| CVE-2026-14935 |
Gstreamer: gstreamer: webrtcbin accepts remote sdp without a=fingerprint due to inverted presence check |
07.07.2026 |
|
| CVE-2026-14969 |
389-ds-base: 389-ds-base: static initialization vector in aes-cbc/3des-cbc attribute encryption |
07.07.2026 |
|
| CVE-2026-56811 |
Phoenix transports do not limit channel joins per connection, enabling process-exhaustion denial of service |
07.07.2026 |
|
| CVE-2026-56812 |
Phoenix JavaScript presence client crashes on presence keys colliding with Object.prototype members in Presence.syncState/syncDiff |
07.07.2026 |
|
| CVE-2026-12352 |
Incorrect Authorization |
07.07.2026 |
5.9 |
| CVE-2026-12948 |
Stored Cross-Site Scripting (XSS) |
07.07.2026 |
|
| CVE-2026-14940 |
389-ds-base: 389-ds-base: heap-buffer-overflow in dn normalization via quoted multivalued rdn |
07.07.2026 |
|
| CVE-2026-48588 |
Potential exposure of private data via cached Set-Cookie response |
07.07.2026 |
|
| CVE-2026-53877 |
Heap buffer over-read in GDALRaster |
07.07.2026 |
|
| CVE-2026-53878 |
Header injection possibility since DomainNameValidator accepted newlines in input |
07.07.2026 |
|
| CVE-2026-59709 |
Ghostfolio - Unauthorized Portfolio Holding Tag Modification via Missing Permission Check |
07.07.2026 |
|
| CVE-2026-44938 |
Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent |
07.07.2026 |
8.8 |
| CVE-2026-53479 |
|
07.07.2026 |
7.2 |
| CVE-2026-6101 |
AMP for WP <= 1.1.12 - Authenticated (Author+) Arbitrary File Write via Role-Based Access Configuration with Local Font Upload |
07.07.2026 |
7.5 |
| CVE-2026-10659 |
NULL pointer dereference in Zephyr Dhara FTL disk driver on flash read error during journal resume |
07.07.2026 |
4.7 |
| CVE-2026-53481 |
|
07.07.2026 |
9.8 |
| CVE-2026-53483 |
|
07.07.2026 |
9.8 |
| CVE-2011-10043 |
Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded |
07.07.2026 |
|
| CVE-2026-11348 |
Authentication Bypass in HAVELSAN's Open Source Project Liman MYS |
07.07.2026 |
8.1 |
| CVE-2026-13696 |
LDAP Injection in HAVELSAN's Liman MYS |
07.07.2026 |
8.8 |
| CVE-2026-11340 |
Authorization Bypass in HAVELSAN's Open Source Project Liman MYS |
07.07.2026 |
8.3 |
| CVE-2026-11610 |
389-ds-base: 389-ds-base: heap buffer overflow in sasl_io_recv() via padded sasl unbind |
07.07.2026 |
|
| CVE-2026-14474 |
Sssd: sssd: sudo ldap provider searches entire directory tree for sudorole objects by default, enabling privilege escalation |
07.07.2026 |
|
| CVE-2026-14476 |
Sssd: sssd: gpo cache path traversal via unsanitized gpcfilesyspath allows kerberos authentication bypass |
07.07.2026 |
|
| CVE-2026-14867 |
Insecure password storage in User directory |
07.07.2026 |
|
| CVE-2026-14868 |
Weak encryption mechanism for User directory |
07.07.2026 |
|
| CVE-2026-33264 |
Apache Airflow: DAG author RCE on webserver via unrestricted import_string() in BaseSerialization.deserialize() |
07.07.2026 |
|
| CVE-2026-48828 |
Apache Airflow: Bulk JSON Variables bypass should_hide_value_for_key - redact() called without the key |
07.07.2026 |
|
| CVE-2026-48891 |
Apache Airflow: /ui/dependencies scheduling graph leaks unreadable Dag identifiers via trigger/sensor dep.source/dep.target |
07.07.2026 |
|
| CVE-2026-48892 |
Apache Airflow: Config API leaks per-key secrets backend kwargs - masker bypass on synthetic options |
07.07.2026 |
|
| CVE-2026-49296 |
Apache Airflow: Per-DAG read bypass discloses co-located DAGs' source via GET /api/v2/dagSources/{dag_id} |
07.07.2026 |
|
| CVE-2026-49487 |
Apache Airflow: Task-instance API exposes secrets in deferred trigger kwargs |
07.07.2026 |
|
| CVE-2026-13199 |
Insufficient Entropy in Raspberry Pi 5 and Compute Module 5 |
07.07.2026 |
|
| CVE-2026-58384 |
Gimp: gimp: integer overflow in read_rle_channel() |
07.07.2026 |
|
| CVE-2026-5730 |
IDOR in Idvlabs' Ontime |
07.07.2026 |
7.5 |
| CVE-2026-5799 |
IDOR in Idvlabs' Ontime |
07.07.2026 |
7.5 |
| CVE-2026-7380 |
HTML Injection in Armiya Technologies' Access Control System |
07.07.2026 |
6.1 |
| CVE-2026-8306 |
Stored XSS in Armiya Technologies' Access Control System |
07.07.2026 |
6.1 |
| CVE-2026-8309 |
Reflected XSS in Armiya Technologies' Access Control System |
07.07.2026 |
5.4 |
| CVE-2026-8377 |
Improper Authorization in Armiya Technologies' Access Control System |
07.07.2026 |
8.2 |
| CVE-2026-10834 |
WP Travel Engine < 6.8.1 - Subscriber+ Arbitrary Media File Move via user_profile_image |
07.07.2026 |
|
| CVE-2026-12277 |
Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Deletion via Saved File Metadata Path Traversal |
07.07.2026 |
|
| CVE-2026-12375 |
Uncanny Automator Pro 7.3.0.5 - Backdoor via Compromised Vendor Update Server |
07.07.2026 |
|
| CVE-2026-14345 |
WPFunnels <= 3.12.7 - Unauthenticated Remote Code Execution via 'postData' Parameter |
07.07.2026 |
9.8 |
| CVE-2026-4375 |
DoLeads Integrator <= 1.2.2 & wp2epub <= 0.65 - Unauthenticated RCE |
07.07.2026 |
|
| CVE-2026-57867 |
|
07.07.2026 |
|
| CVE-2026-57868 |
|
07.07.2026 |
|
| CVE-2026-57869 |
|
07.07.2026 |
|
| CVE-2026-57870 |
|
07.07.2026 |
|
| CVE-2026-57871 |
|
07.07.2026 |
|
| CVE-2026-58315 |
|
07.07.2026 |
|
| CVE-2026-26053 |
|
07.07.2026 |
5.3 |
| CVE-2026-27790 |
|
07.07.2026 |
2.7 |
| CVE-2026-27844 |
|
07.07.2026 |
2.7 |
| CVE-2026-34158 |
Coolify: Command injection via single-quote breakout in Docker Compose custom commands |
07.07.2026 |
8.8 |
| CVE-2026-42201 |
Coolify: OS Command Injection via Database Credential Fields in Docker Compose Service Commands |
07.07.2026 |
3.3 |
| CVE-2026-34034 |
Coolify: Host RCE via Sentinel token injection |
07.07.2026 |
8.8 |
| CVE-2026-34035 |
Coolify: Host RCE via Log Drain secret/env command injection |
07.07.2026 |
8.8 |
| CVE-2026-34037 |
Cross-Tenant Resource Cloning via Broken Object-Level Authorization in cloneTo() |
07.07.2026 |
9.9 |
| CVE-2026-34044 |
Coolify: Cross-team IDOR in logs component (resource lookup not team-scoped) |
07.07.2026 |
7.7 |
| CVE-2026-34047 |
Coolify: WebSocket Endpoint Access Control Flaw Leading to Remote Code Execution |
07.07.2026 |
9.9 |
| CVE-2026-34048 |
Coolify: Missing authorization on terminal websocket bootstrap routes allows low-privileged members to execute commands on team servers |
07.07.2026 |
9.9 |
| CVE-2026-34057 |
Coolify: Authenticated Remote Code Execution via Command Injection in Database Import Container Name |
07.07.2026 |
8.8 |
| CVE-2026-34058 |
Coolify: OS Command Injection via Unmanaged Container Operations - Remote Code Execution |
07.07.2026 |
8.8 |
| CVE-2026-34149 |
Coolify: Authenticated Host-Level RCE via Unescaped Database Credentials in Backup Jobs |
07.07.2026 |
3.3 |
| CVE-2026-34152 |
Coolify: Command Injection via Newline in Pre/Post Deployment Commands (Heredoc Transport) |
07.07.2026 |
8.8 |
| CVE-2026-34168 |
Coolify: Command injection via unsanitized persistent storage name in docker volume commands |
07.07.2026 |
8.8 |
| CVE-2026-34170 |
Coolify: Server-Side Request Forgery via attacker-controlled GitHub App API URL |
07.07.2026 |
4.3 |
| CVE-2026-34171 |
Coolify: Account takeover via CSRF-able GET endpoint that resets password to attacker-known value |
07.07.2026 |
8 |
| CVE-2026-34198 |
Coolify: Password reset link poisoning via X-Forwarded-Host header spoofing |
07.07.2026 |
5.3 |
| CVE-2026-42143 |
Coolify: OS Command Injection via Persistent Volume Names - Root RCE on Managed Servers |
07.07.2026 |
8.8 |
| CVE-2026-42145 |
Coolify: File Upload Without Type or Size Validation in Database Backup Restore |
07.07.2026 |
3.1 |
| CVE-2026-42147 |
Coolify: SSRF via S3 Storage Endpoint in testConnection() |
07.07.2026 |
4.9 |
| CVE-2026-42172 |
Coolify: Sanctum API Tokens Have No Expiration — Leaked Tokens Grant Permanent Access |
07.07.2026 |
3.1 |
| CVE-2026-42200 |
Coolify: PostgreSQL Init Script Path Traversal Leads to Arbitrary File Write and Root RCE |
07.07.2026 |
8.8 |
| CVE-2026-11328 |
Exclusive Addons for Elementor <= 2.7.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title |
07.07.2026 |
6.4 |
| CVE-2024-56141 |
Minosoft has IV equal to key |
06.07.2026 |
5 |
| CVE-2026-13356 |
Interrupted navigation could allow address bar origin spoofing in Firefox for iOS |
07.07.2026 |
|
| CVE-2026-53647 |
FOSSBilling vulnerable to unauthenticated API key configuration disclosure via guest Serviceapikey get_info endpoint |
07.07.2026 |
|
| CVE-2026-53648 |
FOSSBilling: Downloadable product files can be overwritten through filename collisions |
07.07.2026 |
|
| CVE-2026-53642 |
FOSSBilling: Unverified clients can access client-area pages when email confirmation is required |
07.07.2026 |
|
| CVE-2026-53643 |
FOSSBilling allows low-privileged staff accounts to perform unauthorized actions via admin API endpoints |
07.07.2026 |
|
| CVE-2026-53644 |
FOSSBilling's missing order-state validation allows clients to read and reset API key secrets for non-active orders |
07.07.2026 |
|
| CVE-2026-53645 |
FOSSBilling's missing self-edit prevention in staff permission management allows persistent privilege escalation |
07.07.2026 |
|
| CVE-2026-53646 |
FOSSBilling: Client password reset token reuse allows persistent account takeover |
07.07.2026 |
|
| CVE-2026-53640 |
FOSSBilling missing authorization checks on read-only admin API endpoints expose sensitive staff, client, and redirect data |
07.07.2026 |
|
| CVE-2026-53641 |
FOSSBilling has stored XSS in client email views via unescaped content in JavaScript template literal |
06.07.2026 |
|
| CVE-2026-43925 |
FOSSBilling: Mass assignment of group_id in guest client registration allows unauthorized promo code use |
07.07.2026 |
|
| CVE-2026-43927 |
FOSSBilling has race condition in cart checkout that bypasses promo code usage limits |
07.07.2026 |
|
| CVE-2026-43928 |
FOSSBilling: Payment amount not validated in PayPalEmail adapter allows invoice underpayment |
07.07.2026 |
|
| CVE-2026-32718 |
Coolify read-scoped API tokens can perform state-changing validation operations |
07.07.2026 |
6.5 |
| CVE-2026-34049 |
Coolify: Command Injection via unsanitized MongoDB collection names in database backup |
07.07.2026 |
3.3 |
| CVE-2026-34050 |
Coolify Settings/Updates Livewire component missing instance administrator authorization |
07.07.2026 |
6.5 |
| CVE-2026-34153 |
Coolify LocalFileVolume fs_path command injection enables RCE |
07.07.2026 |
8.8 |
| CVE-2026-34167 |
Coolify: Cross-tenant activity log disclosure via unlocked Livewire property in ActivityMonitor |
06.07.2026 |
5 |
| CVE-2026-34599 |
Coolify: Authenticated Remote Code Execution in GetLogs Livewire Component |
07.07.2026 |
8.8 |
| CVE-2026-38973 |
|
06.07.2026 |
|
| CVE-2026-38976 |
|
06.07.2026 |
|
| CVE-2026-38979 |
|
06.07.2026 |
|
| CVE-2026-41899 |
Coolify unauthenticated feedback endpoint allows Discord webhook abuse |
07.07.2026 |
6.5 |
| CVE-2026-42148 |
Coolify: Command Injection via Unescaped Version String in Docker Build |
07.07.2026 |
3.8 |
| CVE-2026-42153 |
Coolify: PostgreSQL Healthcheck Command Injection Allows Root Code Execution in Container |
07.07.2026 |
8.8 |
| CVE-2026-42204 |
Coolify: Authenticated RCE via SHELL_SAFE_COMMAND_PATTERN regression → host root |
07.07.2026 |
8.8 |
| CVE-2026-43918 |
Suspended or inactive FOSSBilling accounts can retain or regain access through existing sessions, API tokens, and password reset flows |
06.07.2026 |
|
| CVE-2026-43921 |
FOSSBilling vulnerable to arbitrary PHP code injection via unescaped config serialization |
07.07.2026 |
|
| CVE-2026-59710 |
showdown - Stored XSS via Unescaped Table Header ID Attribute Injection |
07.07.2026 |
|
| CVE-2026-14468 |
Path traversal allows arbitrary file read in Terraform Enterprise container |
07.07.2026 |
7.7 |
| CVE-2026-14471 |
Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-registry |
07.07.2026 |
8.1 |
| CVE-2026-33734 |
FOSSBilling has improper SQL neutralization in `Massmailer` recipient filters |
07.07.2026 |
|
| CVE-2026-34038 |
Coolify authenticated remote command injection leading to RCE and secret exfiltration |
07.07.2026 |
9.9 |
| CVE-2026-42331 |
FOSSBilling missing authorization in guest Invoice API endpoints |
07.07.2026 |
|
| CVE-2026-42341 |
FOSSBilling has an unauthenticated payment bypass via IPN callback forgery |
07.07.2026 |
|
| CVE-2026-54709 |
|
06.07.2026 |
|
| CVE-2026-54763 |
Traefik: headerField underscore-variant identity spoofing in BasicAuth / DigestAuth / ForwardAuth |
07.07.2026 |
|
| CVE-2026-54765 |
Traefik: Gateway HTTPRoute backendRef filters can leak backend context across routes sharing a Service:port |
07.07.2026 |
|
| CVE-2026-59711 |
showdown - Cross-Site Scripting via Unescaped Metadata Title in completeHTMLDocument |
07.07.2026 |
|
| CVE-2026-59712 |
Leantime - Credential Disclosure via Unauthenticated JSON-RPC users.getUser Method |
07.07.2026 |
|
| CVE-2026-59713 |
Leantime - OIDC Login CSRF via Unconditional State Verification Stub |
07.07.2026 |
|
| CVE-2025-59615 |
Use After Free in Computer Vision |
07.07.2026 |
6.6 |
| CVE-2025-59616 |
Use After Free in Computer Vision |
07.07.2026 |
6.6 |
| CVE-2025-59617 |
Use After Free in Computer Vision |
07.07.2026 |
6.6 |
| CVE-2026-21368 |
Out-of-bounds Write in Camera Driver |
07.07.2026 |
5.3 |
| CVE-2026-21369 |
Out-of-bounds Write in Camera Driver |
07.07.2026 |
5.3 |
| CVE-2026-21370 |
Out-of-bounds Write in Camera Driver |
07.07.2026 |
5.3 |
| CVE-2026-21379 |
Buffer Over-read in Windows Compute |
07.07.2026 |
7.8 |
| CVE-2026-21383 |
Reusing a Nonce, Key Pair in Encryption in HLOS |
06.07.2026 |
7.1 |
| CVE-2026-21384 |
Out-of-bounds Write in Camera Driver |
07.07.2026 |
5.3 |
| CVE-2026-25268 |
Stack-based Buffer Overflow in WLAN Host |
07.07.2026 |
8.8 |
| CVE-2026-25271 |
Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service |
07.07.2026 |
7.8 |
| CVE-2026-48267 |
DNG SDK | NULL Pointer Dereference (CWE-476) |
07.07.2026 |
5.5 |
| CVE-2026-50135 |
Hugo: Symlink confinement bypass in resources.Get |
06.07.2026 |
|
| CVE-2026-54234 |
vLLM: Remote DoS in vLLM via Invalid Recovered Token Reinjection |
07.07.2026 |
7.5 |
| CVE-2026-54764 |
ForwardAuth middleware leaks X-Forwarded-Port spoofing via untrusted X-Forwarded-Proto when trustForwardHeader=false |
07.07.2026 |
|
| CVE-2026-55514 |
vLLM denial of service via prompt embeds on M-RoPE models |
06.07.2026 |
|
| CVE-2026-55574 |
vLLM: ReDoS via structured_outputs.regex compiled without timeout in xgrammar and outlines backends |
06.07.2026 |
|
| CVE-2026-55727 |
|
06.07.2026 |
7.5 |
| CVE-2026-57571 |
Crawl4AI arbitrary file write via download filename path traversal |
07.07.2026 |
9.6 |
| CVE-2026-57572 |
Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args |
06.07.2026 |
10 |
| CVE-2026-57573 |
Crawl4AI unauthenticated SSRF in Docker streaming crawl endpoint |
07.07.2026 |
8.6 |
| CVE-2026-11405 |
Hidden backdoor authentication mechanism in multiple versions of Tenda firmware allows admin access to web management interface |
06.07.2026 |
|
| CVE-2026-14536 |
|
06.07.2026 |
|
| CVE-2026-14898 |
|
07.07.2026 |
|
| CVE-2026-41514 |
OP-TEE: RSA-OAEP padding oracle in Hisilicon HPRE driver enables plaintext recovery |
06.07.2026 |
2.5 |
| CVE-2026-41515 |
OP-TEE: RSA-OAEP padding oracle in NXP CAAM driver enables plaintext recovery |
07.07.2026 |
2.5 |
| CVE-2026-41516 |
OP-TEE: Hisilicon HPRE PKCS#1 v1.5 Decryption Padding Oracle |
06.07.2026 |
2.5 |
| CVE-2026-42546 |
OP-TEE has missing OPTEE_MSG_ATTR_TYPE_MASK in cleanup_shm_refs() leaks mobj references |
06.07.2026 |
3.8 |
| CVE-2026-44362 |
OP-TEE's subkey rollback protection can be bypassed with older subkey versions |
06.07.2026 |
5.5 |
| CVE-2026-50133 |
Hugo: XSS via text/html content files |
07.07.2026 |
|
| CVE-2026-50134 |
Hugo: security.http.urls allow-list bypass via HTTP redirects |
06.07.2026 |
|
| CVE-2026-53763 |
OP-TEE has AES-GCM 32-bit integer overflow in length counters that breaks authentication guarantee |
07.07.2026 |
|
| CVE-2026-55646 |
vLLM speech-to-text endpoints allocate full upload before enforcing the audio file-size limit |
06.07.2026 |
6.5 |
| CVE-2026-58402 |
Hugo default code block renderer XSS via unescaped code-fence language |
06.07.2026 |
|
| CVE-2026-58403 |
Hugo symlink confinement bypass in os.ReadFile |
06.07.2026 |
|
| CVE-2026-58404 |
Hugo security.http.urls deny rules bypassed by alternate IPv4 encodings |
07.07.2026 |
|
| CVE-2026-59089 |
Gimp: gimp: denial of service via integer overflow in playstation tim loader |
06.07.2026 |
|
| CVE-2026-54059 |
Pillow: PcfFontFile._load_bitmaps()`: `Image.frombytes()` called without `_decompression_bomb_check()` — bomb protection bypass via PCF font loading |
06.07.2026 |
7.5 |
| CVE-2026-54060 |
Pillow: `FontFile.compile()`: `Image.new()` called without `_decompression_bomb_check()` |
07.07.2026 |
7.5 |
| CVE-2026-54291 |
Silent channel-binding authentication downgrade via unsupported certificate algorithms |
06.07.2026 |
|
| CVE-2026-55379 |
Pillow BdfFontFile`: `Image.new()` called without `_decompression_bomb_check()` — bomb protection bypass via font loading |
06.07.2026 |
7.5 |
| CVE-2026-55380 |
Pillow GdImageFile decompression bomb protection bypass |
06.07.2026 |
7.5 |
| CVE-2026-55798 |
Pillow: WindowsViewer.get_command() OS command injection via unescaped shell path |
07.07.2026 |
4.5 |
| CVE-2026-9181 |
Directory Traversal in ArcGIS Server |
06.07.2026 |
9.8 |
| CVE-2026-9182 |
Unvalidated File Upload vulnerability in ArcGIS Server. |
06.07.2026 |
5.3 |
| CVE-2026-13753 |
CVE-2026-13753 |
06.07.2026 |
|
| CVE-2026-12154 |
Reviews Widgets for Google, Yelp & TripAdvisor <= 2.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'page_id' Shortcode Attribute |
07.07.2026 |
6.4 |
| CVE-2026-41434 |
OP-TEE has unbounded recursion in sanitize_client_object() |
07.07.2026 |
3.3 |