Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
14240
Total
958
Critical
4175
High
4515
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-24164 | HIGH | 8.8 | NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code … | Mar 31, 2026 |
| CVE-2026-24154 | HIGH | 7.6 | NVIDIA Jetson Linux has vulnerability in initrd, where an unprivileged attacker with physical access coul inject incorrect command line arguments. A successful exploit of this … | Mar 31, 2026 |
| CVE-2026-24153 | MEDIUM | 5.2 | NVIDIA Jetson Linux has a vulnerability in initrd, where the nvluks trusted application is not disabled. A successful exploit of this vulnerability might lead to … | Mar 31, 2026 |
| CVE-2026-24148 | HIGH | 8.3 | NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an … | Mar 31, 2026 |
| CVE-2026-5204 | HIGH | 8.8 | A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component Parameter Handler. This manipulation of … | Mar 31, 2026 |
| CVE-2026-5203 | MEDIUM | 4.7 | A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function _copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module … | Mar 31, 2026 |
| CVE-2026-5087 | UNKNOWN | — | PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely. PAGI::Middleware::Session::Store::Cookie attempts to read bytes from the /dev/urandom device directly. If that fails (for example, … | Mar 31, 2026 |
| CVE-2026-4819 | MEDIUM | 4.9 | In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana. | Mar 31, 2026 |
| CVE-2026-4818 | MEDIUM | 6.8 | In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management … | Mar 31, 2026 |
| CVE-2026-34595 | UNKNOWN | — | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.70 and 9.7.0-alpha.18, an … | Mar 31, 2026 |
| CVE-2026-34574 | UNKNOWN | — | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.69 and 9.7.0-alpha.14, an … | Mar 31, 2026 |
| CVE-2026-34573 | UNKNOWN | — | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, the … | Mar 31, 2026 |
| CVE-2026-34243 | CRITICAL | 9.8 | wenxian is a tool to generate BIBTEX files from given identifiers (DOI, PMID, arXiv ID, or paper title). In versions 0.3.1 and prior, a GitHub … | Mar 31, 2026 |
| CVE-2026-34240 | HIGH | 7.5 | JOSE is a Javascript Object Signing and Encryption (JOSE) library. Prior to version 0.3.5+1, a vulnerability in jose could allow an unauthenticated, remote attacker to … | Mar 31, 2026 |
| CVE-2026-34237 | MEDIUM | 6.1 | MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded … | Mar 31, 2026 |
| CVE-2026-34235 | UNKNOWN | — | PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's … | Mar 31, 2026 |
| CVE-2026-34231 | MEDIUM | 6.1 | Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting (XSS) vulnerability exists in the {% attrs %} template tag … | Mar 31, 2026 |
| CVE-2026-34227 | UNKNOWN | — | Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives … | Mar 31, 2026 |
| CVE-2026-34221 | UNKNOWN | — | MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to versions 6.6.10 and 7.0.6, a … | Mar 31, 2026 |
| CVE-2026-34220 | UNKNOWN | — | MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to versions 6.6.10 and 7.0.6, there … | Mar 31, 2026 |
| CVE-2026-34219 | UNKNOWN | — | libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to version 0.49.4, the Rust libp2p Gossipsub implementation contains a remotely reachable … | Mar 31, 2026 |
| CVE-2026-34218 | UNKNOWN | — | ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which … | Mar 31, 2026 |
| CVE-2026-30284 | UNKNOWN | — | An arbitrary file overwrite vulnerability in UXGROUP LLC Voice Recorder v10.0 allows attackers to overwrite critical internal files via the file import process, leading to … | Mar 31, 2026 |
| CVE-2026-30281 | UNKNOWN | — | An arbitrary file overwrite vulnerability in MaruNuri LLC v2.0.23 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code … | Mar 31, 2026 |
| CVE-2026-30276 | UNKNOWN | — | An arbitrary file overwrite vulnerability in DeftPDF Document Translator v54.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary … | Mar 31, 2026 |