Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2025-71216 | HIGH | 7.8 | A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent cache mechanism could allow a local attacker to escalate privileges on affected installations. … | May 21, 2026 |
| CVE-2025-71215 | HIGH | 7.0 | A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service signature verification could allow a local attacker to escalate privileges on … | May 21, 2026 |
| CVE-2025-71214 | HIGH | 7.8 | An origin validation error vulnerability in the Trend Micro Apex One (mac) agent iCore service could allow a local attacker to escalate privileges on affected … | May 21, 2026 |
| CVE-2025-71213 | HIGH | 7.8 | An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker … | May 21, 2026 |
| CVE-2025-71212 | HIGH | 7.8 | A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: … | May 21, 2026 |
| CVE-2025-71211 | CRITICAL | 9.8 | A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. … | May 21, 2026 |
| CVE-2025-71210 | CRITICAL | 9.8 | A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. … | May 21, 2026 |
| CVE-2025-13479 | HIGH | 7.5 | Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: … | May 21, 2026 |
| CVE-2025-13477 | HIGH | 7.1 | Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects … | May 21, 2026 |
| CVE-2026-6841 | UNKNOWN | — | Request Tracker is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, … | May 21, 2026 |
| CVE-2026-5118 | CRITICAL | 9.8 | The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.2. This is due to the plugin … | May 21, 2026 |
| CVE-2026-45760 | UNKNOWN | — | (Externally Controlled Reference to a Resource in Another Sphere), (Authorization Bypass Through User-Controlled Key) vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace … | May 21, 2026 |
| CVE-2026-43502 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail … | May 21, 2026 |
| CVE-2026-43501 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows ipv6_rpl_srh_rcv() decompresses an RFC 6554 Source … | May 21, 2026 |
| CVE-2026-43499 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter() remove_waiter() is used by the slowlock paths, … | May 21, 2026 |
| CVE-2026-43498 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a … | May 21, 2026 |
| CVE-2026-43497 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free dlfb_ops_mmap() uses remap_pfn_range() to map vmalloc … | May 21, 2026 |
| CVE-2026-43496 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked When red qdisc has children … | May 21, 2026 |
| CVE-2026-43495 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler t7xx_port_enum_msg_handler() uses the modem-supplied port_count … | May 21, 2026 |
| CVE-2026-43494 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/rds: reset op_nents when zerocopy page pin fails When iov_iter_get_pages2() fails in rds_message_zcopy_from_user(), the pinned … | May 21, 2026 |
| CVE-2026-0393 | UNKNOWN | — | The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability … | May 21, 2026 |
| CVE-2026-45255 | HIGH | 7.5 | When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog(1) to prompt … | May 21, 2026 |
| CVE-2026-45254 | MEDIUM | 6.5 | In the case of the cap_net service, when a key present in the old limit was omitted from the new limit, the missing key was … | May 21, 2026 |
| CVE-2026-45253 | HIGH | 8.4 | ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) and __syscall(2) meta-system calls. As a result, a user with the ability to debug a process … | May 21, 2026 |
| CVE-2026-45252 | MEDIUM | 5.5 | When a fusefs file system implements extended attributes, the kernel may send a FUSE_LISTXATTR message to the userspace daemon to retrieve the list of extended … | May 21, 2026 |