| CVE-2026-45150 |
Zen Browser - Missing Fullscreen Security Notification Allows Origin Spoofing |
15.07.2026 |
|
| CVE-2026-50147 |
Metabase: Arbitrary File Read via MySQL Connection Property Injection |
15.07.2026 |
7.6 |
| CVE-2026-55242 |
ERPNext: Server-Side Template Injection (SSTI) in Batch autonaming via Stock Settings.naming_series_prefix |
15.07.2026 |
8.8 |
| CVE-2026-61371 |
|
15.07.2026 |
|
| CVE-2026-61605 |
|
15.07.2026 |
|
| CVE-2026-62683 |
File Browser: Trailing-slash delete leaves a stale public share behind |
15.07.2026 |
3.1 |
| CVE-2026-62685 |
File Browser: Colliding username normalization gives two users the same home directory |
15.07.2026 |
8.1 |
| CVE-2026-62843 |
File Browser: Archive builder turns backslash filenames into path traversal (zip-slip) |
15.07.2026 |
6.8 |
| CVE-2026-9007 |
Reflected XSS in HCL Notes |
15.07.2026 |
|
| CVE-2026-41580 |
Stirling-PDF: Reflected XSS through crafted PDF metadata fields (Title and Author) |
15.07.2026 |
6.1 |
| CVE-2026-44986 |
Penpot: Pre-authenticated account takeover via team-invitation token + prepare-register-profile |
15.07.2026 |
9.9 |
| CVE-2026-45805 |
Penpot: MCP REPL server binds to 0.0.0.0 with unauthenticated /execute endpoint — RCE |
15.07.2026 |
8.8 |
| CVE-2026-45806 |
Penpot: Authenticated SSRF in remote image import via create-file-media-object-from-url |
15.07.2026 |
7.7 |
| CVE-2026-46709 |
Tabby: Drag-and-drop path injection still allows RCE via shell command substitution (incomplete fix for CVE-2026-45038) |
15.07.2026 |
7.8 |
| CVE-2026-47158 |
Vaultwarden: CSRF in SSO Authorization Flow |
15.07.2026 |
8.3 |
| CVE-2026-47159 |
Vaultwarden: Authentication Flow Information Disclosure in SSO Discovery Allows Organization Enumeration and Pre-Validation Token Exposure |
15.07.2026 |
|
| CVE-2026-47160 |
Vaultwarden: Server-side request forgery (SSRF) via Icon Endpoint Decimal/Hex/Octal IP Bypass |
15.07.2026 |
5.8 |
| CVE-2026-47164 |
Vaultwarden: SSO Email Auto-Link Can Bind an Existing Local Account to an Attacker-Controlled IdP Identity |
15.07.2026 |
7.7 |
| CVE-2026-50148 |
Metabase: Remote Code Execution via Snowflake JDBC Driver Arbitrary File Write |
15.07.2026 |
10 |
| CVE-2026-60005 |
NGINX ngx_http_slice_module vulnerability |
15.07.2026 |
8.2 |
| CVE-2026-61828 |
nixos/mysql : `services.mysql` is configured with insecure authentication by default when used with `mysql` or `percona-server` |
15.07.2026 |
|
| CVE-2026-33213 |
Redash: Open redirect vulnerability in post-login redirect handling |
15.07.2026 |
6.1 |
| CVE-2026-42533 |
NGINX Map directive and Regex matching vulnerability |
15.07.2026 |
8.1 |
| CVE-2026-52865 |
NGINX Ingress Controller vulnerability |
15.07.2026 |
6.5 |
| CVE-2026-54560 |
Cloudreve: OAuth access tokens bypass scope enforcement due to missing client_id claim |
15.07.2026 |
7.6 |
| CVE-2026-54562 |
Cloudreve: Non-admin remote download users can SSRF loopback/internal services and read imported responses |
15.07.2026 |
6.5 |
| CVE-2026-54563 |
Cloudreve: Path Traversal / Broken Access Control in Cloudreve WebDAV (`/dav`) — scoped DAV credential escapes its configured account root |
15.07.2026 |
7.1 |
| CVE-2026-55723 |
NGINX Ingress Controller vulnerability |
15.07.2026 |
8.3 |
| CVE-2026-56434 |
NGINX ngx_http_ssi_module vulnerability |
15.07.2026 |
6.5 |
| CVE-2026-59762 |
BIG-IP HTTP/2 vulnerability |
15.07.2026 |
7.5 |
| CVE-2026-60062 |
NGINX Agent Vulnerability |
15.07.2026 |
6.4 |
| CVE-2026-60065 |
NGINX Plus ngx_stream_mqtt_filter_module vulnerability |
15.07.2026 |
3.7 |
| CVE-2026-61613 |
Cursor: Cloud Agent Browser Sandbox Escape |
15.07.2026 |
|
| CVE-2026-61644 |
FastGPT: /api/core/chat/record/getCollectionQuote can disclose cross-tenant dataset text due to an unbound initialId lookup |
15.07.2026 |
7.7 |
| CVE-2026-61646 |
FastGPT: Shared axios SSRF guard validates only the initial URL before following redirects |
15.07.2026 |
|
| CVE-2026-61684 |
FastGPT: Unauthenticated cross-tenant data access via forgeable plugin-invoke JWT (default INVOKE_TOKEN_SECRET='token') |
15.07.2026 |
|
| CVE-2026-61736 |
LightRAG: CORS Wildcard + Credentials Enables Any-Origin Credentialed Requests |
15.07.2026 |
9.3 |
| CVE-2026-61740 |
LightRAG: Authentication bypass: hardcoded DEFAULT_TOKEN_SECRET and public /auth-status defeat LIGHTRAG_API_KEY protection |
15.07.2026 |
|
| CVE-2026-61835 |
Directus: SSRF Protection Bypass via 0.0.0.0 in File Import |
15.07.2026 |
7.7 |
| CVE-2026-61836 |
Directus: Authorization-dependent response served from unsegmented cache key |
15.07.2026 |
8.6 |
| CVE-2026-62294 |
Flameshot: OCTOU symlink attack via predictable /tmp path in Flameshot "Open With" |
15.07.2026 |
|
| CVE-2026-43637 |
Cornac < 2.6.0 Path Traversal via _extract_archive() in download.py |
15.07.2026 |
|
| CVE-2026-59838 |
|
15.07.2026 |
5.3 |
| CVE-2026-62175 |
|
15.07.2026 |
|
| CVE-2026-15779 |
Samba-winbind: samba: pam_winbind mkhomedir chowns critical system paths without validation |
15.07.2026 |
|
| CVE-2026-15809 |
Github.com/cri-o/cri-o: fix bypass for cve-2022-4318 — /etc/passwd injection via home env |
15.07.2026 |
|
| CVE-2026-46458 |
Credential exposure in ICU Scandinavia Boomerang |
15.07.2026 |
|
| CVE-2026-46459 |
Missing Authorization in ICU Scandinavia Boomerang |
15.07.2026 |
|
| CVE-2026-58554 |
|
15.07.2026 |
6.6 |
| CVE-2026-58556 |
|
15.07.2026 |
5.1 |
| CVE-2026-58557 |
|
15.07.2026 |
4.8 |
| CVE-2026-58558 |
|
15.07.2026 |
7.8 |
| CVE-2026-58559 |
|
15.07.2026 |
6.5 |
| CVE-2026-58549 |
|
15.07.2026 |
4 |
| CVE-2026-58550 |
|
15.07.2026 |
4 |
| CVE-2026-58551 |
|
15.07.2026 |
5.1 |
| CVE-2026-58552 |
|
15.07.2026 |
5.1 |
| CVE-2026-58553 |
|
15.07.2026 |
4 |
| CVE-2026-58555 |
|
15.07.2026 |
6.6 |
| CVE-2026-56339 |
Capgo - Unauthenticated Organization Existence Enumeration via rescind_invitation RPC |
15.07.2026 |
|
| CVE-2026-56349 |
n8n - Guardrail Node Bypass via Crafted Input |
15.07.2026 |
|
| CVE-2026-56352 |
n8n - Arbitrary File Read and Execution via ExecuteWorkflow localFile Parameter |
15.07.2026 |
|
| CVE-2026-56353 |
n8n - Authentication Bypass in Chat Trigger Node |
15.07.2026 |
|
| CVE-2026-56375 |
ImageMagick - Memory Leak in ASHLAR Coder Action Failure |
15.07.2026 |
|
| CVE-2026-56398 |
Open WebUI - Stored Cross-Site Scripting via OAuth Picture Claim SVG Data URI |
15.07.2026 |
|
| CVE-2026-56400 |
open-webui - Remote Code Execution via CORS Misconfiguration and Session Validation |
15.07.2026 |
|
| CVE-2026-56699 |
Wazuh Manager - NDJSON Injection in inventory_sync via Agent-Controlled DataValue.index |
15.07.2026 |
|
| CVE-2026-56764 |
Hono - Timing Attack in basicAuth and bearerAuth Middleware |
15.07.2026 |
|
| CVE-2026-57996 |
phpMyFAQ - Privilege Escalation via Missing SuperAdmin Guard in user/add Endpoint |
15.07.2026 |
|
| CVE-2026-58655 |
Grav Flex Objects - Server-Side Template Injection via Dynamic Titles |
15.07.2026 |
|
| CVE-2026-59254 |
n8n - External Secrets Disclosure via Workflow Node Expressions |
15.07.2026 |
|
| CVE-2026-59259 |
n8n - Permission Bypass via Expression Parser Mismatch in External Secrets |
15.07.2026 |
|
| CVE-2026-60085 |
PraisonAI before 4.6.78 Unenforced Security Policy in Subprocess Sandbox |
15.07.2026 |
|
| CVE-2026-60087 |
PraisonAI before 1.6.78 Tool Approval Cache Bypass |
15.07.2026 |
|
| CVE-2026-61427 |
PraisonAI before 4.6.78 Authentication Bypass via HTTP-stream |
15.07.2026 |
|
| CVE-2026-61430 |
PraisonAI before 1.6.78 DNS Rebinding SSRF via web_crawl |
15.07.2026 |
|
| CVE-2026-61433 |
PraisonAI before 4.6.78 Code Injection via API deployment generator |
15.07.2026 |
|
| CVE-2026-61435 |
PraisonAI before 4.6.78 Authentication Bypass via Host Header Spoofing |
15.07.2026 |
|
| CVE-2026-61436 |
PraisonAI before 4.6.78 Missing Webhook Signature Verification |
15.07.2026 |
|
| CVE-2026-61438 |
PraisonAI before 4.6.78 Remote Code Execution via Broken AST Sandbox |
15.07.2026 |
|
| CVE-2026-61440 |
PraisonAI Platform before 0.1.9 Authorization Bypass via Label Endpoints |
15.07.2026 |
|
| CVE-2026-61443 |
PraisonAI before 1.6.78 Remote Code Execution via SkillTools |
15.07.2026 |
|
| CVE-2026-61446 |
PraisonAI before 1.6.78 Remote Code Execution via Plugin Auto-Discovery |
15.07.2026 |
|
| CVE-2026-61449 |
Grav before 2.0.2 Decompression Bomb via Forged ZIP Size |
15.07.2026 |
|
| CVE-2026-61451 |
Grav before 1.0.4 Password Reset Token Poisoning via admin_base_url |
15.07.2026 |
|
| CVE-2026-61452 |
Grav before 2.0.4 Improper Session Invalidation JWT Access Tokens |
15.07.2026 |
|
| CVE-2026-61453 |
Grav before 2.0.1 XSS via Twig String Concatenation |
15.07.2026 |
|
| CVE-2026-61457 |
Grav before 1.0.3 Remote Code Execution via File Upload Extension Bypass |
15.07.2026 |
|
| CVE-2026-61464 |
ImageMagick before 7.1.2-26 Heap Buffer Over-Write via X11 |
15.07.2026 |
|
| CVE-2026-61859 |
ImageMagick before 7.1.2-26 Policy Bypass via script operation |
15.07.2026 |
|
| CVE-2026-61860 |
ImageMagick before 7.1.2-26 Use-After-Free via freetype |
15.07.2026 |
|
| CVE-2026-61862 |
ImageMagick before 7.1.2-26 Information Disclosure via identify |
15.07.2026 |
|
| CVE-2026-61863 |
ImageMagick before 7.1.2-26 Memory Leak in TIFF Encoder |
15.07.2026 |
|
| CVE-2026-61864 |
ImageMagick before 7.1.2-26 Memory Leak in Log Colorspace |
15.07.2026 |
|
| CVE-2026-61865 |
ImageMagick before 7.1.2-26 Memory Leak in Hough Lines |
15.07.2026 |
|
| CVE-2026-61866 |
ImageMagick before 7.1.2-26 Memory Leak in JNG encoder |
15.07.2026 |
|
| CVE-2026-61867 |
ImageMagick before 7.1.2-26 Memory Leak in TIFF Encoder |
15.07.2026 |
|
| CVE-2026-61868 |
ImageMagick before 7.1.2-26 Memory Leak in YUV Decoder |
15.07.2026 |
|
| CVE-2026-61869 |
ImageMagick before 7.1.2-26 Memory Leak in MIFF Encoder |
15.07.2026 |
|
| CVE-2026-61871 |
ImageMagick before 7.1.2-26 Memory Leak in ICON decoder |
15.07.2026 |
|
| CVE-2026-61872 |
ImageMagick before 7.1.2-26 Memory Leak via TIFF Encoder |
15.07.2026 |
|
| CVE-2026-61873 |
Grav before 9.1.8 Arbitrary File Write via Twig-Processed Filename |
15.07.2026 |
|
| CVE-2026-59236 |
Authorization bypass in Prospero Flow CRM Excel import allows cross-tenant record injection |
15.07.2026 |
|
| CVE-2026-40633 |
|
15.07.2026 |
7.8 |
| CVE-2026-59235 |
Missing authorization in Prospero Flow CRM allows low-privileged users to read all bank accounts |
15.07.2026 |
|
| CVE-2026-35152 |
Apache Fineract: SQL injection in runreports endpoint |
15.07.2026 |
|
| CVE-2026-49501 |
|
15.07.2026 |
6.7 |
| CVE-2026-56287 |
Apache Fineract: Boolean SQL Injection in Client Search API (orderBy parameter) leading to Local File Disclosure |
15.07.2026 |
|
| CVE-2026-57821 |
Apache Fineract: Office list: SQL Injection via Subquery in orderBy |
15.07.2026 |
|
| CVE-2026-8281 |
|
15.07.2026 |
|
| CVE-2026-57833 |
Joomla Extension - weeblr.com - Unauthenticated stored XSS in 4Analytics < 5.0.2 |
15.07.2026 |
|
| CVE-2026-58077 |
Joomla Extension - weeblr.com - Unauthenticated stored XSS in 4Analytics < 5.0.2 |
15.07.2026 |
|
| CVE-2026-57831 |
Joomla Extension - digital-peak.com - Unauthenticated blind SQL injection in DP Calendar 8.18.0 - 10.11.2 |
15.07.2026 |
|
| CVE-2026-57832 |
Joomla Extension - joomdonation.com - Unauthenticated blind SQL injection in EDocman < 3.9 |
15.07.2026 |
|
| CVE-2026-14251 |
Gitops-operator: gitops-operator: missing allowednamespace check in reconcilerhook for clusterrole/role cases enables potential privilege escalation and dos |
15.07.2026 |
|
| CVE-2026-15583 |
SSRF (confused deputy) in Grafana MCP Server via X-Grafana-URL header |
15.07.2026 |
8.6 |
| CVE-2026-15804 |
MetaGuru|HCM - SQL Injection |
15.07.2026 |
|
| CVE-2026-11579 |
Kali Forms < 2.4.17 - Unauthenticated Media Upload |
15.07.2026 |
|
| CVE-2026-11580 |
Kali Forms < 2.4.17 - Contributor+ Arbitrary Post Metadata Disclosure via IDOR |
15.07.2026 |
|
| CVE-2026-12281 |
Shibboleth < 2.5.4 - Unauthenticated Administrator Account Creation via Identity Header Spoofing |
15.07.2026 |
|
| CVE-2026-12512 |
Quotes Llama < 3.1.6 - Unauthenticated SQL Injection via sc Parameter |
15.07.2026 |
|
| CVE-2026-42936 |
|
15.07.2026 |
|
| CVE-2026-11851 |
|
15.07.2026 |
|
| CVE-2026-13385 |
|
15.07.2026 |
|
| CVE-2026-13585 |
|
15.07.2026 |
|
| CVE-2026-15029 |
|
15.07.2026 |
|
| CVE-2026-15030 |
|
15.07.2026 |
|
| CVE-2026-8919 |
|
15.07.2026 |
|
| CVE-2026-8920 |
|
15.07.2026 |
|
| CVE-2026-13230 |
Information Disclosure Vulnerability in Local Discovery Response in TP-Link Kasa EC70 and EC71 |
15.07.2026 |
|
| CVE-2026-9770 |
Hardcoded Cryptographic Key Information Disclosure Vulnerability on TP-Link Kasa EC70 and EC71 |
15.07.2026 |
|
| CVE-2026-15753 |
zhinianboke xianyu-auto-reply review approve trusting http permission methods on the server side |
14.07.2026 |
|
| CVE-2026-36035 |
|
15.07.2026 |
|
| CVE-2026-51807 |
|
15.07.2026 |
|
| CVE-2026-51808 |
|
15.07.2026 |
|
| CVE-2026-5269 |
Navigator NCS and MCP System Accounts with Default Passwords |
15.07.2026 |
|
| CVE-2026-5270 |
Authentication Bypass in Navigator and Blue Planet Products |
15.07.2026 |
|
| CVE-2025-56362 |
|
15.07.2026 |
|
| CVE-2025-56363 |
|
15.07.2026 |
|
| CVE-2025-56364 |
|
15.07.2026 |
|
| CVE-2025-56365 |
|
15.07.2026 |
|
| CVE-2026-15751 |
mastergo-design mastergo-magic-mcp mcp__getComponentGenerator component-workflow.md execute path traversal |
15.07.2026 |
|
| CVE-2026-15752 |
zhinianboke xianyu-auto-reply Backend User Endpoint users authorization |
15.07.2026 |
|
| CVE-2026-21840 |
HCL BigFix Platform is affected by a user enumeration vulnerability |
15.07.2026 |
3.1 |
| CVE-2026-42049 |
jadx: RCE Via Groovy Code Injection in Gradle Export |
15.07.2026 |
|
| CVE-2026-42447 |
jadx: HTML Injection in Summary panel |
14.07.2026 |
3.6 |
| CVE-2026-50130 |
Pi-hole: Local privilege escalation from `pihole` user to root via `/etc/pihole/logrotate` |
15.07.2026 |
8.8 |
| CVE-2026-54572 |
rclone: Unvalidated symlink target in local `--links` — arbitrary file write from an untrusted remote |
15.07.2026 |
7.5 |
| CVE-2026-54684 |
jadx: XAPK archive entries with absolute paths can plant drop-in plugins and achieve code execution on the next jadx run |
15.07.2026 |
7 |
| CVE-2026-59732 |
rclone archive extract allows S3 destination prefix escape via crafted archive paths |
14.07.2026 |
5 |
| CVE-2026-59733 |
rclone `serve restic --private-repos` authorization bypass: `..` in the URL path lets an authenticated user read, overwrite and delete other users' repositories |
15.07.2026 |
8.8 |
| CVE-2025-56361 |
|
15.07.2026 |
|
| CVE-2026-15750 |
mastergo-design mastergo-magic-mcp mcp__getComponentLink get-component-link.ts z.string server-side request forgery |
15.07.2026 |
|
| CVE-2026-38450 |
|
15.07.2026 |
|
| CVE-2026-45363 |
`jwt` (Ruby gem) - empty-key HMAC bypass |
15.07.2026 |
9.1 |
| CVE-2026-46627 |
Twig: Sandbox resource exhaustion via unbounded `for` / `range()` |
14.07.2026 |
|
| CVE-2026-46628 |
Twig: The `spaceless` filter implicitly marks its output as safe |
15.07.2026 |
|
| CVE-2026-46629 |
Twig: Unbounded formatter memoisation in twig/intl-extra keyed on template-controlled arguments |
15.07.2026 |
|
| CVE-2026-46633 |
Twig: PHP code injection via `{% use %}` template name |
15.07.2026 |
|
| CVE-2026-46634 |
Twig: `template_from_string()` escapes a SourcePolicy-driven sandbox via synthesized template name |
14.07.2026 |
|
| CVE-2026-46635 |
Twig: Sandbox property allowlist bypass via the `column` filter (array_column on objects) |
15.07.2026 |
|
| CVE-2026-46637 |
Twig: HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']` |
14.07.2026 |
|
| CVE-2026-46638 |
Twig: `{% sandbox %}{% include %}` skips checkSecurity() on cached templates (incomplete fix for CVE-2024-45411) |
15.07.2026 |
|
| CVE-2026-46639 |
Twig: Sandbox property and method bypass via object-destructuring assignment |
15.07.2026 |
|
| CVE-2026-46640 |
Twig: Arbitrary PHP code execution via `_self.(<string>)` macro-reference compilation |
15.07.2026 |
|
| CVE-2026-47730 |
Twig: XSS in profiler HtmlDumper via unescaped template and profile names |
14.07.2026 |
|
| CVE-2026-47732 |
Twig Sandbox: multiple `__toString()` policy bypasses via unguarded string coercion points |
15.07.2026 |
|
| CVE-2026-48275 |
Illustrator | Untrusted Search Path (CWE-426) |
15.07.2026 |
8.6 |
| CVE-2026-48287 |
CAI Content Credentials | Untrusted Search Path (CWE-426) |
14.07.2026 |
7.4 |
| CVE-2026-48290 |
CAI Content Credentials | Server-Side Request Forgery (SSRF) (CWE-918) |
14.07.2026 |
8.2 |
| CVE-2026-48295 |
CAI Content Credentials | Insufficiently Protected Credentials (CWE-522) |
14.07.2026 |
7.5 |
| CVE-2026-48296 |
CAI Content Credentials | Integer Underflow (Wrap or Wraparound) (CWE-191) |
14.07.2026 |
6.2 |
| CVE-2026-48298 |
CAI Content Credentials | Integer Underflow (Wrap or Wraparound) (CWE-191) |
14.07.2026 |
6.2 |
| CVE-2026-48302 |
CAI Content Credentials | Improper Input Validation (CWE-20) |
14.07.2026 |
6.2 |
| CVE-2026-48312 |
CAI Content Credentials | Improper Input Validation (CWE-20) |
14.07.2026 |
6.8 |
| CVE-2026-48334 |
Illustrator | Improper Input Validation (CWE-20) |
15.07.2026 |
9.3 |
| CVE-2026-48335 |
Illustrator | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48336 |
Illustrator | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48337 |
Illustrator | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48351 |
CAI Content Credentials | Improper Input Validation (CWE-20) |
14.07.2026 |
7.5 |
| CVE-2026-48352 |
CAI Content Credentials | Improper Input Validation (CWE-20) |
14.07.2026 |
7.5 |
| CVE-2026-48353 |
CAI Content Credentials | Improper Input Validation (CWE-20) |
14.07.2026 |
5.5 |
| CVE-2026-48354 |
CAI Content Credentials | Integer Overflow or Wraparound (CWE-190) |
14.07.2026 |
6.2 |
| CVE-2026-48357 |
CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400) |
14.07.2026 |
6.2 |
| CVE-2026-48805 |
Twig: Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php` |
14.07.2026 |
|
| CVE-2026-48806 |
Twig: Sandbox `__toString()` policy bypass via dynamic mapping keys |
15.07.2026 |
|
| CVE-2026-48807 |
Twig: Sandbox `__toString()` policy bypass via `Traversable` in `join` and `replace` filters |
15.07.2026 |
|
| CVE-2026-48808 |
Twig: Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface` |
15.07.2026 |
|
| CVE-2026-49981 |
Twig: Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders for a cached `Template` |
14.07.2026 |
|
| CVE-2026-15749 |
mastergo-design mastergo-magic-mcp mcp__C2d get-c2d.ts execute path traversal |
15.07.2026 |
|
| CVE-2026-46644 |
symfony/polyfill-intl-idn accepts xn-- labels whose Punycode payload decodes to ASCII-only: insecure equivalence |
15.07.2026 |
|
| CVE-2026-48125 |
UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()` |
15.07.2026 |
5.3 |
| CVE-2026-48284 |
ColdFusion | Improper Input Validation (CWE-20) |
15.07.2026 |
9.6 |
| CVE-2026-48318 |
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) |
15.07.2026 |
9.9 |
| CVE-2026-48319 |
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) |
15.07.2026 |
9.1 |
| CVE-2026-48320 |
ColdFusion | Cross-site Scripting (Reflected XSS) (CWE-79) |
15.07.2026 |
8.5 |
| CVE-2026-48321 |
ColdFusion | Incorrect Authorization (CWE-863) |
15.07.2026 |
9.3 |
| CVE-2026-48322 |
ColdFusion | Improper Control of Generation of Code ('Code Injection') (CWE-94) |
15.07.2026 |
9.6 |
| CVE-2026-48324 |
ColdFusion | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) |
15.07.2026 |
9.1 |
| CVE-2026-48325 |
ColdFusion | Missing Authentication for Critical Function (CWE-306) |
15.07.2026 |
9.3 |
| CVE-2026-48327 |
ColdFusion | Incorrect Authorization (CWE-863) |
15.07.2026 |
9 |
| CVE-2026-48328 |
ColdFusion | Improper Input Validation (CWE-20) |
15.07.2026 |
7.7 |
| CVE-2026-48329 |
ColdFusion | Insufficient Session Expiration (CWE-613) |
15.07.2026 |
2.7 |
| CVE-2026-48332 |
ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918) |
14.07.2026 |
7.7 |
| CVE-2026-48338 |
ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) |
14.07.2026 |
6.8 |
| CVE-2026-49476 |
Soup Sieve: Memory Exhaustion via Large Comma-Separated Selector Lists in soupsieve |
15.07.2026 |
7.5 |
| CVE-2026-49477 |
Soup Sieve: Regular Expression Denial of Service (ReDoS) in soupsieve Selector Parser |
14.07.2026 |
7.5 |
| CVE-2026-52100 |
|
15.07.2026 |
|
| CVE-2026-52101 |
|
15.07.2026 |
|
| CVE-2026-48311 |
Bridge | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48339 |
Bridge | Heap-based Buffer Overflow (CWE-122) |
15.07.2026 |
7.8 |
| CVE-2026-48340 |
Bridge | Untrusted Pointer Dereference (CWE-822) |
15.07.2026 |
7.8 |
| CVE-2026-48341 |
Bridge | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48342 |
Bridge | Integer Overflow or Wraparound (CWE-190) |
15.07.2026 |
7.8 |
| CVE-2026-48343 |
Bridge | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48758 |
sigstore-js: DSSE payloadType type-binding failure |
15.07.2026 |
5.4 |
| CVE-2026-48815 |
sigstore-js: `certificateOIDs` verification constraints are silently dropped and never enforced |
15.07.2026 |
7.5 |
| CVE-2026-48816 |
sigstore-js: Insufficient Verification of Data Authenticity |
15.07.2026 |
6.5 |
| CVE-2026-49853 |
Tornado: Authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient |
14.07.2026 |
7.7 |
| CVE-2026-49854 |
Tornado: Out-of-bounds memory access in C extension |
15.07.2026 |
5.3 |
| CVE-2026-49855 |
tornado AsyncHTTPClient accumulates decompressed chunks without size limit (gzip bomb) |
14.07.2026 |
7.5 |
| CVE-2026-15643 |
AWS HealthLake MCP Server SSRF via Pagination URL |
15.07.2026 |
|
| CVE-2026-15738 |
Cross-namespace traffic interception via incorrect route precedence ordering in AWS Load Balancer Controller |
15.07.2026 |
|
| CVE-2026-15764 |
|
15.07.2026 |
|
| CVE-2026-15765 |
|
15.07.2026 |
|
| CVE-2026-15766 |
|
14.07.2026 |
|
| CVE-2026-15767 |
|
15.07.2026 |
|
| CVE-2026-15768 |
|
15.07.2026 |
|
| CVE-2026-15769 |
|
14.07.2026 |
|
| CVE-2026-15770 |
|
14.07.2026 |
|
| CVE-2026-15771 |
|
14.07.2026 |
|
| CVE-2026-15772 |
|
14.07.2026 |
|
| CVE-2026-15773 |
|
14.07.2026 |
|
| CVE-2026-15774 |
|
14.07.2026 |
|
| CVE-2026-15775 |
|
15.07.2026 |
|
| CVE-2026-15776 |
|
15.07.2026 |
|
| CVE-2026-15777 |
|
15.07.2026 |
|
| CVE-2026-15778 |
|
15.07.2026 |
|
| CVE-2026-24220 |
|
15.07.2026 |
6.4 |
| CVE-2026-24226 |
|
15.07.2026 |
6.3 |
| CVE-2026-24227 |
|
15.07.2026 |
5.3 |
| CVE-2026-24229 |
|
15.07.2026 |
7.3 |
| CVE-2026-24233 |
|
15.07.2026 |
8.4 |
| CVE-2026-24234 |
|
15.07.2026 |
6.8 |
| CVE-2026-24238 |
|
15.07.2026 |
7.8 |
| CVE-2026-24259 |
|
15.07.2026 |
6.4 |
| CVE-2026-24268 |
|
15.07.2026 |
7.8 |
| CVE-2026-24271 |
|
15.07.2026 |
6.2 |
| CVE-2026-24272 |
|
15.07.2026 |
7.8 |
| CVE-2026-47470 |
|
15.07.2026 |
6.2 |
| CVE-2026-47471 |
|
15.07.2026 |
7.5 |
| CVE-2026-47472 |
|
15.07.2026 |
7.8 |
| CVE-2026-47473 |
|
15.07.2026 |
7.4 |
| CVE-2026-47475 |
|
15.07.2026 |
6.2 |
| CVE-2026-47971 |
Media Encoder | Stack-based Buffer Overflow (CWE-121) |
15.07.2026 |
7.8 |
| CVE-2026-47976 |
Media Encoder | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-47979 |
Media Encoder | Out-of-bounds Read (CWE-125) |
15.07.2026 |
5.5 |
| CVE-2026-48269 |
Premiere Pro | Heap-based Buffer Overflow (CWE-122) |
15.07.2026 |
7.8 |
| CVE-2026-48270 |
Premiere Pro | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48272 |
Creative Cloud Desktop | Uncontrolled Search Path Element (CWE-427) |
15.07.2026 |
7.8 |
| CVE-2026-48274 |
After Effects | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48308 |
Premiere Pro | Improper Input Validation (CWE-20) |
14.07.2026 |
5.9 |
| CVE-2026-48344 |
GoCart | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) |
15.07.2026 |
7.8 |
| CVE-2026-48366 |
Media Encoder | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48367 |
After Effects | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48369 |
Premiere Pro | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48370 |
Media Encoder | Out-of-bounds Write (CWE-787) |
15.07.2026 |
7.8 |
| CVE-2026-48801 |
linkify-it: Quadratic algorithmic complexity in LinkifyIt#match scan loop |
15.07.2026 |
|
| CVE-2026-49458 |
DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks |
15.07.2026 |
6.1 |
| CVE-2026-49459 |
DOMPurify: IN_PLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM |
15.07.2026 |
6.1 |
| CVE-2026-49978 |
DOMPurify IN_PLACE Sanitization Bypass via Attached Shadow Root Inside <template>.content |
14.07.2026 |
|
| CVE-2026-53486 |
decompress: Archive extraction can create files and links outside the target directory |
15.07.2026 |
9.1 |
| CVE-2026-59889 |
jackson-databind: @JsonView ypassed for @JsonUnwrapped container properties on deserialization |
14.07.2026 |
6.5 |
| CVE-2026-61520 |
Simple Machines Forum SSRF via image proxy |
15.07.2026 |
|
| CVE-2026-15409 |
|
15.07.2026 |
|
| CVE-2026-15410 |
|
15.07.2026 |
|
| CVE-2026-15709 |
Soupwebsocketextensiondeflate: libsoup: libsoup: websocket permessage-deflate unbounded decompression remote denial of service |
15.07.2026 |
|
| CVE-2026-15711 |
Libsoup: soupwebsocketconnection: libsoup: websocket remote denial of service via oversized control frame protocol violation |
15.07.2026 |
|
| CVE-2026-15713 |
Libsoup: soupcache: libsoup: http/2 frame window exhaustion remote denial of service via memory leak |
15.07.2026 |
|
| CVE-2026-15714 |
Libsoup: soupmultipartinputstream: libsoup: out-of-bounds read in soup_multipart_input_stream_read_headers via an oversized multipart boundary string |
15.07.2026 |
|
| CVE-2026-47423 |
DOMPurify XSS via `selectedcontent` re-clone |
14.07.2026 |
8.2 |
| CVE-2026-47476 |
|
15.07.2026 |
7.5 |
| CVE-2026-47477 |
|
15.07.2026 |
7.5 |
| CVE-2026-47478 |
|
15.07.2026 |
7.5 |
| CVE-2026-47479 |
|
15.07.2026 |
7.5 |
| CVE-2026-47480 |
|
15.07.2026 |
7.5 |
| CVE-2026-47481 |
|
15.07.2026 |
6.5 |
| CVE-2026-47482 |
|
15.07.2026 |
7.5 |
| CVE-2026-47736 |
Puma PROXY Protocol v1 Parser Allows Remote Memory Exhaustion |
15.07.2026 |
7.5 |
| CVE-2026-47737 |
Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connections |
15.07.2026 |
7.5 |
| CVE-2026-47984 |
Adobe Commerce | Incorrect Authorization (CWE-863) |
15.07.2026 |
8.2 |
| CVE-2026-47988 |
Adobe Commerce | Incorrect Authorization (CWE-863) |
15.07.2026 |
8.6 |
| CVE-2026-47992 |
Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) |
15.07.2026 |
7.2 |
| CVE-2026-47994 |
Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
14.07.2026 |
8.7 |
| CVE-2026-47995 |
Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
15.07.2026 |
8.1 |
| CVE-2026-47996 |
Adobe Commerce | Incorrect Authorization (CWE-863) |
15.07.2026 |
7.6 |
| CVE-2026-47997 |
Adobe Commerce | Incorrect Authorization (CWE-863) |
15.07.2026 |
5.9 |
| CVE-2026-47998 |
Adobe Commerce | Incorrect Authorization (CWE-863) |
15.07.2026 |
5.9 |
| CVE-2026-47999 |
Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
14.07.2026 |
4.8 |
| CVE-2026-48000 |
Adobe Commerce | URL Redirection to Untrusted Site ('Open Redirect') (CWE-601) |
14.07.2026 |
4.3 |
| CVE-2026-48001 |
Adobe Commerce | Information Exposure (CWE-200) |
15.07.2026 |
3.7 |
| CVE-2026-48068 |
@grpc/grps-js: A malformed request can cause a server crash |
14.07.2026 |
7.5 |
| CVE-2026-48069 |
@grpc/grps-js: An incoming malformed compressed message can cause a client or server crash |
15.07.2026 |
7.5 |
| CVE-2026-48345 |
Animate | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) |
15.07.2026 |
8.2 |
| CVE-2026-48346 |
Animate | Untrusted Search Path (CWE-426) |
15.07.2026 |
7.9 |
| CVE-2026-48347 |
Animate | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) |
15.07.2026 |
7.7 |
| CVE-2026-48348 |
Animate | Incorrect Authorization (CWE-863) |
15.07.2026 |
7.7 |
| CVE-2026-48349 |
Animate | Incorrect Authorization (CWE-863) |
15.07.2026 |
8.1 |
| CVE-2026-48350 |
Animate | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) |
15.07.2026 |
8.6 |
| CVE-2026-48356 |
Adobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434) |
15.07.2026 |
9.6 |
| CVE-2026-48358 |
Adobe Commerce | Improper Encoding or Escaping of Output (CWE-116) |
15.07.2026 |
9.1 |
| CVE-2026-48371 |
Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
15.07.2026 |
5.4 |
| CVE-2026-50528 |
.NET Security Feature Bypass Vulnerability |
15.07.2026 |
8.2 |
| CVE-2026-50646 |
.NET Framework Remote Code Execution Vulnerability |
15.07.2026 |
7.8 |
| CVE-2026-50651 |
.NET Denial of Service Vulnerability |
14.07.2026 |
7.5 |
| CVE-2026-50659 |
.NET Spoofing Vulnerability |
14.07.2026 |
6.5 |