Export limit exceeded: 362349 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362349 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-14611 | 1 Deepmyst | 1 Mysti | 2026-07-03 | 4.3 Medium |
| A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory Handler. Such manipulation of the argument workspacePath leads to exposure of resource. The attack may be performed from remote. Upgrading to version 0.4.0 is sufficient to fix this issue. The name of the patch is 6d709229b5199f6769fb3cf763e5122dcc43c079. It is advisable to upgrade the affected component. | ||||
| CVE-2026-58426 | 2026-07-03 | 9.6 Critical | ||
| Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write | ||||
| CVE-2026-58424 | 2026-07-03 | 8.9 High | ||
| Permanent Fork PR Workflow Approval Gate Bypass | ||||
| CVE-2026-14610 | 1 Assimp | 1 Assimp | 2026-07-03 | 5.3 Medium |
| A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. Patch name: eb84eec580d3f4ba2f0fd87409b7d0744620f11e. Applying a patch is the recommended action to fix this issue. | ||||
| CVE-2026-58291 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 6.1 Medium |
| Operation on a resource after expiration or release in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-58597 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 4.3 Medium |
| Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-58298 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.2 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-58297 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.1 High |
| Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-58295 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.3 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-58293 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.1 High |
| External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58286 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.1 High |
| Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-58278 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 5.4 Medium |
| Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-57977 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.1 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-57974 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.8 High |
| Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-45488 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 5.4 Medium |
| User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-58299 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.5 High |
| Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58287 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.3 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58283 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.1 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-57993 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.4 High |
| Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-57987 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 6.5 Medium |
| Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||