CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-11839 Arbitrary File Upload in Basarsoft's Rotaban 11.06.2026 9.9
CVE-2026-7852 Unrestricted File Upload in Limatek's LimRAD NAC 11.06.2026 9.8
CVE-2026-4764 Privilege Escalation in Dialogflow CX via Playbook Import 11.06.2026 9.4
CVE-2026-35273 11.06.2026 9.8
CVE-2026-46695 BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files 11.06.2026 10
CVE-2026-46703 BoxLite: Path Traversal Vulnerability in boxlite Leads to Arbitrary File Write on the Host 11.06.2026 9.6
CVE-2026-20253 Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise 11.06.2026 9.8
CVE-2026-46614 Fission router exposes /fission-function/<ns>/<name> on its public listener, allowing invocation of any function without an HTTPTrigger 11.06.2026 9.8
CVE-2026-50545 Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover 10.06.2026 9.9
CVE-2026-50563 Fission Container Executor Function PodSpec Injection Leading to Node Escape 11.06.2026 9.9
CVE-2026-50564 Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape 10.06.2026 9.9
CVE-2026-50566 Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation 10.06.2026 9.9
CVE-2026-45550 Roxy-WI: IDOR on PUT /smon/check — any user can rewrite any tenant's monitoring URL/IP/body 10.06.2026 9.1
CVE-2026-45552 Roxy-WI: Cross-tenant authorization bypass on /install/* — guest can run Ansible / SSH on every registered server 10.06.2026 9.9
CVE-2026-45556 Roxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name` 10.06.2026 9.9
CVE-2026-45558 Roxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section save 10.06.2026 9.9
CVE-2026-53469 Migration-planner: unprotected delete endpoint wipes all tenant data 10.06.2026 9.1
CVE-2026-53470 Migration-planner: getsourcedownloadurl missing organization check 10.06.2026 9.6
CVE-2026-53471 Migration-planner: agent api ignores jwt source_id claim 10.06.2026 9.6
CVE-2026-53474 Migration-planner: second-order sql injection via rvtools upload 10.06.2026 9.6
CVE-2026-53475 Assisted-migration-agent: tls verification disabled on all vcenter connections 10.06.2026 9.3
CVE-2026-53476 Assisted-migration-agent: vddk tarball chained-symlink arbitrary file write 10.06.2026 9.6
CVE-2025-6254 Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation 10.06.2026 9.8
CVE-2025-66276 QTS 10.06.2026 9.2
CVE-2026-45328 ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers 10.06.2026 9.3
CVE-2026-44963 10.06.2026 9.4
CVE-2026-47928 ColdFusion | Improper Input Validation (CWE-20) 11.06.2026 9.6
CVE-2026-47938 Adobe Campaign Classic (ACC) | Server-Side Request Forgery (SSRF) (CWE-918) 10.06.2026 10
CVE-2026-48303 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863) 10.06.2026 10
CVE-2026-34691 Adobe Experience Manager Forms JEE | Cross-site Scripting (Stored XSS) (CWE-79) 09.06.2026 9.3
CVE-2026-26142 Nuance PowerScribe Remote Code Execution Vulnerability 10.06.2026 9.8
CVE-2026-42904 Windows TCP/IP Elevation of Privilege Vulnerability 10.06.2026 9.6
CVE-2026-44815 DHCP Client Service Remote Code Execution Vulnerability 10.06.2026 9.8
CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability 10.06.2026 9.1
CVE-2026-45657 Windows Kernel Remote Code Execution Vulnerability 10.06.2026 9.8
CVE-2026-47281 Visual Studio Code Elevation of Privilege Vulnerability 10.06.2026 9.6
CVE-2026-47291 HTTP.sys Remote Code Execution Vulnerability 10.06.2026 9.8
CVE-2026-47643 Azure Stack Edge Remote Code Execution Vulnerability 10.06.2026 9.8
CVE-2026-49840 FreeSWITCH: Pre-authentication heap buffer overflow in libesl `Content-Length` parsing 09.06.2026 9.1
CVE-2026-49841 FreeSWITCH: Pre-authentication heap buffer overflow in `mod_verto` HTTP POST body read 11.06.2026 9.8
CVE-2026-10520 11.06.2026 10
CVE-2026-10523 10.06.2026 9.9
CVE-2026-25089 10.06.2026 9.1
CVE-2026-8025 SQLi in MOSK Informatics' CBS Platform 09.06.2026 9.8
CVE-2026-7486 SQLi in Netcad's E-İmar 09.06.2026 9.8
CVE-2017-20251 WordPress Insert PHP Plugin 4.7.0 PHP Code Injection via REST API 09.06.2026 9.3
CVE-2026-10731 SQL injection in Nemon products 09.06.2026 9.3
CVE-2026-41031 A Stored Cross-Site Scripting (XSS) vulnerability occurs in Vinna Process Monitor 09.06.2026 9.3
CVE-2026-5067 Out-of-bounds read/write in HTTP WebSocket upgrade via non-null-terminated Sec-WebSocket-Key 09.06.2026 9.8
CVE-2026-27671 Memory Corruption vulnerability in Application Server ABAP of SAP NetWeaver and ABAP Platform 09.06.2026 9.8
CVE-2026-40128 Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container) 10.06.2026 9
CVE-2026-44748 XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform 09.06.2026 9.9
CVE-2026-52778 YesWiki has Unsafe eval() in Formula Calculator - Remote Code Execution (RCE) & Denial of Service (DoS) 09.06.2026 9.8
CVE-2026-25555 OpenBullet2 0.3.2 Authentication Bypass via X-Api-Key Header 08.06.2026 9.3
CVE-2026-39910 STACKIT IaaS API Privilege Escalation via Service Account Attachment 09.06.2026 9.3
CVE-2026-41448 AdGuard Home Authentication Bypass via Path Traversal in Admin-Token Cookie 08.06.2026 9.2
CVE-2026-46442 Flowise: Authenticated Host RCE via POST /api/v1/node-custom-function and NodeVM Sandbox Escape 09.06.2026 9.4
CVE-2026-47430 Cordova Plugin InAppBrowser: iOS: Arbitrary Cordova callback IDs can be dispatched without validation from InAppBrowser WebViews 08.06.2026 9.5
CVE-2026-11499 Tenda HG7HG9/HG10 formDOMAINBLK stack-based overflow 08.06.2026 9.3
CVE-2023-54352 WordPress Seotheme Remote Code Execution Unauthenticated 08.06.2026 9.3
CVE-2024-58348 WordPress Background Image Cropper 1.2 Remote Code Execution 08.06.2026 9.3
CVE-2024-58349 WordPress Theme Travelscape 1.0.3 Arbitrary File Upload 08.06.2026 9.3
CVE-2026-11429 Path Traversal in Altium Vault ScriptsController Allows Unauthenticated Remote Code Execution 09.06.2026 10
CVE-2026-11423 Path Traversal in Altium Enterprise Server Collaboration Service Allows Privilege Escalation 08.06.2026 9.4
CVE-2026-11419 Path Traversal in Altium Enterprise Server Vault UploadController Allows Arbitrary File Write 05.06.2026 9.4
CVE-2026-11420 Path Traversal in Altium Enterprise Server NIS Allows Unauthenticated Arbitrary File Write and File Read 05.06.2026 10
CVE-2026-45758 Malicious code in guardrails-ai 0.10.1 (supply chain compromise) 08.06.2026 9.6
CVE-2026-45777 Open XDMoD Vulnerable to Unauthenticated Remote Code Execution (RCE) via OS Command Injection 05.06.2026 9.3
CVE-2026-45779 Open XDMoD Vulnerable to Unauthenticated SQL Injection Leading to Full Database Compromise 08.06.2026 9.3
CVE-2026-11414 Unauthenticated File Exfiltration in Altium Enterprise Server Vault Service via Hard-coded Cryptographic Key and Path Traversal 09.06.2026 10
CVE-2026-10580 Hippoo Mobile App for WooCommerce <= 1.9.4 - Unauthenticated Authentication Bypass to Administrator Account Takeover via REST API 06.06.2026 9.8
CVE-2026-46389 UDS Identity Config has a client authentication bypass in `ClientIdAndKubernetesSecretAuthenticator` 05.06.2026 10
CVE-2026-46395 HAX CMS Vulnerable to Private Key Disclosure via Broken HMAC Implementation 05.06.2026 9.3
CVE-2026-46396 HAX CMS has a stored XSS via <iframe> that allows access to sensitive client-side data and account takeover 09.06.2026 9.3
CVE-2026-46399 Authenticated Remote Code Execution via File Overwrite 08.06.2026 9.4
CVE-2026-46496 HAX CMS: Stored XSS via '<video-player>' component allows arbitrary JavaScript execution and token theft 05.06.2026 9.3
CVE-2025-71317 NetMan 204 Hard-coded Backdoor Credentials 05.06.2026 9.3
CVE-2025-71318 NetMan 204 Missing Authentication for Administrative Functions 08.06.2026 9.3
CVE-2026-45744 Termix has an OS Command Injection in File Manager resolvePath endpoint 10.06.2026 9.9
CVE-2026-45746 Termix Vulnerable to Arbitrary Command Execution via Session Hijacking 10.06.2026 9
CVE-2026-45748 Termix Vulnerable to Remote Code Execution via SSH Tunnel Forward Command Injection 10.06.2026 9.8
CVE-2026-45750 Termix Vulnerable to Arbitrary Command Execution in File Manager 10.06.2026 9
CVE-2026-49777 WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability 08.06.2026 10
CVE-2026-6274 Authentication Bypass in DTS Electronics' Redline WR3200 08.06.2026 9.8
CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5 05.06.2026 10
CVE-2026-48567 Azure HorizonDB Elevation of Privilege Vulnerability 10.06.2026 10
CVE-2026-48579 Microsoft Exchange Online Information Disclosure Vulnerability 10.06.2026 9.1
CVE-2025-71316 SQLite sqldiff remote code execution via argument injection 10.06.2026 9.2

Latest Updates

CVE Title Updated Score
CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information. 11.06.2026 4.1
CVE-2026-11839 Arbitrary File Upload in Basarsoft's Rotaban 11.06.2026 9.9
CVE-2026-3341 IBM Langflow Desktop 1.0.0 - 1.9.2 DNS Rebinding Bypasses SSRF Protection Allowing Access to Internal Services 11.06.2026 5.4
CVE-2026-4096 A vulnerability has been identified in IBM DevOps Plan that allows a Host Header Injection attack due to improper handling of the Host header in HTTP requests. 11.06.2026 6.5
CVE-2026-53777 Perry < 0.5.1159 Path Traversal via ArtifactReady WebSocket 11.06.2026
CVE-2026-7787 Unauthenticated Session History Access via Public Flow Execution 11.06.2026 7.5
CVE-2026-7870 IBM i is Affected by Privilege Escalation [] 11.06.2026 8.8
CVE-2026-9648 CVE-2026-9648 11.06.2026
CVE-2026-10847 Local Privilege Escalation vulnerability in Check Point Identity Agent Full for Windows OS 11.06.2026 7.8
CVE-2026-11816 Path Traversal in keras-team/keras 11.06.2026
CVE-2026-38581 11.06.2026
CVE-2026-53661 boruta-server sent sensitive session cookies without the Secure attribute 11.06.2026
CVE-2026-53723 guzzlehttp/guzzle-services' XML Request Serialization Vulnerable to XML Injection via CDATA Terminator 11.06.2026 5.8
CVE-2026-6338 HTTP request smuggling in Kong Enteprise Gateway 11.06.2026
CVE-2026-8406 openSIS Classic 9.3 - Insecure Direct Object Reference in Sent Mail 11.06.2026
CVE-2026-11561 SSTI in Soagen Informatics' Apinizer 11.06.2026 5.3
CVE-2026-11956 TwiN gatus OIDC Session Cookie oidc.go setSessionCookie missing secure attribute 11.06.2026
CVE-2026-48998 guzzlehttp/psr7 has Host Confusion via Authority Reinterpretation 11.06.2026 5.3
CVE-2026-49214 guzzlehttp/psr7 has CRLF Injection via URI Host Component 11.06.2026 5.3
CVE-2026-7852 Unrestricted File Upload in Limatek's LimRAD NAC 11.06.2026 9.8
CVE-2022-45813 WordPress Advanced AJAX Product Filters plugin <= 1.6.3.3 - Broken Access Control + CSRF 11.06.2026 5.4
CVE-2022-47150 WordPress WooCommerce Conversion Tracking plugin <= 2.0.10 - Cross-Site Request Forgery (CSRF) vulnerability 11.06.2026 4.3
CVE-2023-25969 WordPress Contact Form & Lead Form Elementor Builder plugin <= 1.8.4 - Broken Access Control vulnerability 11.06.2026 5.4
CVE-2023-32959 WordPress MetroStore theme <= 1.3.2 - Broken Access Control 11.06.2026 4.3
CVE-2026-10087 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab 11.06.2026 8.7
CVE-2026-10733 Improper Restriction of Rendered UI Layers or Frames in GitLab 11.06.2026 4.3
CVE-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab 11.06.2026 6.5
CVE-2026-3553 Incorrect Authorization in GitLab 11.06.2026 3.1
CVE-2026-4764 Privilege Escalation in Dialogflow CX via Playbook Import 11.06.2026
CVE-2026-53423 Unauthenticated denial-of-service via BEAM atom table exhaustion in membrane_mp4_plugin 11.06.2026
CVE-2026-53912 Cerebrate self-registration password hash exposure via inbox and audit log views 11.06.2026
CVE-2026-6269 Incorrect Authorization in GitLab 11.06.2026 5.4
CVE-2026-6277 Incorrect Authorization in GitLab 11.06.2026 4.3
CVE-2026-6552 Authorization Bypass Through User-Controlled Key in GitLab 11.06.2026 8.7
CVE-2026-6976 Authorization Bypass Through User-Controlled Key in GitLab 11.06.2026 3.7
CVE-2026-7250 Allocation of Resources Without Limits or Throttling in GitLab 11.06.2026 7.5
CVE-2026-8464 Path traversal in Neuron Soft Golem OEE MES 11.06.2026
CVE-2026-8589 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab 11.06.2026 7.3
CVE-2026-9204 Server-Side Request Forgery (SSRF) in GitLab 11.06.2026 5.3
CVE-2026-9694 Improper Neutralization of Substitution Characters in GitLab 11.06.2026 2.6
CVE-2022-42479 WordPress Soledad premium theme <= 8.2.5 - Broken Access Control vulnerability 11.06.2026 5.4
CVE-2022-44630 WordPress YITH WooCommerce Product Slider Carousel plugin <= 1.16.0 - Cross-Site Request Forgery (CSRF) 11.06.2026 4.6
CVE-2025-7064 Freelance Security Lock – Access to Windows OS 11.06.2026 6.6
CVE-2026-11850 Krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 11.06.2026
CVE-2026-53911 Cerebrate primary key mass assignment in CRUD edit operations allows authenticated users to overwrite unrelated records 11.06.2026
CVE-2026-5497 Unbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllm 11.06.2026
CVE-2023-33999 WordPress WP Mail Log plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability 11.06.2026 7.1
CVE-2023-40200 WordPress WP Logo Showcase Responsive Slider and Carousel plugin <= 3.6 - Broken Access Control vulnerability 11.06.2026 5.3
CVE-2024-32110 WordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.1.2 - Cross Site Request Forgery (CSRF) vulnerability 11.06.2026 4.3
CVE-2026-53901 Cerebrate before v1.37 allows mass assignment of record identifiers during object creation 11.06.2026
CVE-2026-10795 UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc 11.06.2026 8.1
CVE-2026-40986 Spring Web Flow JS RemotingHandler renders non-HTML Response as HTML 11.06.2026 4.8
CVE-2026-40987 Remote-file synchronizer in Spring Integration writes server-supplied filename under localDirectory without canonicalization 11.06.2026 7.1
CVE-2026-40992 Mail Auto-Configuration Does Not Enable SSL Hostname Verification 11.06.2026 5
CVE-2026-40994 Wss4jSecurityInterceptor disables WS-I BSP validation by default 11.06.2026 8.2
CVE-2026-40995 X.509 authentication bypasses Spring Security account checks 11.06.2026 5.4
CVE-2026-40996 Inbound WS-Security allows RSA PKCS#1 v1.5 key transport by default 11.06.2026 4.8
CVE-2026-40997 SOAP security faults leak Spring Security account state 11.06.2026 5.3
CVE-2026-40998 Jaxp13 XPath XXE via StreamSource and SAXSource 11.06.2026 8.2
CVE-2026-40999 Spring WS SSRF via unvalidated WS-Addressing reply destinations 11.06.2026 8.6
CVE-2026-41000 WSS4J validation does not use configured replay cache 11.06.2026 3.7
CVE-2026-41001 Predictable Temp Directory in Artemis Auto-configuration 11.06.2026 5.3
CVE-2026-41699 Unsafe Deserialization in Spring GraphQL 11.06.2026 8.1
CVE-2026-41700 Cross-Site WebSocket Hijacking in Spring for GraphQL 11.06.2026 8.1
CVE-2026-41856 Spring GraphQL Annotation Detection Vulnerability 11.06.2026 7.5
CVE-2026-40985 Data Binding Vulnerability in Spring Web Flow with Unified EL Parser 11.06.2026 6.4
CVE-2026-35273 11.06.2026 9.8
CVE-2026-2827 Open User Map PRO <= 1.4.31 - Unauthenticated Stored Cross-Site Scripting via 'oum_location_notification' 11.06.2026 4.7
CVE-2026-46645 SQLAdmin: Authorization Bypass on `ajax_lookup` 10.06.2026 4.3
CVE-2026-47342 Apache OFBiz: Privilege Escalation via updateOrRemove Authorization Bypass 10.06.2026
CVE-2026-50223 Apache OFBiz: DataResource Low-Privileged Authenticated FreeMarker Template Injection Leads to Remote Code Execution 11.06.2026
CVE-2024-21944 11.06.2026 5.3
CVE-2026-42305 Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows 11.06.2026 8.8
CVE-2026-42558 Xibo Vulnerable to Stored XSS and Iframe Sandbox Escape via Data Connector Script in DataSet 11.06.2026 7.6
CVE-2026-42563 Dulwich Vulnerable to Command Injection via Merge Driver Path 11.06.2026
CVE-2026-42568 Yamcs Vulnerable to LDAP Injection in LdapAuthModule 10.06.2026 4.3
CVE-2026-44693 Pi-hole FTL: Unauthenticated Session Hijacking via Race Condition on Global Session Buffer 10.06.2026 8.8
CVE-2026-46521 ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression 11.06.2026 5.5
CVE-2026-46557 ImageMagick: Stack overflow in fx operation 11.06.2026 6.2
CVE-2026-46559 ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder 10.06.2026 4
CVE-2026-46692 ImageMagick: Heap Buffer Over-Write in distributed pixel cache server 11.06.2026 4.1
CVE-2026-46693 ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking 11.06.2026 4.1
CVE-2026-46695 BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files 11.06.2026 10
CVE-2026-46703 BoxLite: Path Traversal Vulnerability in boxlite Leads to Arbitrary File Write on the Host 11.06.2026 9.6
CVE-2026-47165 ImageMagick: Information Disclosure in distributed pixel cache server because it is not using a challenge–response authentication model 10.06.2026 4.1
CVE-2026-47166 ImageMagick: Heap Buffer Over-Read in distributed pixel cache server 11.06.2026 5.7
CVE-2026-47213 BoxLite: Timeout Bypass Vulnerability 11.06.2026 6.5
CVE-2026-47712 Dulwich doesn't sanitize commit subjects in `porcelain.format_patch` 11.06.2026 3.3
CVE-2026-47734 Dulwich has unbounded memory allocation in receive-pack from crafted thin packs 10.06.2026 5.7
CVE-2026-48724 ImageMagick: Heap Buffer Underwrite in Floyd-Steinberg depth dithering 11.06.2026 5.5
CVE-2026-48733 ImageMagick: Infinite Loop in subimage-search with crafted image 11.06.2026 4.7
CVE-2026-48734 ImageMagick: Stack Overflow in MVG decoder 11.06.2026 5.5
CVE-2026-48994 ImageMagick: Heap Buffer Over-Write in MAT decoder on 32-bit systems 11.06.2026 5.9
CVE-2026-49218 ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions 10.06.2026 7.5
CVE-2026-49219 ImageMagick: Policy Bypass can read disallowed files 10.06.2026 5.5
CVE-2026-52726 Dulwich's submodule path traversal in porcelain.submodule_update / porcelain.clone(recurse_submodules=True) yields RCE via attacker-dropped .git/hooks payload 11.06.2026 7.5
CVE-2026-53460 ImageMagick: Policy Bypass can trigger out-of-Memory condition 11.06.2026 7.5
CVE-2026-53461 ImageMagick: Out-of-bounds write in ICON decoder due to incorrect loop 10.06.2026 7.5
CVE-2026-53462 ImageMagick: Use-After-Free when allocation in CheckPrimitiveExtent fails 10.06.2026 5.9
CVE-2026-53463 ImageMagick: Null Pointer Dereference in distort operation when passing incorrect arguments 11.06.2026 4.3
CVE-2026-53464 ImageMagick: Memory Leak in wand option parser when providing invalid arguments 11.06.2026 4
CVE-2026-53465 ImageMagick: Heap Buffer Over-Write in SF3 encoder when writing multi-frame image 11.06.2026 6.2
CVE-2026-0269 PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing 11.06.2026
CVE-2026-0270 Cortex XSOAR: Path Traversal Vulnerability 11.06.2026
CVE-2026-0271 Prisma Access Agent: Local Privilege Escalation by Authorized Users 11.06.2026
CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI) 11.06.2026
CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI 11.06.2026
CVE-2026-0274 Cortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integration 11.06.2026
CVE-2026-11604 11.06.2026
CVE-2026-2049 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability 11.06.2026
CVE-2026-42326 ImageMagick: Heap Buffer Over-Read in IPTC encoder 11.06.2026 5.1
CVE-2026-45031 ImageMagick: Policy Bypass in PSD decoder 10.06.2026 5.3
CVE-2026-45358 ImageMagick: Out-of-Bounds Read of a single byte in meta encoder 11.06.2026 5.3
CVE-2026-45359 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define 11.06.2026 5.7
CVE-2026-45624 ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation. 11.06.2026 5.1
CVE-2026-45664 ImageMagick: Policy Bypass in MNG coder could 11.06.2026 5.3
CVE-2026-45783 libp2p: Unvalidated PUT_VALUE records allow unbounded disk exhaustion on DHT server nodes 10.06.2026 7.5
CVE-2026-46520 ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions 11.06.2026 7.5
CVE-2026-46522 ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion 11.06.2026 7.5
CVE-2026-46523 ImageMagick: Use-After-Free in MSL decoder. 11.06.2026 6.2
CVE-2026-46625 JavaScript Cookie: Per-instance prototype hijack in assign() enables cookie-attribute injection 10.06.2026 7.5
CVE-2026-46679 libp2p: Memory DoS via subscription flood of unique topics 11.06.2026 7.5
CVE-2022-26758 11.06.2026
CVE-2022-48575 11.06.2026
CVE-2026-0266 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface 11.06.2026
CVE-2026-0267 GlobalProtect App: Information Exposure Vulnerability on macOS 11.06.2026
CVE-2026-0268 Prisma Access Agent: Local Authenticated VPN Enforcement Bypass on Linux 11.06.2026
CVE-2026-10142 kafka-python prior to 2.3.2 Denial of Service via Protocol Parser Frame Length 11.06.2026 7.5
CVE-2026-10143 kafka-python prior to 2.3.2 DoS via SCRAM Iteration Count in scram.py 11.06.2026 7.5
CVE-2026-42462 Fedify has an LD-Signature Bypass via JSON-LD Named-Graph Restructuring 11.06.2026 7
CVE-2026-42542 TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS) 10.06.2026 7.5
CVE-2026-44692 Authenticated Sharp users can download unrelated Laravel Storage objects through the generic download endpoint 11.06.2026 7.7
CVE-2026-45380 bit7z: Path Traversal via Null Byte Injection from `gcount()` Off-by-One in `restoreSymlink()` 11.06.2026 3.6
CVE-2026-45384 bit7z: Arbitrary File Overwrite via Symlink Attack on Predictable Temp File During Archive Update 11.06.2026 6.1
CVE-2026-46654 Plonky3 MultiField32Challenger: transcript malleability and challenge entropy loss 11.06.2026
CVE-2026-46668 SpiceDB: Caveat structures with nested lists can result in improper cache reuse 10.06.2026
CVE-2026-46669 `openvm-pairing` pairing check missing proper subfield check on scaling factor 11.06.2026
CVE-2026-46673 Russh: Unchecked CryptoVec allocation and growth handling is reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases 11.06.2026 7.5
CVE-2026-46689 Kanidm: Unauthenticated process abort via SCIM filter stack exhaustion 11.06.2026
CVE-2026-46702 Russh: Post-decompression SSH packet size was not bounded, allowing remote oversized compressed packets 10.06.2026 7.5
CVE-2026-46705 russh server userauth state is not reset when authentication principal changes 11.06.2026 5.3
CVE-2026-48011 Shopware: Timing-attack on admin panel allowing enumeration of administrator usernames 11.06.2026 3.7
CVE-2026-48107 Russh: Unchecked keyboard-interactive prompt count in client auth path 11.06.2026 6.5
CVE-2026-48108 Russh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner input 11.06.2026 5.3
CVE-2026-48110 Russh: SSH message fields were decoded through allocation-first parsers before field-specific bounds 10.06.2026 7.5
CVE-2026-50131 Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges 11.06.2026 8.6
CVE-2026-53634 Sharp: Missing Authorization Check in Quick Creation Command Endpoints 11.06.2026 4.3
CVE-2026-53736 Easy Twitter Feeds before 1.2.13 Cross-Site Request Forgery via duplicate_post Action 10.06.2026
CVE-2026-53737 Juicer through 1.12.18 Stored Cross-Site Scripting via Unescaped API Response 11.06.2026
CVE-2026-53738 Copy & Delete Posts through 1.5.4 Privilege Escalation via cdp_action_handling Handler 11.06.2026
CVE-2026-53739 Yoast Duplicate Post through 4.6 Cross-Site Request Forgery via duplicate_post_dismiss_notice 11.06.2026
CVE-2026-53740 Yoast Duplicate Post through 4.6 Stored Cross-Site Scripting via Scheduled Republish Notice 11.06.2026
CVE-2026-53741 Simple Link Directory through 9.0.4 Stored XSS via sld_no_results_found Option 11.06.2026
CVE-2026-53742 Simple Link Directory through 9.0.4 Stored XSS via Embed Shortcode Attributes 11.06.2026
CVE-2026-1220 11.06.2026
CVE-2026-45106 Weblate: Stored HTML injection in editor search preview 11.06.2026 4.6
CVE-2026-46529 PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen 10.06.2026
CVE-2026-46643 Snappy: Binary path is never shell-escaped due to an inverted is_executable check 10.06.2026
CVE-2026-46683 Snappy: SSRF and local file read via the xsl-style-sheet option 11.06.2026
CVE-2026-50127 Weblate SSRF: outbound URL guard misses the NAT64 well-known prefix (64:ff9b::/96) 11.06.2026 5.9
CVE-2026-6893 Dracut: dracut: root code execution via dhcp options command injection 10.06.2026
CVE-2026-10740 Excessive memory allocation in s2n-quic 10.06.2026 5.3
CVE-2026-11626 Local Privilege Escalation in Symantec Endpoint Protection macOS CleanWipe Removal Tool 10.06.2026
CVE-2026-50637 Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections 10.06.2026
CVE-2026-50638 Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections 10.06.2026
CVE-2026-50639 Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections 10.06.2026
CVE-2026-11417 OS Command Injection in NodejsFunction Bundling in aws-cdk-lib 10.06.2026 7.3
CVE-2026-45062 FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files 11.06.2026 8.1
CVE-2026-46642 draw.io: XSS via crafted cell label when opening a .drawio file 11.06.2026 6.1
CVE-2026-50565 Fission builder pods auto-mount the fission-builder ServiceAccount token in the user-supplied builder container 10.06.2026 4.9
CVE-2026-50566 Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation 10.06.2026 9.9
CVE-2026-50567 Fission: Zip Slip in pkg/utils/zip.go:Unarchive allows fetcher to write outside the destination directory 10.06.2026 7.7
CVE-2026-50568 Fission: SanitizeFilePath lexical HasPrefix bypass permits sibling-directory escape 11.06.2026 3.6
CVE-2026-50569 Fission: HTTPTrigger admission omits RelativeURL / Prefix validation; kubectl apply bypasses CLI checks 10.06.2026 4.3
CVE-2026-50570 Fission: Incomplete capability denylist in Environment/Function PodSpec validation allows tenant-added CAP_SYS_TIME and cross-tenant node wall-clock corruption 10.06.2026 8.5