when using the -m flag by creating a directory with umask-derived permissions (typically 0755) before subsequently changing them … | |||
| CVE-2026-35346 | low | — | 2.5 | 1mo ago | The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::from_utf8_lossy(), which replaces invalid UTF-8 b… | |||
| CVE-2026-35367 | low | — | 2.5 | 1mo ago | The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes the file to inherit umask-based permissions, typicall… | |||
| CVE-2026-22746 | low | — | 2.5 | 1mo ago | Spring Security Vulnerable to User Attribute Enumeration when Using DaoAuthenticationProvider | |||
| CVE-2026-27769 | low | — | 2.5 | 2mo ago | Mattermost doesn't validate whether users were correctly owned by the correct Connected Workspace | |||
| CVE-2026-21388 | low | — | 2.5 | 2mo ago | Mattermost MS Teams plugin doesn't limit the request body size on the /lifecycle webhook endpoint | |||
| CVE-2026-1340 | unknown | — | 2.5 | 2mo ago | Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution. | |||
| CVE-2026-34197 | unknown | — | 2.5 | 2mo ago | Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection. |