Export limit exceeded: 362349 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362349 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-14611 1 Deepmyst 1 Mysti 2026-07-03 4.3 Medium
A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory Handler. Such manipulation of the argument workspacePath leads to exposure of resource. The attack may be performed from remote. Upgrading to version 0.4.0 is sufficient to fix this issue. The name of the patch is 6d709229b5199f6769fb3cf763e5122dcc43c079. It is advisable to upgrade the affected component.
CVE-2026-58426 2026-07-03 9.6 Critical
Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write
CVE-2026-58424 2026-07-03 8.9 High
Permanent Fork PR Workflow Approval Gate Bypass
CVE-2026-14610 1 Assimp 1 Assimp 2026-07-03 5.3 Medium
A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. Patch name: eb84eec580d3f4ba2f0fd87409b7d0744620f11e. Applying a patch is the recommended action to fix this issue.
CVE-2026-58291 1 Microsoft 1 Edge Chromium 2026-07-03 6.1 Medium
Operation on a resource after expiration or release in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
CVE-2026-58597 1 Microsoft 1 Edge Chromium 2026-07-03 4.3 Medium
Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-58298 1 Microsoft 1 Edge Chromium 2026-07-03 7.2 High
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-58297 1 Microsoft 1 Edge Chromium 2026-07-03 7.1 High
Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.
CVE-2026-58295 1 Microsoft 1 Edge Chromium 2026-07-03 8.3 High
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-58293 1 Microsoft 1 Edge Chromium 2026-07-03 8.1 High
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2026-58286 1 Microsoft 1 Edge Chromium 2026-07-03 8.1 High
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-58278 1 Microsoft 1 Edge Chromium 2026-07-03 5.4 Medium
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-57977 1 Microsoft 1 Edge Chromium 2026-07-03 7.1 High
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-57974 1 Microsoft 1 Edge Chromium 2026-07-03 8.8 High
Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2026-45488 1 Microsoft 1 Edge Chromium 2026-07-03 5.4 Medium
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-58299 1 Microsoft 1 Edge Chromium 2026-07-03 7.5 High
Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.
CVE-2026-58287 1 Microsoft 1 Edge Chromium 2026-07-03 8.3 High
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2026-58283 1 Microsoft 1 Edge Chromium 2026-07-03 8.1 High
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-57993 1 Microsoft 1 Edge Chromium 2026-07-03 7.4 High
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-57987 1 Microsoft 1 Edge Chromium 2026-07-03 6.5 Medium
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.