| CVE-2025-53827 |
ownCloud Core: Updater has an exposed dangerous method or function |
06.07.2026 |
9.1 |
| CVE-2025-53828 |
SharePoint for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF) |
06.07.2026 |
8.5 |
| CVE-2025-53829 |
ownCloud 10 is vulnerable to Relative Path Traversal |
06.07.2026 |
8 |
| CVE-2025-53830 |
Anti-Virus for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF) |
06.07.2026 |
9.1 |
| CVE-2026-13122 |
|
06.07.2026 |
|
| CVE-2026-58203 |
NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size |
06.07.2026 |
5.3 |
| CVE-2026-59152 |
Arbitrary server-side file read in LangSmith SDK TracingMiddleware |
06.07.2026 |
5 |
| CVE-2026-59194 |
pnpm: patch-remove could delete project-selected files outside the patches directory |
06.07.2026 |
7.1 |
| CVE-2026-59195 |
pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config |
06.07.2026 |
8.2 |
| CVE-2026-59196 |
pnpm: hoisted install imports lockfile alias outside node_modules |
06.07.2026 |
7.1 |
| CVE-2026-5268 |
SFTP Server Authentication Weakness |
06.07.2026 |
|
| CVE-2026-13698 |
|
06.07.2026 |
|
| CVE-2026-54893 |
Email-derived URL path injection in the Swoosh Microsoft Graph adapter |
06.07.2026 |
|
| CVE-2026-58380 |
Gimp: gimp: stack buffer overflow in pnmscanner_gettoken() |
06.07.2026 |
|
| CVE-2026-7185 |
Unauthorized access to files in T-Systems products |
06.07.2026 |
|
| CVE-2026-13705 |
Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read_rgb_16_rle |
06.07.2026 |
|
| CVE-2026-13708 |
Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in i_readjpeg_wiol |
06.07.2026 |
|
| CVE-2025-15667 |
GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free |
06.07.2026 |
|
| CVE-2025-15668 |
GPAC MP4Box box_code_base.c sgpd_del_entry heap-based overflow |
06.07.2026 |
|
| CVE-2025-8591 |
Reflected Cross-Site Scripting via URL Parameter in Multiple WSO2 Products Enables UI Modification |
06.07.2026 |
6.1 |
| CVE-2026-12686 |
Incorrect authorisation in Adiss’s Biloop |
06.07.2026 |
|
| CVE-2026-44936 |
Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml |
06.07.2026 |
5 |
| CVE-2026-44937 |
SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components |
06.07.2026 |
|
| CVE-2026-46587 |
Apache Camel: Couchbase: Non-Camel-prefixed Exchange headers bypass HeaderFilterStrategy allowing operation override from untrusted input |
06.07.2026 |
|
| CVE-2026-46588 |
Apache Camel: CouchDB: Non-Camel-prefixed Exchange headers bypass HeaderFilterStrategy allowing operation override from untrusted input |
06.07.2026 |
|
| CVE-2026-49042 |
Apache Camel: langchain4j-tools: filter tool argument headers against declared parameters |
06.07.2026 |
|
| CVE-2026-49297 |
Apache Airflow Google provider: Path traversal via GCS object names → local/SFTP filesystem (GCSToSFTPOperator + GCSTimeSpanFileTransformOperator) |
06.07.2026 |
|
| CVE-2026-4249 |
Denial of Service via Malicious JSON Payloads in Throttling Events in Multiple WSO2 Products Causing Persistent Service Disruption |
06.07.2026 |
8.6 |
| CVE-2026-56810 |
mint buffers an entire chunked response chunk in memory in Mint.HTTP1.decode_body/5 |
06.07.2026 |
|
| CVE-2026-58226 |
Unauthenticated denial-of-service via unbounded HPACK integer decoding in hpax |
06.07.2026 |
|
| CVE-2026-6900 |
Improper Certificate Validation |
06.07.2026 |
7.4 |
| CVE-2026-6901 |
Untrusted Search Path |
06.07.2026 |
7.7 |
| CVE-2026-14809 |
PROG MIS|Prog Management System - SQL Injection |
06.07.2026 |
|
| CVE-2026-1433 |
uniFLOW Universal Login Manager (ULM) Standalone Improper Protection of Sensitive Information Leads to Information Disclosure |
06.07.2026 |
|
| CVE-2026-24012 |
Apache IoTDB: Denial of Service via Resource Exhaustion in Aggregation Query |
06.07.2026 |
|
| CVE-2026-24013 |
Apache IoTDB: Authentication Bypass via Forged SessionID in Thrift RPC |
06.07.2026 |
|
| CVE-2026-24014 |
Apache IoTDB: Path Traversal in DataNode Internal RPC Trigger JAR Upload Allows Arbitrary File Write |
06.07.2026 |
|
| CVE-2026-40047 |
Apache Camel: Camel-Docling: Insufficient validation of custom CLI arguments enables argument injection and path traversal in DoclingProducer |
06.07.2026 |
|
| CVE-2026-40859 |
Apache Camel: Camel-Vertx-Http: Unsafe Java deserialization of HTTP response bodies via a raw ObjectInputStream when transferException is enabled |
06.07.2026 |
|
| CVE-2026-42527 |
Apache Camel: Permissive default ObjectInputFilter pattern admits java.net.** and enables DNS-based information disclosure |
06.07.2026 |
|
| CVE-2026-43865 |
Apache Camel: Camel-Hazelcast: Unsafe Java deserialization in default-configured managed Hazelcast instances enables remote code execution |
06.07.2026 |
|
| CVE-2026-43866 |
Apache Camel, Apache Camel: Camel JMS - CVE-2026-40860 fix bypass via DefaultExchangeHolder |
06.07.2026 |
|
| CVE-2026-43867 |
Apache Camel: Camel-PQC: The AWS Secrets Manager key-lifecycle manager deserializes persisted key metadata with java.io.ObjectInputStream and no ObjectInputFilter |
06.07.2026 |
|
| CVE-2026-44934 |
Exposed tokens in SUSE Rancher AI Agent logs |
06.07.2026 |
|
| CVE-2026-46453 |
Apache Camel: Camel-Elasticsearch-Rest-Client: Exchange header constants without the Camel prefix bypass inbound HTTP header filtering, allowing untrusted clients to override the Elasticsearch query and operation |
06.07.2026 |
|
| CVE-2026-46454 |
Apache Camel: Camel-Cometd: Inbound Bayeux message headers are mapped into the Exchange without a HeaderFilterStrategy, allowing unauthenticated clients to inject Camel control headers |
06.07.2026 |
|
| CVE-2026-46455 |
Apache Camel: Camel-Keycloak: The access-token validity window is not verified because the IS_ACTIVE check is missing from the TokenVerifier, allowing expired tokens to be accepted |
06.07.2026 |
|
| CVE-2026-46456 |
Apache Camel: Camel-AWS2-SQS: Inbound message attributes are mapped into the Exchange without an inbound HeaderFilterStrategy, allowing a message sender to inject Camel control headers |
06.07.2026 |
|
| CVE-2026-46457 |
Apache Camel: Camel-NATS: Inbound NATS message headers are mapped into the Exchange without a configured HeaderFilterStrategy, allowing a client that can publish to the subject to inject Camel control headers |
06.07.2026 |
|
| CVE-2026-46584 |
Apache Camel Mail: The mail producer applied attacker-supplied message headers as JavaMail session properties, allowing an attacker to influence SMTP parameters |
06.07.2026 |
|
| CVE-2026-46585 |
Apache Camel Lucene: The query control headers used non-Camel-prefixed names (QUERY, RETURN_LUCENE_DOCS) that bypass the HTTP header filter, allowing an HTTP client to inject the full-text search query |
06.07.2026 |
|
| CVE-2026-46590 |
Apache Camel: Camel-PQC: The HashiCorp Vault and AWS Secrets Manager key-lifecycle managers deserialize persisted key metadata with java.io.ObjectInputStream and no ObjectInputFilter (incomplete remediation of CVE-2026-40048) |
06.07.2026 |
|
| CVE-2026-46591 |
Apache Camel: Camel-Neo4j: JSON property names from the CamelNeo4jMatchProperties header are interpolated into the Cypher WHERE clause without validation, allowing Cypher injection (incomplete remediation of CVE-2025-66169) |
06.07.2026 |
|
| CVE-2026-46592 |
Apache Camel: Camel-CXF: The SOAP operation-selection headers used non-Camel-prefixed names (operationName, operationNamespace) that bypass the HTTP header filter, allowing an HTTP client to redirect the invoked SOAP operation |
06.07.2026 |
|
| CVE-2026-46726 |
Apache Camel Vertx Websocket: The inbound consumer maps externally-supplied WebSocket query and path parameters into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers |
06.07.2026 |
|
| CVE-2026-48203 |
Apache Camel: Camel-Solr: The SolrParam. and SolrField. Exchange header prefixes used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to inject Solr query parameters (server-side request forgery) and document fields |
06.07.2026 |
|
| CVE-2026-48204 |
Apache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to switch the GridFS operation - including destructive file deletion - in the default configuration |
06.07.2026 |
|
| CVE-2026-48205 |
Apache Camel DNS: The dns.* and term Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to influence internal behaviour |
06.07.2026 |
|
| CVE-2026-48206 |
Apache Camel JIRA: A set of non-Camel-prefixed Exchange header constants bypass the HTTP header filter, allowing an HTTP client to drive arbitrary JIRA issue operations using the endpoint's configured credentials |
06.07.2026 |
|
| CVE-2026-49086 |
Apache Camel Dapr: Pub/Sub consumer copied the inbound CloudEvent's pub/sub-name and topic into producer-direction routing headers, allowing an actor who can publish to the subscribed topic to influence internal behaviour |
06.07.2026 |
|
| CVE-2026-49097 |
Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels or users |
06.07.2026 |
|
| CVE-2026-49098 |
Apache Camel: Camel-Kafka: The kafka.OVERRIDE_TOPIC (and other kafka.*) Exchange header constants used non-Camel-prefixed names that bypass the upstream HTTP header filter, allowing an HTTP client to redirect Kafka messages to an arbitrary topic |
06.07.2026 |
|
| CVE-2026-49099 |
Apache Camel Salesforce: Non-Camel-prefixed Exchange header constants bypass the HTTP header filter, allowing an HTTP client to influence internal behaviour |
06.07.2026 |
|
| CVE-2026-49365 |
Apache Camel: Camel-Netty-HTTP: The muteException consumer option defaulted to false, so a processing error returned the full Java stack trace in the HTTP response body, disclosing sensitive internal information to unauthenticated clients |
06.07.2026 |
|
| CVE-2026-53913 |
Apache Camel Keycloak: KeycloakSecurityPolicy verifies the bearer access token only inside its role and permission checks, so in the default configuration the token is never verified and any non-null bearer value is accepted |
06.07.2026 |
|
| CVE-2026-55993 |
Apache Camel Atmosphere Websocket: The inbound consumer maps externally-supplied WebSocket query parameters into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers - enabling influencing internal behaviour |
06.07.2026 |
|
| CVE-2026-55994 |
Apache Camel Iggy: The inbound consumer maps externally-supplied Iggy message user-headers into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers - enabling control over internal behaviour |
06.07.2026 |
|
| CVE-2026-56139 |
Apache Camel Undertow: The muteException consumer option defaulted to false, so a processing error returned the full Java stack trace in the HTTP response body, disclosing sensitive internal information to unauthenticated clients |
06.07.2026 |
|
| CVE-2026-56140 |
Apache Camel AWS2 SNS: An inbound Camel-namespace filter was added to Sns2HeaderFilterStrategy to align it with sibling components |
06.07.2026 |
|
| CVE-2026-9165 |
Stackrox: stackrox: unbounded graphql query depth allows authenticated denial of service |
06.07.2026 |
|
| CVE-2024-6228 |
WANotifier < 2.6 - Subscriber+ LFI |
06.07.2026 |
|
| CVE-2026-10830 |
AllCoach < 1.0.2 - Unauthenticated Account Takeover |
06.07.2026 |
|
| CVE-2026-11766 |
Ultimate Member < 2.12.0 - Subscriber+ Stored XSS via Custom Textarea Profile Fields |
06.07.2026 |
|
| CVE-2026-11855 |
Simple Membership < 4.7.5 - Unauthenticated Stored XSS via Stripe Webhook API Version |
06.07.2026 |
|
| CVE-2026-11962 |
FileOrganizer < 1.2.0 - Authenticated Arbitrary File Upload via elFinder File Operations |
06.07.2026 |
|
| CVE-2026-12083 |
Admin and Site Enhancements < 8.8.4 - Unauthenticated Administrator-Role Restoration via reset-for Parameter |
06.07.2026 |
|
| CVE-2026-14800 |
imhamzaazam ecommerceFlask cross-site request forgery |
06.07.2026 |
|
| CVE-2026-14801 |
GPAC TeXML File load_text.c txtin_probe_duration divide by zero |
06.07.2026 |
|
| CVE-2026-14802 |
react create-react-app react-dev-utils openBrowser.js startBrowserProcess os command injection |
06.07.2026 |
|
| CVE-2026-14807 |
PROG MIS|ERP App - Use of Hard-coded Credentials |
06.07.2026 |
|
| CVE-2026-14808 |
PROG MIS|Prog Management System - Exposure of Sensitive Information |
06.07.2026 |
|
| CVE-2026-6382 |
Multiple elFinder Plugins - Authenticated OS Command Injection |
06.07.2026 |
|
| CVE-2026-14797 |
CodeAstro Apartment Visitor Management System edit-apartment.php sql injection |
06.07.2026 |
|
| CVE-2026-14798 |
CodeAstro Apartment Visitor Management System visitor-entry.php sql injection |
06.07.2026 |
|
| CVE-2026-14799 |
CodeAstro Ecommerce Website my_account.php sql injection |
06.07.2026 |
|
| CVE-2026-14792 |
Formbricks Survey actions.ts access control |
06.07.2026 |
|
| CVE-2026-14793 |
Craft CMS reorder-sets Endpoint GlobalsController.php actionReorderSets authorization |
06.07.2026 |
|
| CVE-2026-14794 |
Craft CMS Charts Endpoint ChartsController.php actionGetNewUsersData improper authorization |
06.07.2026 |
|
| CVE-2026-14795 |
CodeAstro Apartment Visitor Management System action-visitor.php sql injection |
06.07.2026 |
|
| CVE-2026-14796 |
CodeAstro Apartment Visitor Management System report.php sql injection |
06.07.2026 |
|
| CVE-2026-14789 |
radareorg radare2 Memory64ListStream mdmp.c stack-based overflow |
06.07.2026 |
|
| CVE-2026-14790 |
GPAC Media File write_nhml.c nhmldump_send_frame null pointer dereference |
06.07.2026 |
|
| CVE-2026-14791 |
crater-invoice-inc crater Invoice Note InvoicesRequest.php getFormattedString cross site scripting |
06.07.2026 |
|
| CVE-2026-14787 |
radareorg radare2 pb Print cmd_print.inc cmd_print integer overflow |
06.07.2026 |
|
| CVE-2026-14788 |
radareorg radare2 cfile.c r_core_bin_load use after free |
06.07.2026 |
|
| CVE-2026-14803 |
Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder |
06.07.2026 |
|
| CVE-2026-14786 |
radareorg radare2 str.c r_str_word_get0set integer overflow |
06.07.2026 |
|
| CVE-2026-14784 |
vxcontrol PentAGI Docker API client.go sandbox |
06.07.2026 |
|
| CVE-2026-14778 |
SourceCodester Onlne Examination & Learning Management System Enrollment Management ajax_enroll.php improper authorization |
06.07.2026 |
|
| CVE-2026-14783 |
NousResearch hermes-agent skills_tool.py skill_view path traversal |
05.07.2026 |
|
| CVE-2026-14777 |
SourceCodester Onlne Examination & Learning Management System announcements.php unrestricted upload |
06.07.2026 |
|
| CVE-2026-14775 |
SourceCodester Onlne Examination & Learning Management System process_lesson.php unrestricted upload |
05.07.2026 |
|
| CVE-2026-14776 |
SourceCodester Onlne Examination & Learning Management System Filename Extension upload_files.php pathinfo unrestricted upload |
05.07.2026 |
|
| CVE-2026-10656 |
NULL-pointer dereference DoS in MAX32 USB device controller transfer-completion handlers |
05.07.2026 |
4.6 |
| CVE-2026-10657 |
Out-of-bounds read in Zephyr DNS resolver mDNS suffix check (memcmp past string NUL) |
05.07.2026 |
3.7 |
| CVE-2026-14773 |
itsourcecode Hospital Management System payment.php sql injection |
06.07.2026 |
|
| CVE-2026-14774 |
itsourcecode Hospital Management System paymentdischarge.php sql injection |
06.07.2026 |
|
| CVE-2026-14772 |
SourceCodester Class and Exam Timetabling System edit_course1.php sql injection |
06.07.2026 |
|
| CVE-2026-14771 |
SourceCodester Class and Exam Timetabling System edit_exam1.php sql injection |
06.07.2026 |
|
| CVE-2026-59511 |
WordPress Exclusive Addons Elementor plugin <= 2.7.9.9 - Sensitive Data Exposure vulnerability |
06.07.2026 |
5.3 |
| CVE-2026-59519 |
WordPress FormLayer plugin <= 1.0.6 - Sensitive Data Exposure vulnerability |
05.07.2026 |
5.3 |
| CVE-2026-59520 |
WordPress CrawlWP SEO plugin <= 3.0.16 - Cross Site Request Forgery (CSRF) vulnerability |
06.07.2026 |
4.3 |
| CVE-2026-14770 |
SourceCodester Class and Exam Timetabling System edit_room.php sql injection |
05.07.2026 |
|
| CVE-2026-14769 |
code-projects Real State Services pay.php sql injection |
05.07.2026 |
|
| CVE-2026-14767 |
CodeAstro Ecommerce Website POST Parameter confirm.php sql injection |
06.07.2026 |
|
| CVE-2026-14768 |
code-projects Real State Services builderHome.php sql injection |
06.07.2026 |
|
| CVE-2026-14766 |
CodeAstro Apartment Visitor Management System POST Parameter search-result.php sql injection |
06.07.2026 |
|
| CVE-2026-59510 |
Authenticated Path Traversal in AIL Framework PDF Object Handling Enables Potential Arbitrary File Read |
06.07.2026 |
|