Export limit exceeded: 364697 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364697 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364697 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-48949 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| Lack of validation leads to an XSS vulnerability in the MFA management views. | ||||
| CVE-2026-48948 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| An improper access check allows user to download vcard exports of com_contact contacts that are inaccessible. | ||||
| CVE-2026-48953 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| Lack of escaping leads to an XSS vulnerability in the generic image output layout. | ||||
| CVE-2026-48951 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| Lack of escaping leads to XSS vulnerabilities in modalreturn layouts of various components. | ||||
| CVE-2026-48957 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| An improper access check allows unauthorized users to access com_privacy datasets. | ||||
| CVE-2026-48956 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| An improper access check allows users to display a list of modules in the frontend. | ||||
| CVE-2026-48955 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| An improper access check allows unauthorized users to access workflow stage and transition information. | ||||
| CVE-2026-48950 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| Lack of escaping leads to an XSS vulnerability in the file management view of com_templates. | ||||
| CVE-2026-48958 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| An improper access check allows unauthorized users to create custom fields via webservices endpoints. | ||||
| CVE-2026-48947 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| An improper access check allows privileged users to overwrite media files without editing permissions. | ||||
| CVE-2026-48952 | 1 Joomla | 1 Joomla! | 2026-07-10 | N/A |
| Lack of escaping leads to an XSS vulnerability in the update list view of com_installer. | ||||
| CVE-2026-44877 | 1 Hpe | 1 Networking Instant On | 2026-07-10 | 6.5 Medium |
| An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system. | ||||
| CVE-2026-55417 | 1 Chevereto | 2 Chevereto, Chevereto-free | 2026-07-10 | N/A |
| Chevereto is a self-hosted media-sharing platform. Starting in version 3.7.5 and prior to version 4.5.4, when a user enables the private profile option, visiting their profile HTML route (`/username`) correctly returns 404. However, the `/json` AJAX listing endpoint does not apply the same check. An unauthenticated caller who knows the target's user ID can retrieve all of that user's publicly-scoped images, revealing the username (which should be private). This is patched in Chevereto v4.5.4. No known workarounds are available. | ||||
| CVE-2026-58583 | 1 Fluxink | 1 Color Management Driver | 2026-07-10 | 7.1 High |
| FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows 11 25H2 HLK (Hardware Lab Kit). The fixed driver may be available through Windows Update or from Lenovo directly. | ||||
| CVE-2026-59707 | 1 Localai | 1 Localai | 2026-07-10 | 8.6 High |
| LocalAI contains an unauthenticated server-side request forgery vulnerability in the POST /models/apply endpoint that allows attackers to fetch arbitrary internal URLs. The endpoint passes unsanitized gallery URL fields directly to gallery.GetGalleryConfigFromURLWithContext without proper validation, enabling attackers to force the server to issue HTTP GET requests to private and loopback ranges with partial response content leaked through error messages. | ||||
| CVE-2026-55592 | 1 Lissy93 | 1 Dashy | 2026-07-10 | 3.9 Low |
| Dashy is a self-hostable personal dashboard. Prior to 4.3.7, Dashy's workspace view trusts the url query parameter and assigns it directly to an iframe source without scheme validation. If a logged-in user opens a crafted workspace link containing a javascript: URL, JavaScript runs on the Dashy origin and can read same-origin browser data, interact with the Dashy DOM, and send requests as the victim. This issue is fixed in version 4.3.7. | ||||
| CVE-2026-49471 | 1 Oraios | 1 Serena | 2026-07-10 | 8.3 High |
| Serena is a powerful MCP toolkit for coding that provides semantic retrieval and editing capabilities. Prior to v1.5.2, Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port, with no authentication, no CSRF protection, and no Host header validation. A DNS rebinding attack allows a malicious webpage to reach this API from any browser and write arbitrary content to the agent's persistent memory store, which the agent reads and acts on autonomously. Combined with execute_shell_command using shell=True, this creates a remote code execution chain requiring only that the victim visit a malicious webpage while Serena is running. This issue is fixed in version v1.5.2. | ||||
| CVE-2026-55408 | 1 Koodo-reader | 1 Koodo-reader | 2026-07-10 | N/A |
| Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content is rendered with unsanitized innerHTML. An attacker can craft an EPUB book that, when imported and opened by the victim, instantiates a hidden iframe with Node.js API access and executes arbitrary operating system commands with the victim user's privileges. This issue is fixed in version 2.3.1. | ||||
| CVE-2026-14895 | 1 Bakerscot | 1 String::util | 2026-07-10 | 7.5 High |
| String::Util versions before 1.36 for Perl are susceptible to a regular expression denial of service. The trim and rtrim functions stripped trailing whitespace with s/\s*$//u. Because \s* matches greedily and the $ anchor fails whenever a non-whitespace character follows the whitespace, the regex engine retries the match at each offset of a long whitespace run, producing quadratic backtracking. The fix replaces \s*$ with \s+$. Any caller that passes untrusted input to trim or rtrim can trigger CPU exhaustion with a string containing a long run of whitespace. | ||||
| CVE-2026-14244 | 2 Jssor, Wordpress | 2 Jssor Slider By Jssor.com, Wordpress | 2026-07-10 | 7.5 High |
| The Jssor Slider by jssor.com plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.1.24 via the 'url' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. | ||||