31,509 indexed
CVECVE vulnerabilities
31,509 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 1,351–1,400 of 8,161 in High · page 28 of 164
| ID | Title | Summary |
|---|---|---|
| CVE-2026-35412 | CVE-2026-35412 CVSS 8.1 | Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint (/files/tus) allows … |
| CVE-2026-3541 | CVE-2026-3541 CVSS 8.8 | Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HT… |
| CVE-2026-3540 | CVE-2026-3540 CVSS 8.8 | Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafte… |
| CVE-2026-35397 | CVE-2026-35397 CVSS 8.8 | Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authentica… |
| CVE-2026-35395 | CVE-2026-35395 CVSS 8.8 | WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, WeGIA (Web gerenciador para instituições assistenciais) contains a SQL injection vulnerabil… |
| CVE-2026-35394 | CVE-2026-35394 CVSS 8.8 | Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobile_open_url tool in mobile-mcp passes user-supplied URLs directly … |
| CVE-2026-3539 | CVE-2026-3539 CVSS 8.8 | Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potent… |
| CVE-2026-35386 | CVE-2026-35386 CVSS 8.1 | In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username o… |
| CVE-2026-35385 | CVE-2026-35385 CVSS 8.1 | In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is perform… |
| CVE-2026-3538 | CVE-2026-3538 CVSS 8.8 | Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HT… |
| CVE-2026-3537 | CVE-2026-3537 CVSS 8.8 | Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a cr… |
| CVE-2026-3536 | CVE-2026-3536 CVSS 8.8 | Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted H… |
| CVE-2026-35337 | CVE-2026-35337 CVSS 8.8 | Deserialization of Untrusted Data vulnerability in Apache Storm. Versions Affected: before 2.8.6. Description: When processing topology credentials submitte… |
| CVE-2026-3533 | CVE-2026-3533 CVSS 8.8 | The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on import_popup_templates() function as well as insu… |
| CVE-2026-3524 | CVE-2026-3524 CVSS 8.8 | Mattermost Plugin Legal Hold versions <=1.1.4 fail to halt request processing after a failed authorization check in ServeHTTP which allows an authenticated att… |
| CVE-2026-35228 | CVE-2026-35228 CVSS 8.7 | Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects (component: helper tool). The supported versions that is affected is … |
| CVE-2026-35218 | CVE-2026-35218 CVSS 8.7 | Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names (tables, views, queries, automat… |
| CVE-2026-35214 | CVE-2026-35214 CVSS 8.7 | Budibase is an open-source low-code platform. Prior to version 3.33.4, the plugin file upload endpoint (POST /api/plugin/upload) passes the user-supplied filen… |
| CVE-2026-35204 | CVE-2026-35204 CVSS 8.6 | Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write … |
| CVE-2026-35196 | CVE-2026-35196 CVSS 8.8 | Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability exists in the main/inc/ajax/gr… |
| CVE-2026-35194 | CVE-2026-35194 CVSS 8.1 | Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges t… |
| CVE-2026-35182 | CVE-2026-35182 CVSS 8.8 | Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The P… |
| CVE-2026-35168 | CVE-2026-35168 CVSS 8.8 | OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the Aggiornamenti (Updates) module in Ope… |
| CVE-2026-35167 | CVE-2026-35167 CVSS 8.1 | Kedro is a toolbox for production-ready data science. Prior to 1.3.0, the _get_versioned_path() method in kedro/io/core.py constructs filesystem paths by direc… |
| CVE-2026-35164 | CVE-2026-35164 CVSS 8.8 | Brave CMS is an open-source CMS. Prior to 2.0.6, an unrestricted file upload vulnerability exists in the CKEditor upload functionality. It is found in app/Http… |
| CVE-2026-3515 | CVE-2026-3515 CVSS 8.5 | A vulnerability in the `GitHubRepository` block of the `prefect-github` integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git comman… |
| CVE-2026-3511 | CVE-2026-3511 CVSS 8.6 | Improper Restriction of XML External Entity Reference vulnerability in XMLUtils.java in Slovensko.Digital Autogram allows remote unauthenticated attacker to co… |
| CVE-2026-35093 | CVE-2026-35093 CVSS 8.8 | A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration directories can bypa… |
| CVE-2026-35091 | CVE-2026-35091 CVSS 8.2 | A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity c… |
| CVE-2026-35071 | CVE-2026-35071 CVSS 8.2 | Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection')… |
| CVE-2026-35063 | CVE-2026-35063 CVSS 8.8 | OpenPLC_V3 REST API endpoint checks for JWT presence but never verifies the caller's role. Any authenticated user with role=user can delete any other user, inc… |
| CVE-2026-35050 | CVE-2026-35050 CVSS 8.8 | text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and i… |
| CVE-2026-35045 | CVE-2026-35045 CVSS 8.1 | Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, the PUT /api/recipe/batch_update/ endpoint… |
| CVE-2026-35032 | CVE-2026-35032 CVSS 8.1 | Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the LiveTV M3U tuner endpoint (POST /LiveTv/Tun… |
| CVE-2026-35031 | CVE-2026-35031 CVSS 8.8 | Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the subtitle upload endpoint (POST /Videos/{ite… |
| CVE-2026-35029 | CVE-2026-35029 CVSS 8.8 | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role … |
| CVE-2026-35020 | CVE-2026-35020 CVSS 8.4 | Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helper and deep-link terminal launcher that … |
| CVE-2026-3502 | TrueConf Client Download of Code Without Integrity Check Vulnerability KEVCVSS 7.8TrueConf | TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute… |
| CVE-2026-3499 | CVE-2026-3499 CVSS 8.8 | The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 1… |
| CVE-2026-34982 | CVE-2026-34982 CVSS 8.2 | Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user … |
| CVE-2026-34972 | CVE-2026-34972 CVSS 8.8 | OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. From 1.8.0 to 1.13.1, under sp… |
| CVE-2026-34965 | CVE-2026-34965 CVSS 8.8 | Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attack… |
| CVE-2026-34954 | CVE-2026-34954 CVSS 8.6 | PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no v… |
| CVE-2026-34941 | CVE-2026-34941 CVSS 8.1 | Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to… |
| CVE-2026-34940 | CVE-2026-34940 CVSS 8.8 | KubeAI is an AI inference operator for kubernetes. Prior to 0.23.2, the ollamaStartupProbeScript() function in internal/modelcontroller/engine_ollama.go constr… |
| CVE-2026-34885 | CVE-2026-34885 CVSS 8.5 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows SQL Injectio… |
| CVE-2026-34840 | CVE-2026-34840 CVSS 8.1 | OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, OneUptime's SAML SSO implementation (App/FeatureSet/Identity/Utils… |
| CVE-2026-3484 | CVE-2026-3484 CVSS 8.8 | A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function child_pro… |
| CVE-2026-34797 | CVE-2026-34797 CVSS 8.8 | Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_smtp.cgi. The DATE … |
| CVE-2026-34796 | CVE-2026-34796 CVSS 8.8 | Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_openvpn.cgi. The DA… |