Search

Search Results (364940 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-54421 1 Openstack 1 Ironic 2026-06-16 6.8 Medium
In OpenStack Ironic before 37.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information (such as iSCSI credentials). The PATCH outcome is a security issue; the POST outcome is not a security issue.
CVE-2026-8317 2026-06-16 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2026-9258 2026-06-16 6.5 Medium
Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
CVE-2026-9259 2026-06-16 6.5 Medium
Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier
CVE-2026-9261 2026-06-16 6.8 Medium
Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
CVE-2026-9262 2026-06-16 6.5 Medium
Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier
CVE-2026-5904 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-16 8.8 High
Determined a bug and not a vulnerability
CVE-2026-4887 3 Gimp, Gnome, Redhat 9 Gimp, Gimp, Enterprise Linux and 6 more 2026-06-16 6.1 Medium
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).
CVE-2026-3539 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-16 8.8 High
Determined a bug and not a vulnerability
CVE-2026-12013 2 Google, Microsoft 2 Chrome, Windows 2026-06-16 8.8 High
Determined not a vulnerability
CVE-2026-8568 1 Google 1 Chrome 2026-06-16 3.1 Low
Determined not a vulnerability
CVE-2026-7936 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-16 4.3 Medium
Determined not a vulnerability
CVE-2026-48777 1 Gtsteffaniak 1 Filebrowser 2026-06-16 N/A
FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted d.share.Path BEFORE the downstream sanitizer runs. Because filepath.Join collapses .. segments during the join, the sanitizer in resourcePatchHandler never sees the traversal and the move/copy/rename operates on a path outside the shared directory. The same root-cause pattern was patched for the bulk DELETE endpoint as CVE-2026-44542 (GHSA-fwj3-42wh-8673), but the PATCH handler with the identical pattern was not updated. A public share link with AllowModify=true is sufficient to exploit this. Anyone holding such a link can move, copy, or rename arbitrary files within the share owner's source root. This issue has been fixed in versions 1.3.3-stable and 1.4.2-beta.
CVE-2025-69105 2026-06-16 8.1 High
Unauthenticated Local File Inclusion in Modernee <= 1.6.0 versions.
CVE-2026-0142 1 Google 1 Android 2026-06-16 3.3 Low
In iavb_parse_key_data of avb_rsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-11414 1 Altium 2 Enterprise Server, On-prem Enterprise Server 2026-06-16 9.8 Critical
A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the Vault storage area without any authentication, session, or credentials. A separate path traversal vulnerability in the same download endpoint allows the configured storage root to be escaped, enabling reads of arbitrary files on the server filesystem. Combined, these issues allow an unauthenticated attacker to obtain sensitive server configuration and key material, which can lead to full server compromise. The vulnerability can be chained with CVE-2026-9152 to enumerate and bulk-download stored content. Altium 365 cloud deployments are not impacted in practice, as file storage uses object storage rather than the local filesystem.
CVE-2026-11419 1 Altium 2 Enterprise Server, On-prem Enterprise Server 2026-06-16 8.8 High
A path traversal vulnerability exists in the Altium Enterprise Server Vault Service UploadController due to improper validation of a user-controlled path component in image upload requests. An authenticated user can supply a crafted absolute path so that the configured storage root is discarded, allowing arbitrary files to be written to any location on the server filesystem writable by the service account. Because content-controlled files can be written to web-accessible directories, or used to overwrite application binaries or configuration files, this can be escalated to remote code execution, service takeover, or denial of service. Altium 365 cloud deployments are not affected, as the affected endpoint is not reachable and the cloud storage architecture mitigates the file-write primitive.
CVE-2026-11420 1 Altium 2 Enterprise Server, On-prem Enterprise Server 2026-06-16 9.8 Critical
Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session, or credentials are required. Because content-controlled files can be written to web-accessible directories, or used to overwrite application binaries or configuration files, exploitation can be escalated to remote code execution in the context of the service account, and can disclose deployment package contents. Altium 365 cloud deployments are not affected, as the Network Installation Service is not part of the cloud offering.
CVE-2026-48775 1 Langchain-ai 2 Langgraph, Langgraph-checkpoint 2026-06-16 6.8 Medium
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). In versions 4.1.0 and prior, the JsonPlusSerializer can reconstruct Python objects from JSON checkpoint payloads. Under conditions where someone could modify checkpoint bytes at rest in the backing store, the deserialization path could reconstruct objects beyond what the application expects, which could in turn result in code execution at checkpoint load time. This is a defense-in-depth issue. The affected behavior is reachable only when checkpoint bytes at rest in the backing store can be modified by an unauthorized party. In most deployments that prerequisite already implies a serious incident; the additional concern is turning "checkpoint-store write access" into code execution in the application runtime. This issue has been fixed in version 4.1.1.
CVE-2026-0148 1 Google 1 Android 2026-06-16 8.8 High
In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.