Export limit exceeded: 351744 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351744 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351744 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351744 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-45829 | 1 Chroma | 1 Chromadb | 2026-05-19 | 10.0 Critical |
| A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint. | ||||
| CVE-2026-46719 | 1 Rrwo | 1 Net::statsd::lite | 2026-05-19 | 6.5 Medium |
| Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. | ||||
| CVE-2026-45231 | 1 Dumbwareio | 1 Dumbassets | 2026-05-19 | 6.1 Medium |
| DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side sanitization and rendered using innerHTML without client-side escaping. Attackers can create or update assets with HTML or JavaScript payloads via the asset API endpoints to execute arbitrary scripts in the browsers of users viewing the asset list, and with Content-Security-Policy disabled, the injected scripts can make unrestricted connections to internal network services. | ||||
| CVE-2026-22810 | 1 Laurent 22 | 1 Joplin | 2026-05-19 | 8.2 High |
| Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows overwriting arbitrary files on disk. The OneNote converter does not sanitize the names of embedded files before writing them to disk. As a result, it's possible for an attacker to create a malicious .one file that includes file names containing ../../, that are then interpreted as part of the target path when extracting attachments from the .one file. This issue has been patched in version 3.5.7. | ||||
| CVE-2026-47090 | 1 Jarrodwatts | 1 Claude-hud | 2026-05-19 | 4.6 Medium |
| Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape sequences using raw cwd and branchUrl values without stripping control characters or encoding embedded values, allowing attackers to inject arbitrary ANSI codes into terminal sessions. Attackers can embed ESC+backslash sequences in the current working directory or branch URL to execute malicious ANSI codes including text color changes, forged prompts, and OSC 52 clipboard writes, or trigger outbound HTTP requests to attacker-controlled remotes when hyperlinks are clicked. | ||||
| CVE-2026-4137 | 1 Mlflow | 1 Mlflow/mlflow | 2026-05-19 | N/A |
| In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` creates temporary directories with world-writable permissions (0o777), and the `_create_model_downloading_tmp_dir()` function in `mlflow/pyfunc/__init__.py` creates directories with group-writable permissions (0o770). These insecure permissions allow local attackers to tamper with model artifacts, such as cloudpickle-serialized Python objects, and achieve arbitrary code execution when the tampered artifacts are deserialized via `cloudpickle.load()`. This vulnerability is particularly critical in environments with shared NFS mounts, such as Databricks, where NFS is enabled by default. The issue is a continuation of the vulnerability class addressed in CVE-2025-10279, which was only partially fixed. | ||||
| CVE-2026-27892 | 1 Neorazorx | 1 Facturascripts | 2026-05-19 | 6.5 Medium |
| FacturaScripts is an open source accounting and invoicing software. In versions prior to 2026, the Library module stores and serves uploaded images byte-for-byte, without stripping EXIF/XMP/IPTC metadata. Any authenticated user who downloaded an image could extract the uploader's embedded metadata, which included GPS coordinates, device information, timestamps, embedded comments/notes, thumbnail previews, and other personally identifiable information (PII) preserved in the image metadata. Of all FacturaScripts' image upload features, only the Library module combined unrestricted uploads, persistent storage, authenticated download access, and a total lack of server-side metadata sanitization. This vulnerability carries significant real-world impact: an employee uploading a photo taken at their home inadvertently discloses their precise home address to every user with Library download access. This issue has been fixed in version 2026. | ||||
| CVE-2026-33052 | 1 Mantisbt | 1 Mantisbt | 2026-05-19 | N/A |
| Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "add_profile_threshold" permission to create a global profile despite not having manage_global_profile_threshold, by tampering with the user_id parameter in a valid profile creation request. This issue has been fixed in version 2.28.2. | ||||
| CVE-2026-22069 | 1 Oppo | 1 O+ Connect | 2026-05-19 | 7.3 High |
| A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface. | ||||
| CVE-2026-8788 | 1 Rrwo | 1 Net::statsd::lite | 2026-05-19 | 7.3 High |
| Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the set_add method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue CVE-2026-46719 for metric names. | ||||
| CVE-2026-47307 | 1 Samsung Open Source | 1 Walrus | 2026-05-19 | 5.5 Medium |
| NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause a denial of service via a crafted WebAssembly module containing deeply nested instructions. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9. | ||||
| CVE-2026-24792 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 8.1 High |
| in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps. | ||||
| CVE-2026-28751 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 3.3 Low |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||||
| CVE-2026-25110 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 3.3 Low |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||||
| CVE-2026-27648 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 8.8 High |
| in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps. | ||||
| CVE-2026-27781 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 3.3 Low |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||||
| CVE-2026-27766 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 5.5 Medium |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak. | ||||
| CVE-2026-45349 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2026-05-19 | 7.1 High |
| Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key (generated in OWUI) and the Chat ID of another user to continue the conversation of the other user. This vulnerability is fixed in 0.9.0. | ||||
| CVE-2026-25781 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 8.4 High |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered. | ||||
| CVE-2026-25850 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 5.5 Medium |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak | ||||