Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23287
Total
1655
Critical
7324
High
7394
Medium
CVE ID Severity Score Description Published
CVE-2026-57480 UNKNOWN Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.9.1-alpha.12 and 8.6.82, deeply nested … Jul 08, 2026
CVE-2026-56669 HIGH 7.5 Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation, and client-server communication. Prior to 1.4.29, Elysia uses getAll in form data normalization … Jul 08, 2026
CVE-2026-55778 UNKNOWN Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.9.1-alpha.11 and 8.6.81, the default … Jul 08, 2026
CVE-2026-55596 HIGH 8.7 Plate is a rich-text editor with AI and shadcn/ui. From 53.0.0 until 53.1.4, the media embed renderer trusts serialized provider or sourceUrl metadata in useMediaState … Jul 08, 2026
CVE-2026-55542 UNKNOWN Snipe-IT is an IT asset/license management system. Prior to version 8.6.1, Snipe-IT S3 signature image retrieval lacks authorization before temporary URL. On S3-backed deployments, authenticated … Jul 08, 2026
CVE-2026-55206 UNKNOWN py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, PackInfo._read() in archiveinfo.py used an O(n^2) … Jul 08, 2026
CVE-2026-55195 UNKNOWN py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, py7zr's Worker.decompress() extracted archive entries without … Jul 08, 2026
CVE-2026-54591 HIGH 8.1 AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior … Jul 08, 2026
CVE-2026-54590 MEDIUM 5.9 AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version … Jul 08, 2026
CVE-2026-54528 HIGH 7.1 JupyterLab Git is a Git extension for JupyterLab. Prior to 0.54.0, jupyterlab-git uses fnmatch.fnmatchcase() in GitHandler.prepare() in jupyterlab_git/handlers.py to enforce excluded_paths, allowing an authenticated user … Jul 08, 2026
CVE-2026-54527 UNKNOWN JupyterLab Git is a Git extension for JupyterLab. From 0.30.0b3 before 0.54.0, the PlainTextDiff.ts createHeader() method passes Git filenames directly to innerHTML when rendering renamed … Jul 08, 2026
CVE-2026-49866 HIGH 7.5 libp2p is a JavaScript Implementation of libp2p networking stack. Prior to 16.0.0, @libp2p/gossipsub defaultDecodeRpcLimits set maxIhaveMessageIDs and maxIwantMessageIDs to Infinity, allowing oversized IHAVE and IWANT … Jul 08, 2026
CVE-2026-35211 MEDIUM 6.5 OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260401.0, the OpenCTI GraphQL API exposes a script filter … Jul 08, 2026
CVE-2026-35210 HIGH 7.1 OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260326.0, an authorization bypass vulnerability in OpenCTI allows any … Jul 08, 2026
CVE-2026-15174 MEDIUM 5.5 Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Jul 08, 2026
CVE-2026-15173 MEDIUM 4.7 pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service Jul 08, 2026
CVE-2026-15172 MEDIUM 5.5 FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Jul 08, 2026
CVE-2026-15171 MEDIUM 5.5 SSH protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Jul 08, 2026
CVE-2026-15170 MEDIUM 5.5 Z39.50 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Jul 08, 2026
CVE-2026-15169 MEDIUM 5.5 UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Jul 08, 2026
CVE-2026-15167 HIGH 7.5 DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Jul 08, 2026
CVE-2026-15166 MEDIUM 5.5 IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Jul 08, 2026
CVE-2026-15165 MEDIUM 5.5 TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service Jul 08, 2026
CVE-2026-15164 MEDIUM 5.5 Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Jul 08, 2026
CVE-2026-15163 MEDIUM 5.5 Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service Jul 08, 2026