CVEs from 2026
Total
14,036
critical
critical 1,232
high
high 4,634
medium
medium 4,444
low
low 484
% Critical
8.8%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 522
- firepower_threat_defense_software 300
- firepower_threat_defense 298
- gcp 239
- openclaw 172
- commerce 104
- commerce_b2b 89
- grafana 80
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-24481 | unknown | — | — | 3mo ago | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMag… | |||
| CVE-2026-26198 | unknown | — | — | 3mo ago | Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate queries, Ormar ORM constructs SQL expressions by passing user-supplied column names directly into `sq… | |||
| CVE-2026-23552 | unknown | — | — | 3mo ago | Apache Camel: KeycloakSecurityPolicy does not validate issuer of JWT tokens against configured realm | |||
| CVE-2026-25747 | unknown | — | — | 3mo ago | Apache Camel Deserializes Untrusted Data in its LevelDB Component | |||
| CVE-2026-21620 | unknown | — | — | 3mo ago | Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file module… | |||
| CVE-2026-24122 | unknown | — | — | 3mo ago | Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be conside… | |||
| CVE-2026-2733 | unknown | — | — | 3mo ago | Keycloak: Missing Check on Disabled Client for Docker Registry Protocol | |||
| CVE-2026-26318 | unknown | — | — | 3mo ago | systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized `locate` output in `versions()`. Version 5.31.0 fixe… | |||
| CVE-2026-26280 | unknown | — | — | 4mo ago | systeminformation is a System and OS information library for node.js. In versions prior to 5.30.8, a command injection vulnerability in the `wifiNetworks()` function allows an attacker to execute arb… | |||
| CVE-2026-24708 | unknown | — | — | 4mo ago | An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user ma… | |||
| CVE-2026-27100 | unknown | — | — | 4mo ago | Jenkins has a build information disclosure vulnerability through Run Parameter | |||
| CVE-2026-27099 | unknown | — | — | 4mo ago | Jenkins has a stored XSS vulnerability in node offline cause description | |||
| CVE-2026-24734 | unknown | — | — | 4mo ago | Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verific… | |||
| CVE-2026-24733 | unknown | — | — | 4mo ago | Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny… | |||
| CVE-2026-25903 | unknown | — | — | 4mo ago | Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates | |||
| CVE-2026-26000 | unknown | — | — | 4mo ago | XWiki vulnerable to click-jacking through CSS injection in comments | |||
| CVE-2026-26010 | unknown | — | — | 4mo ago | Leaky JWTs in OpenMetadata exposing highly-privileged bot users | |||
| CVE-2026-23901 | unknown | — | — | 4mo ago | Apache Shiro Affected by an Observable Timing Discrepancy Vulnerability | |||
| CVE-2026-23906 | unknown | — | — | 4mo ago | Apache Druid Vulnerable to Authentication Bypass | |||
| CVE-2026-25934 | unknown | — | — | 4mo ago | go-git is a highly extensible git implementation library written in pure Go. Prior to 5.16.5, a vulnerability was discovered in go-git whereby data integrity values for .pack and .idx files were not … | |||
| CVE-2026-1486 | unknown | — | — | 4mo ago | Keycloak fails to verify if an Identity Provider (IdP) is enabled before issuing tokens | |||
| CVE-2026-1529 | unknown | — | — | 4mo ago | Keycloak affected by improper invitation token validation | |||
| CVE-2026-23903 | unknown | — | — | 4mo ago | Apache Shiro has an Authentication Bypass | |||
| CVE-2026-1337 | unknown | — | — | 4mo ago | Neo4j Enterprise and Community editions have insufficient escaping of unicode characters in query log | |||
| CVE-2026-1622 | unknown | — | — | 4mo ago | Neo4j Enterprise and Community vulnerable to a potential information disclosure | |||
| CVE-2026-23795 | unknown | — | — | 4mo ago | Apache Syncope: Console XXE on Keymaster parameters | |||
| CVE-2026-23794 | unknown | — | — | 4mo ago | Apache Syncope: Reflected XSS on Enduser Login | |||
| CVE-2026-25526 | unknown | — | — | 4mo ago | JinJava Bypass through ForTag leads to Arbitrary Java Execution | |||
| CVE-2026-24051 | unknown | — | — | 4mo ago | OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking (Untrusted Search Paths) on macOS/Darwin systems. The re… | |||
| CVE-2026-1770 | unknown | — | — | 4mo ago | Crafter CMS has Improper Control of Dynamically-Managed Code Resources | |||
| CVE-2026-1703 | unknown | — | — | 4mo ago | When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation dir… | |||
| CVE-2026-1518 | unknown | — | — | 4mo ago | Keycloak Server-Side Request Forgery (SSRF) vulnerability | |||
| CVE-2026-23038 | unknown | — | — | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() In nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versi… | |||
| CVE-2026-23037 | unknown | — | — | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: allow partial RX URB allocation to succeed When es58x_alloc_rx_urbs() fails to allocate the requested number of … | |||
| CVE-2026-23033 | unknown | — | — | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool resource leak in error paths The dma_pool created by dma_pool_create() is not destroyed when dm… | |||
| CVE-2026-23032 | unknown | — | — | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: null_blk: fix kmemleak by releasing references to fault configfs items When CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled, t… | |||
| CVE-2026-23031 | unknown | — | — | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open(), the URBs for USB-in transfers are allocated, a… | |||
| CVE-2026-23030 | unknown | — | — | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The for_each_available_child_of_node() calls of_node_… | |||
| CVE-2026-24739 | unknown | — | — | 4mo ago | Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not cor… | |||
| CVE-2026-24765 | unknown | — | — | 4mo ago | PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in… | |||
| CVE-2026-24747 | unknown | — | — | 4mo ago | PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`… | |||
| CVE-2026-24819 | unknown | — | — | 4mo ago | weixin4j has Improperly Controlled Sequential Memory Allocation | |||
| CVE-2026-24802 | unknown | — | — | 4mo ago | jsonrpc4j has Infinite Loop in RPC Stream Writer | |||
| CVE-2026-24806 | unknown | — | — | 4mo ago | Quick-Media Batik Codec FIX package has Code Injection vulnerability | |||
| CVE-2026-24686 | unknown | — | — | 4mo ago | go-tuf is a Go implementation of The Update Framework (TUF). go-tuf's TAP 4 Multirepo Client uses the map file repository name string (`repoName`) as a filesystem path component when selecting the lo… | |||
| CVE-2026-24400 | unknown | — | — | 4mo ago | AssertJ has XML External Entity (XXE) vulnerability when parsing untrusted XML via isXmlEqualTo assertion | |||
| CVE-2026-1190 | unknown | — | — | 4mo ago | Keycloak's missing timestamp validation allows attackers to extend SAML response validity periods | |||
| CVE-2026-24656 | unknown | — | — | 4mo ago | Apache Karaf Decanter has Deserialization of Untrusted Data in its Log Socket Collector | |||
| CVE-2026-24128 | unknown | — | — | 4mo ago | XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages | |||
| CVE-2026-0603 | unknown | — | — | 4mo ago | Hibernate vulnerable to SQL Injection | |||
| CVE-2026-0775 | unknown | — | — | 4mo ago | npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker mu… | |||
| CVE-2026-24137 | unknown | — | — | 4mo ago | sigstore framework is a common go library shared across sigstore services and clients. In versions 1.10.3 and below, the legacy TUF client (pkg/tuf/client.go) supports caching target files to disk. I… | |||
| CVE-2026-23954 | unknown | — | — | 4mo ago | Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use d… | |||
| CVE-2026-23953 | unknown | — | — | 4mo ago | Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ grou… | |||
| CVE-2026-24117 | unknown | — | — | 4mo ago | Rekor is a software supply chain transparency log. In versions 1.4.3 and below, attackers can trigger SSRF to arbitrary internal services because /api/v1/index/retrieve supports retrieving a public k… | |||
| CVE-2026-23831 | unknown | — | — | 4mo ago | Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec… | |||
| CVE-2026-1225 | unknown | — | — | 4mo ago | Logback allows an attacker to instantiate classes already present on the class path | |||
| CVE-2026-23992 | unknown | — | — | 4mo ago | go-tuf is a Go implementation of The Update Framework (TUF). Starting in version 2.0.0 and prior to version 2.3.1, a compromised or misconfigured TUF repository can have the configured value of signa… | |||
| CVE-2026-23991 | unknown | — | — | 4mo ago | go-tuf is a Go implementation of The Update Framework (TUF). Starting in version 2.0.0 and prior to version 2.3.1, if the TUF repository (or any of its mirrors) returns invalid TUF metadata JSON (val… | |||
| CVE-2026-22444 | unknown | — | — | 4mo ago | Apache Solr: Insufficient file-access checking in standalone core-creation requests | |||
| CVE-2026-22022 | unknown | — | — | 4mo ago | Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin | |||
| CVE-2026-1035 | unknown | — | — | 4mo ago | Keycloak does not validate and update refresh token usage atomically | |||
| CVE-2026-23952 | unknown | — | — | 4mo ago | ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting La… | |||
| CVE-2026-23874 | unknown | — | — | 4mo ago | ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL (Magick Scripting Languag… | |||
| CVE-2026-22770 | unknown | — | — | 4mo ago | ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in … | |||
| CVE-2026-1180 | unknown | — | — | 4mo ago | Keycloak’s OpenID Connect Dynamic Client Registration feature affected by Server-Side Request Forgery (SSRF) | |||
| CVE-2026-23528 | unknown | — | — | 5mo ago | Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which wi… | |||
| CVE-2026-1002 | unknown | — | — | 5mo ago | Vert.x Web static handler component cache can be manipulated to deny the access to static files | |||
| CVE-2026-0976 | unknown | — | — | 5mo ago | Keycloak has an improper input validation vulnerability | |||
| CVE-2026-22036 | unknown | — | — | 5mo ago | Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0, the number of links in the decompression chain is unbounded and the default maxHeaderSize allows a malicious server to insert tho… | |||
| CVE-2026-22772 | unknown | — | — | 5mo ago | Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.5, Fulcio's metaRegex() function uses unanchored regex, allowing attackers … | |||
| CVE-2026-22702 | unknown | — | — | 5mo ago | virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform sym… | |||
| CVE-2026-22701 | unknown | — | — | 5mo ago | filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker … | |||
| CVE-2026-22703 | unknown | — | — | 5mo ago | Cosign provides code signing and transparency for containers and binaries. Prior to versions 2.6.2 and 3.0.4, Cosign bundle can be crafted to successfully verify an artifact even if the embedded Reko… | |||
| CVE-2026-0707 | unknown | — | — | 5mo ago | Keycloak has Incorrect Behavior Order: Authorization Before Parsing and Canonicalization | |||
| CVE-2026-22186 | unknown | — | — | 5mo ago | Bio-Formats has an XML External Entity (XXE) vulnerability | |||
| CVE-2026-22187 | unknown | — | — | 5mo ago | Bio-Formats performs unsafe Java deserialization of attacker-controlled memoization cache files (.bfmemo) during image processing | |||
| CVE-2026-22244 | unknown | — | — | 5mo ago | OpenMetadata's Server-Side Template Injection (SSTI) in FreeMarker email templates leads to RCE | |||
| CVE-2026-21885 | unknown | — | — | 5mo ago | Miniflux 2 is an open source feed reader. Prior to version 2.2.16, Miniflux's media proxy endpoint (`GET /proxy/{encodedDigest}/{encodedURL}`) can be abused to perform Server-Side Request Forgery (SS… | |||
| CVE-2026-21892 | unknown | — | — | 5mo ago | Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsaf… | |||
| CVE-2026-21452 | unknown | — | — | 5mo ago | MessagePack for Java Vulnerable to Remote DoS via Malicious EXT Payload Allocation |