Export limit exceeded: 351589 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351589 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-37281 | 2026-05-19 | N/A | ||
| An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter. | ||||
| CVE-2026-37982 | 1 Redhat | 2 Build Keycloak, Build Of Keycloak | 2026-05-19 | 6.8 Medium |
| A flaw was found in Keycloak. This authentication vulnerability allows a remote attacker to replay `ExecuteActionsActionToken` tokens within Keycloak's WebAuthn (Web Authentication) flow. By intercepting an execute-actions email link, an attacker can register their own authenticator to a victim's account. This leads to unauthorized enrollment of a hardware-backed credential, enabling persistent account takeover. | ||||
| CVE-2026-4878 | 2 Libcap Project, Redhat | 8 Libcap, Discovery, Enterprise Linux and 5 more | 2026-05-19 | 6.7 Medium |
| A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation. | ||||
| CVE-2026-32244 | 1 Discourse | 1 Discourse | 2026-05-19 | 5.3 Medium |
| Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1. To work around this issue, restrict summary generation by tightening the allowed groups on the summarization Personas. | ||||
| CVE-2026-8536 | 2 Apple, Google | 2 Macos, Chrome | 2026-05-19 | 3.1 Low |
| Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-47092 | 1 Jarrodwatts | 1 Claude-hud | 2026-05-19 | 7.8 High |
| Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its version check, causing execFile() to execute the attacker-supplied executable with cmd.exe arguments, resulting in arbitrary code execution on Windows systems. | ||||
| CVE-2026-45243 | 1 Steipete | 1 Summarize | 2026-05-19 | 6.1 Medium |
| Summarize prior to 0.15.1 contains a missing authorization vulnerability in the content script window.postMessage bridge that allows malicious pages to perform unauthorized operations on automation artifacts. Attackers can simulate runtime messages with spoofed sender identifiers to list, read, create, overwrite, or delete automation artifacts scoped to the affected tab without proper authorization checks. | ||||
| CVE-2026-8803 | 1 Opensourcepos | 1 Open Source Point Of Sale | 2026-05-19 | 3.7 Low |
| A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation causes use of weak hash. Remote exploitation of the attack is possible. The attack is considered to have high complexity. The exploitability is considered difficult. The actual existence of this vulnerability is currently in question. The vendor explains: "[T]he code is still there to allow the upgrade path to work. The default password is initially seeded with the old hash function, but then migrated to a newer one after login. [T]he hash version check might be cleaned up in the future. Currently it's not actively in use as any password change will use a newer hash function." | ||||
| CVE-2025-8283 | 1 Redhat | 3 Enterprise Linux, Openshift, Openshift Container Platform | 2026-05-19 | 3.7 Low |
| A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers. | ||||
| CVE-2025-5278 | 1 Redhat | 2 Enterprise Linux, Openshift | 2026-05-19 | 4.4 Medium |
| A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. | ||||
| CVE-2025-70950 | 2026-05-19 | 7.3 High | ||
| An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request. | ||||
| CVE-2026-8951 | 1 Mozilla | 1 Firefox | 2026-05-19 | 6.5 Medium |
| Spoofing issue in the Toolbar component in Firefox for Android. This vulnerability was fixed in Firefox 151. | ||||
| CVE-2026-2587 | 1 Eclipse | 1 Glassfish | 2026-05-19 | 9.6 Critical |
| A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evaluates user-supplied values within a context where Expression Language (EL) “expressions” are processed without proper sanitization or escaping. By injecting expressions such as #{7*7}, the server returns 49, confirming server-side EL evaluation. This issue allows a remote attacker to fully compromise the underlying host, enabling capabilities as reading/modifying data, executing arbitrary commands, persistence, and lateral movement. | ||||
| CVE-2026-2586 | 1 Eclipse | 1 Glassfish | 2026-05-19 | 9.1 Critical |
| An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user. | ||||
| CVE-2026-45557 | 1 Technitium | 1 Dns Server | 2026-05-19 | 5.8 Medium |
| Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0. | ||||
| CVE-2026-8711 | 2026-05-19 | 8.1 High | ||
| NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least one client-controlled NGINX variable (for example, $http_*, $arg_*, $cookie_*) and a location invoking the ngx.fetch() operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, for systems with Address Space Layout Randomization (ASLR) disabled, code execution is possible. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2026-47100 | 2026-05-19 | 7.5 High | ||
| Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal methods and write arbitrary data to the plugin's External Scripts global setting. Attackers can inject malicious JavaScript through the External Scripts setting that executes in the browsers of all checkout page visitors. | ||||
| CVE-2026-30950 | 1 Significant-gravitas | 1 Autogpt | 2026-05-19 | 7.1 High |
| AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.6.36 through 0.6.50 are vulnerable to Authenticated Session Hijacking via IDOR. If an authenticated attacker can determine the session_id of another user's session, they can take it over, reading any messages in it and locking the legitimate user out. The PATCH /sessions/{session_id}/assign-user endpoint authenticates the caller but never verifies session ownership: the service layer invokes the session lookup with user_id=None, which the data access layer interprets as a privileged/system call that bypasses the ownership filter, allowing any authenticated user to reassign an arbitrary session to themselves. This issue has been patched in version 0.6.51. | ||||
| CVE-2026-45492 | 1 Microsoft | 1 Edge Chromium | 2026-05-19 | 5.4 Medium |
| Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-31071 | 2026-05-19 | N/A | ||
| API endpoints in LalanaChami Pharmacy Management System (commit 5c3d028) lack authentication middleware. Unauthenticated remote attackers can exploit this to dump all user records (including bcrypt password hashes) via /api/user/getUserData, modify drug inventory, and access private medical prescription data via /api/doctorOder. | ||||