Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23813
Total
1705
Critical
7468
High
7599
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-38972 | UNKNOWN | — | Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, … | Jul 02, 2026 |
| CVE-2026-38971 | UNKNOWN | — | ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_serial_control.cpp in GCS_MAVLINK::handle_serial_control(). | Jul 02, 2026 |
| CVE-2026-38970 | UNKNOWN | — | pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext() and parseArray() without … | Jul 02, 2026 |
| CVE-2026-38969 | UNKNOWN | — | ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling. | Jul 02, 2026 |
| CVE-2026-38968 | UNKNOWN | — | ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during … | Jul 02, 2026 |
| CVE-2026-59102 | MEDIUM | 5.4 | Forgejo before 15.0.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript in other users' browsers by setting a full … | Jul 02, 2026 |
| CVE-2026-59101 | MEDIUM | 5.8 | AutoBangumi before 3.2.8 contains a server-side request forgery (SSRF) vulnerability that allows unauthenticated remote attackers to probe internal network services by supplying arbitrary host values … | Jul 02, 2026 |
| CVE-2026-59100 | MEDIUM | 5.0 | LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying … | Jul 02, 2026 |
| CVE-2026-59099 | CRITICAL | 9.1 | Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse … | Jul 02, 2026 |
| CVE-2026-59098 | MEDIUM | 6.5 | LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by … | Jul 02, 2026 |
| CVE-2026-59097 | MEDIUM | 5.3 | Taiga before 6.10.2 contains a missing authorization vulnerability that allows unauthenticated remote attackers to create default due-date records in any project by exploiting unprotected POST … | Jul 02, 2026 |
| CVE-2026-59096 | HIGH | 7.5 | Dapr Sentry's OIDC discovery endpoint derives the issuer and jwks_uri of the /.well-known/openid-configuration document from the request Host, honoring an attacker-controlled X-Forwarded-Host header without validation … | Jul 02, 2026 |
| CVE-2026-59095 | HIGH | 7.7 | LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to direct internal HTTP requests to arbitrary URLs by supplying user-controlled input … | Jul 02, 2026 |
| CVE-2026-59094 | HIGH | 7.5 | Pathway through 0.31.1, fixed in commit d09722e, document store applies a caller-supplied glob pattern to indexed document paths using a hand-written recursive matcher that branches … | Jul 02, 2026 |
| CVE-2026-59093 | HIGH | 8.8 | Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by the assigned role. The assignRoleToUser and … | Jul 02, 2026 |
| CVE-2026-59092 | HIGH | 7.7 | JuiceFS through 1.3.1, fixed in commit a46979c, contains an authentication bypass vulnerability that allows unauthenticated remote attackers to access sensitive debug and metrics endpoints by … | Jul 02, 2026 |
| CVE-2026-58580 | MEDIUM | 5.9 | LobeChat through 2.2.9 server-database deployments are vulnerable to broken object-level authorization in MessageModel. The updateMessagePlugin, updatePluginState, updatePluginError, updateTTS and updateTranslate methods filter target rows by … | Jul 02, 2026 |
| CVE-2026-58579 | MEDIUM | 5.4 | RAGFlow before 0.26.3 stores an agent pipeline (DSL) node name without sanitization: the agent update endpoint normalizes the submitted DSL via normalize_dsl, which only performs … | Jul 02, 2026 |
| CVE-2026-58578 | MEDIUM | 6.5 | LobeChat before version 2.2.10-canary.15 contains a regular expression denial of service (ReDoS) vulnerability that allows authenticated attackers to block the Node.js event loop by supplying … | Jul 02, 2026 |
| CVE-2026-58467 | HIGH | 7.5 | Cockpit CMS before release 364 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP … | Jul 02, 2026 |
| CVE-2026-58466 | CRITICAL | 9.8 | AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials … | Jul 02, 2026 |
| CVE-2026-58381 | MEDIUM | 6.1 | A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the read_layer_block() function when processing a specially crafted PSP file. … | Jul 02, 2026 |
| CVE-2026-52187 | UNKNOWN | — | Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component | Jul 02, 2026 |
| CVE-2025-71385 | MEDIUM | 6.1 | Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document (into a text element) … | Jul 02, 2026 |
| CVE-2026-7311 | HIGH | 8.1 | The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in … | Jul 02, 2026 |