Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22874
Total
1630
Critical
7150
High
7293
Medium
CVE ID Severity Score Description Published
CVE-2026-59828 MEDIUM 5.3 Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked … Jul 09, 2026
CVE-2026-58144 MEDIUM 5.4 Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying … Jul 09, 2026
CVE-2026-58143 HIGH 8.8 Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into … Jul 09, 2026
CVE-2026-58123 CRITICAL 9.8 Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary shell commands by accessing the embedded terminal … Jul 09, 2026
CVE-2026-58122 CRITICAL 9.1 Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints by supplying a … Jul 09, 2026
CVE-2026-57054 MEDIUM 5.8 A Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based … Jul 09, 2026
CVE-2026-57032 MEDIUM 6.5 An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on EX Series devices allows an authenticated … Jul 09, 2026
CVE-2026-57031 MEDIUM 4.7 An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows adjacent … Jul 09, 2026
CVE-2026-57030 MEDIUM 5.9 A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX … Jul 09, 2026
CVE-2026-57029 MEDIUM 5.3 A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause … Jul 09, 2026
CVE-2026-57028 HIGH 7.3 An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. … Jul 09, 2026
CVE-2026-57027 MEDIUM 6.5 A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series devices … Jul 09, 2026
CVE-2026-57026 HIGH 7.5 An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX … Jul 09, 2026
CVE-2026-57025 MEDIUM 5.5 A Return of Pointer Value Outside of Expected Range vulnerability in the fileio library of Juniper Networks Junos OS and Junos OS Evolved allows a … Jul 09, 2026
CVE-2026-57024 MEDIUM 5.3 A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX with SPC3 and SRX … Jul 09, 2026
CVE-2026-57023 HIGH 7.5 An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of Juniper Networks Junos OS on MX Series with SPC3, and … Jul 09, 2026
CVE-2026-57022 MEDIUM 5.9 An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX with SPC3 and … Jul 09, 2026
CVE-2026-57021 MEDIUM 5.3 An Out-of-bounds Write vulnerability in the http-gatekeeper (http-gk) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service … Jul 09, 2026
CVE-2026-57020 MEDIUM 6.5 An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on QFX10000 Series allows an … Jul 09, 2026
CVE-2026-57019 MEDIUM 6.5 An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an … Jul 09, 2026
CVE-2026-55689 MEDIUM 6.8 OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA's OIDC authenticator skipped JWT audience validation when authn.method was set to oidc, authn.oidc.issuer … Jul 09, 2026
CVE-2026-55605 MEDIUM 5.3 DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of `@arikusi/deepseek-mcp-server` … Jul 09, 2026
CVE-2026-55604 HIGH 8.6 DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global `SessionStore` accepts caller-supplied `session_id` … Jul 09, 2026
CVE-2026-55424 UNKNOWN Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a topic "featured link" was not sufficiently normalized and escaped before being … Jul 09, 2026
CVE-2026-55170 UNKNOWN OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, when MySQL is being used as the datastore and authorization decisions rely on case-sensitive … Jul 09, 2026