Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
Select from 78 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-13863 |
7.8 (3.1)
|
Insufficient validation of untrusted input in Cus… |
Google |
Chrome |
2026-06-30T22:38:00.908Z | 2026-07-02T03:55:29.658Z |
| CVE-2026-13872 |
9.1 (3.1)
|
Insufficient validation of untrusted input in Web… |
Google |
Chrome |
2026-06-30T22:38:04.211Z | 2026-07-01T19:06:19.206Z |
| CVE-2026-13994 |
4.3 (3.1)
|
Inappropriate implementation in Credential Manage… |
Google |
Chrome |
2026-06-30T22:38:49.020Z | 2026-07-01T16:06:11.202Z |
| CVE-2026-54704 |
6.5 (3.1)
|
OpenTelemetry Java Instrumentation: JDBC Auto-Instrume… |
open-telemetry |
opentelemetry-java-instrumentation |
2026-07-01T21:15:37.903Z | 2026-07-02T12:23:50.336Z |
| CVE-2026-54712 |
5.3 (3.1)
|
OpenTelemetry Javaagent RMI context propagation allows… |
open-telemetry |
opentelemetry-java-instrumentation |
2026-07-01T21:17:44.160Z | 2026-07-02T15:41:16.104Z |
| CVE-2026-8147 |
8.1 (3.0)
|
Authorization Bypass in mlflow/mlflow |
mlflow |
mlflow/mlflow |
2026-07-02T07:32:58.308Z | 2026-07-02T12:28:31.554Z |
| CVE-2026-53162 |
7.8 (3.1)
|
memcg: use round-robin victim selection in refill_stock |
Linux |
Linux |
2026-06-25T08:38:43.453Z | 2026-06-28T06:39:38.906Z |
| CVE-2026-53161 |
7.8 (3.1)
|
misc: fastrpc: fix use-after-free of fastrpc_user in w… |
Linux |
Linux |
2026-06-25T08:38:42.789Z | 2026-06-28T06:39:37.235Z |
| CVE-2026-53160 |
7.8 (3.1)
|
misc: fastrpc: fix use-after-free race in fastrpc_map_create |
Linux |
Linux |
2026-06-25T08:38:42.138Z | 2026-06-28T06:39:36.143Z |
| CVE-2026-53156 |
N/A
|
nvmem: core: fix use-after-free bugs in error paths |
Linux |
Linux |
2026-06-25T08:38:39.495Z | 2026-06-25T08:38:39.495Z |
| CVE-2025-36359 |
8.1 (3.1)
|
IBM DevOps Loop is susceptible to an Insufficient Sess… |
IBM |
DevOps Automation |
2026-06-30T20:11:57.390Z | 2026-07-01T13:23:33.040Z |
| CVE-2026-57204 |
6.9 (4.0)
|
pypdf: Missing stream length values ignore defined limits |
py-pdf |
pypdf |
2026-06-30T21:59:46.274Z | 2026-07-01T14:29:01.785Z |
| CVE-2026-13822 |
6.5 (3.1)
|
Inappropriate implementation in Extensions in Goo… |
Google |
Chrome |
2026-06-30T22:37:45.956Z | 2026-07-01T15:07:00.710Z |
| CVE-2026-13826 |
6.5 (3.1)
|
Inappropriate implementation in Autofill in Googl… |
Google |
Chrome |
2026-06-30T22:37:47.466Z | 2026-07-01T15:13:08.629Z |
| CVE-2026-9756 |
6.4 (3.1)
|
GenerateBlocks <= 2.2.1 - Authenticated (Contributor+)… |
edge22 |
GenerateBlocks |
2026-07-03T07:53:09.591Z | 2026-07-06T15:31:49.905Z |
| CVE-2026-9230 |
4.3 (3.1)
|
Quiz and Survey Master (QSM) <= 11.1.4 - Missing Autho… |
expresstech |
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker |
2026-07-03T06:50:11.170Z | 2026-07-06T14:45:18.312Z |
| CVE-2026-8892 |
6.4 (3.1)
|
CM Business Directory <= 1.5.7 - Authenticated (Contri… |
creativemindssolutions |
CM Business Directory – Optimise and showcase local business |
2026-07-03T04:30:19.430Z | 2026-07-06T14:45:51.832Z |
| CVE-2026-8804 |
6.7 (4.0)
|
Cleartext Storage of Sensitive Information for Puppet … |
Perforce |
Puppet Core |
2026-07-03T07:40:15.684Z | 2026-07-06T15:21:55.981Z |
| CVE-2026-5268 |
N/A
|
SFTP Server Authentication Weakness |
CIENA |
6500 S-Series |
2026-07-06T15:25:56.938Z | 2026-07-06T15:25:56.938Z |
| CVE-2026-5137 |
4.3 (3.1)
|
RTMKit <= 2.0.7 - Authenticated (Contributor+) Limited… |
rometheme |
RTMKit |
2026-07-03T09:31:52.399Z | 2026-07-06T14:44:45.786Z |
| CVE-2026-59520 |
4.3 (3.1)
|
WordPress CrawlWP SEO plugin <= 3.0.16 - Cross Site Re… |
properfraction |
CrawlWP SEO |
2026-07-05T21:44:29.015Z | 2026-07-06T15:14:38.329Z |
| CVE-2026-59196 |
7.1 (3.1)
|
pnpm: hoisted install imports lockfile alias outside n… |
pnpm |
pnpm |
2026-07-06T15:18:53.881Z | 2026-07-06T15:40:34.708Z |
| CVE-2026-59195 |
8.2 (3.1)
|
pnpm: Path traversal in configDependencies env lockfil… |
pnpm |
pnpm |
2026-07-06T15:21:03.101Z | 2026-07-06T15:21:03.101Z |
| CVE-2026-59194 |
7.1 (3.1)
|
pnpm: patch-remove could delete project-selected files… |
pnpm |
pnpm |
2026-07-06T15:16:28.485Z | 2026-07-06T15:16:28.485Z |
| CVE-2026-59152 |
5 (3.1)
|
Arbitrary server-side file read in LangSmith SDK Traci… |
langchain-ai |
langsmith-sdk |
2026-07-06T14:26:55.765Z | 2026-07-06T14:26:55.765Z |
| CVE-2026-59097 |
5.3 (3.1)
6.9 (4.0)
|
Taiga < 6.10.2 - Unauthorized Due-Date Creation via AP… |
taiga |
taiga-back |
2026-07-02T19:42:04.588Z | 2026-07-06T14:50:35.051Z |
| CVE-2026-58524 |
5.4 (3.1)
|
Microsoft Edge (Chromium-based) Spoofing Vulnerability |
Microsoft |
Microsoft Edge (Chromium-based) |
2026-07-03T20:35:35.191Z | 2026-07-06T15:16:17.901Z |
| CVE-2026-58460 |
7 (4.0)
7.7 (3.1)
|
react-native-receive-sharing-intent Path Traversal via… |
ajith-ab |
react-native-receive-sharing-intent |
2026-07-02T20:10:40.633Z | 2026-07-06T14:54:44.130Z |
| CVE-2026-58426 |
9.6 (3.1)
|
Gitea Actions Artifacts V4 signed URL HMAC ambiguity a… |
Gitea |
Gitea Open Source Git Server |
2026-07-03T20:54:53.283Z | 2026-07-06T15:07:18.210Z |
| CVE-2026-58424 |
8.9 (3.1)
|
Permanent Fork PR Workflow Approval Gate Bypass |
Gitea |
Gitea Open Source Git Server |
2026-07-03T20:54:52.923Z | 2026-07-06T15:09:01.188Z |