CVE-2026-53225 - In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in __sct

CVE-2026-53224 - In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT ch

CVE-2026-53223 - In the Linux kernel, the following vulnerability has been resolved: net: guard timestamp cmsgs to r

CVE-2026-53222 - In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix resource freeing

CVE-2026-53221 - In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix incorrect tunnel m

CVE-2026-53220 - In the Linux kernel, the following vulnerability has been resolved: netfilter: revalidate bridge po

CVE-2026-53219 - In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: avoid leak

CVE-2026-53218 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_exthdr: fix regi

CVE-2026-53217 - In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the

CVE-2026-53216 - In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame siz

CVE-2026-53215 - In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers b

CVE-2026-53214 - In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cl

CVE-2026-53213 - In the Linux kernel, the following vulnerability has been resolved: drm/vc4: fix krealloc() memory

CVE-2026-53212 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix use-

CVE-2026-53211 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_meta_bridge: fix

CVE-2026-53210 - In the Linux kernel, the following vulnerability has been resolved: tee: shm: fix shm leak in regis

CVE-2026-53209 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: reject ove

CVE-2026-53208 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR

CVE-2026-53207 - In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlb_

CVE-2026-53206 - In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check fo

CVE-2026-53205 - In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks f

CVE-2026-53204 - In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NU

CVE-2026-53203 - In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow

CVE-2026-53202 - In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer

CVE-2026-53201 - In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue

CVE-2026-53200 - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of

CVE-2026-53199 - In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: use kmap_local_page

CVE-2026-53198 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a

CVE-2026-53197 - In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock

CVE-2026-53196 - In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_ti: fix heap ov

CVE-2026-53195 - In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_ti: fix heap ov

CVE-2026-53194 - In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bu

CVE-2026-53193 - In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close tim

CVE-2026-53192 - In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at snd_tim

CVE-2026-53191 - In the Linux kernel, the following vulnerability has been resolved: io_uring/net: inherit IORING_CQ

CVE-2026-53190 - In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix dma_fence refco

CVE-2026-53189 - In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: update file PMD

CVE-2026-53188 - In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed

CVE-2026-53187 - In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpu_id agai

CVE-2026-53186 - In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRP_RSP sense c

CVE-2026-53185 - In the Linux kernel, the following vulnerability has been resolved: zram: fix use-after-free in zra

CVE-2026-53184 - In the Linux kernel, the following vulnerability has been resolved: udp: clear skb->dev before runn

CVE-2026-53183 - In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to

CVE-2026-53182 - In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized

CVE-2026-53181 - In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix sk_ack_backlog

CVE-2026-53180 - In the Linux kernel, the following vulnerability has been resolved: timers/migration: Fix livelock

CVE-2026-53179 - In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix buffer

CVE-2026-53178 - In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: rtw_mlme: a

CVE-2026-53177 - In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix NULL pointer deref

CVE-2026-53176 - In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs sho

CVE-2026-53175 - In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free

CVE-2026-53174 - In the Linux kernel, the following vulnerability has been resolved: ovl: keep err zero after succes

CVE-2026-53173 - In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in

CVE-2026-53172 - In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix IFM region in

CVE-2026-53171 - In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic is

CVE-2026-53170 - In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject DMA comman

CVE-2026-53169 - In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPU_OP_RES

CVE-2026-53168 - In the Linux kernel, the following vulnerability has been resolved: fuse: reject fuse_notify() page

CVE-2026-53167 - In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSE_NOTIFY_RETRIEV

CVE-2026-53166 - In the Linux kernel, the following vulnerability has been resolved: futex/requeue: Prevent NULL poi

CVE-2026-53165 - In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null fol

CVE-2026-53164 - In the Linux kernel, the following vulnerability has been resolved: iommu/dma: Do not try to iommu_

CVE-2026-53163 - In the Linux kernel, the following vulnerability has been resolved: locking/rtmutex: Skip remove_wa

CVE-2026-53162 - In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim s

CVE-2026-53161 - In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-fr

CVE-2026-53160 - In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-fr

CVE-2026-53159 - In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address

CVE-2026-53158 - In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix NULL pointer

CVE-2026-53157 - In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonet_device

CVE-2026-53156 - In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free

CVE-2026-53155 - In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: use correct fla

CVE-2026-53154 - In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation

CVE-2026-53153 - In the Linux kernel, the following vulnerability has been resolved: mm/list_lru: drain before clear

CVE-2026-53152 - In the Linux kernel, the following vulnerability has been resolved: mmc: dw_mmc-rockchip: Add missi

CVE-2026-53151 - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix the ACK parser to ex

CVE-2026-53150 - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Reject zero-length

CVE-2026-53149 - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directo

CVE-2026-53148 - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain resp

CVE-2026-53147 - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain r

CVE-2026-53146 - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Limit XDomain resp

CVE-2026-53145 - In the Linux kernel, the following vulnerability has been resolved: drm/gem: Try to fix change_hand

CVE-2026-53144 - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereferenc

CVE-2026-53143 - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix buffer overflow

CVE-2026-53142 - In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in sus

CVE-2026-53141 - In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance

CVE-2026-53140 - In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix vaddr leak when in

CVE-2026-53139 - In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Skip CSD when it has z

CVE-2026-53138 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS re

CVE-2026-53137 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDC

CVE-2026-53136 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HD

CVE-2026-53135 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref

CVE-2026-53134 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_fib: fix stale s

CVE-2026-53133 - In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for b

CVE-2026-53132 - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unb

CVE-2026-53131 - In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC

CVE-2026-46752 - Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache

CVE-2026-46751 - A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0. U

CVE-2026-45188 - Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.

CVE-2026-41566 - Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This i

CVE-2026-56129 - Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes

CVE-2026-12937 - The Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin for Word

CVE-2026-9702 - The InPost PL WordPress plugin before 1.9.1 does not verify that the request originates from the leg

CVE-2026-5305 - The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin bef

CVE-2026-12490 - When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a

CVE-2026-12246 - NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than

CVE-2026-12245 - NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing

CVE-2026-12244 - If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR co

CVE-2026-10824 - The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-p

CVE-2026-8330 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0

CVE-2026-5952 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.

CVE-2026-5796 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.6 before 18.11.6, 19.0

CVE-2026-5309 - GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 be

CVE-2026-3176 - GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 be

CVE-2026-2238 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.11.6, 19.0

CVE-2026-1606 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.8 before 18.11.6, 19.0

CVE-2026-13311 - shell-quote prior to 1.8.5 finalizes parsed tokens in parse() using Array.prototype.concat as a redu

CVE-2026-12635 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0

CVE-2026-12053 - GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that unde

CVE-2026-11379 - GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0

CVE-2026-10712 - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.11.6, 19.

CVE-2026-10086 - GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 be

CVE-2026-0934 - GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 be

CVE-2026-2508 - The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘st

CVE-2026-12079 - The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ param

CVE-2026-12077 - The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via 'latitude'

CVE-2026-10833 - The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress i

CVE-2026-8662 - Path Traversal vulnerability in the create_archive function of Rapid7 InsightConnect Compression Plu

CVE-2026-8658 - OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authentic

CVE-2026-8666 - OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plug

CVE-2026-8665 - OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Lin

CVE-2026-8664 - OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux allows authentica

CVE-2026-8660 - OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux

CVE-2026-8592 - OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin

CVE-2026-9155 - OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated

CVE-2026-9154 - Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated

CVE-2026-9153 - Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated

CVE-2026-57589 - sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation

CVE-2026-9787 - Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability. This vuln

CVE-2026-9786 - Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerab

CVE-2026-9785 - Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability. This vulner

CVE-2026-9784 - Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability. This vulner

CVE-2026-9783 - Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability. This vul

CVE-2026-9782 - Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability. This vulner

CVE-2026-9781 - Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability. This vulnerab

CVE-2026-9780 - Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vuln

CVE-2026-8663 - OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated

CVE-2026-8659 - OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authentica

CVE-2026-7570 - Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerab

CVE-2026-7569 - Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vuln

CVE-2026-40079 - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vu

CVE-2026-39951 - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a

CVE-2025-60473 - A NULL pointer dereference in the gf_filter_in_parent_chain function (/filter_core/filter_pid.c) of

CVE-2025-60466 - A use-after-free in the gf_filter_pid_get_packet function (/filter_core/filter_pid.c) of GPAC Projec

CVE-2026-39955 - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have p

CVE-2026-39948 - Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, th

CVE-2026-39938 - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have u

CVE-2026-39900 - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vu

CVE-2026-39899 - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vu

CVE-2025-8106 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-60474 - A buffer overflow in the gf_media_import function (/media_tools/av_parsers.c) of GPAC Project/MP4Box

CVE-2025-60467 - A use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c) of

CVE-2026-9779 - ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Exec

CVE-2026-9778 - ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability. This vulnerabi

CVE-2026-9777 - ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability. This vulnerability al

CVE-2026-9776 - ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability.

CVE-2026-9775 - ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability

CVE-2026-9774 - ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerabil

CVE-2026-9773 - Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability. This vulnerabil

CVE-2026-9772 - Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerabili

CVE-2026-55762 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8

CVE-2026-55759 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8

CVE-2026-55666 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8

CVE-2026-55570 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, it does not escape th

CVE-2026-55455 - Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the outb

CVE-2026-55454 - Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the bund

CVE-2026-54759 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer

CVE-2026-54158 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the attribute-view (d

CVE-2026-54070 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, renderPackageREADME i

CVE-2026-54069 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan Note's kernel

CVE-2026-54068 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the /api/icon/getDyna

CVE-2026-54067 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, CSS snippet body cont

CVE-2026-54066 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-202

CVE-2026-53766 - Chrome DevTools for agents (chrome-devtools-mcp) lets your coding agent control and inspect a live C

CVE-2026-53765 - Chrome DevTools for agents (chrome-devtools-mcp) lets your coding agent control and inspect a live C

CVE-2026-52794 - Sentry is an error tracking and performance monitoring tool. From 24.4.0 until 26.5.2, a Regular Exp

CVE-2026-50551 - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan contains a sto

CVE-2026-50189 - Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, Appsmith

CVE-2026-49979 - Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POS

CVE-2026-47110 - Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authentic

CVE-2026-47093 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2026-39897 - Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contai

CVE-2026-39894 - Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, th

CVE-2026-39893 - Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, th

CVE-2026-2050 - GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerabi

CVE-2026-10642 - The Zephyr PL011 UART driver (drivers/serial/uart_pl011.c) contains an unbounded software loop in pl

CVE-2026-10043 - MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulner

CVE-2025-60468 - GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affecte

CVE-2026-7539 - A potential security vulnerability has been identified in the HP Accessory WMI Provider installer fo

CVE-2026-52816 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook (ipynb) saniti

CVE-2026-52815 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs has an unauthenticated informa

CVE-2026-52814 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is

CVE-2026-52813 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, organization names containing path

CVE-2026-52812 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git LFS storage is content-addresse

CVE-2026-52811 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, (*Repository).UploadRepoFiles check

CVE-2026-52810 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git smart HTTP authorizes POST …/gi

CVE-2026-52809 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, password-reset tokens are generated

CVE-2026-52808 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1

CVE-2026-52807 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, in new_form.tmpl, milestone names a

CVE-2026-52806 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs allows authenticated users to

CVE-2026-52805 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, a Server-Side Request Forgery (SSRF

CVE-2026-52804 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can

CVE-2026-52802 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, an open redirect vulnerability exis

CVE-2026-52801 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs Mirror Settings functional

CVE-2026-52800 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, organization team member management

CVE-2026-52799 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, GET /attachments/:uuid returns the

CVE-2026-52798 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, although .ipynb previews are saniti

CVE-2026-52797 - Gogs is an open source self-hosted Git service. Prior to 0.14.0, as an authorized user, an intruder

CVE-2026-52796 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index patte

CVE-2026-52795 - Gogs is an open source self-hosted Git service. In 0.14.3 and earlier, any authenticated user can wa

CVE-2026-50129 - Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.11, 4.4.18,

CVE-2026-50128 - Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11

CVE-2026-49278 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8

CVE-2026-49277 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8

CVE-2026-47733 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, t

CVE-2026-47267 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, the fix for CVE-2022-1285 prevents

CVE-2026-46423 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8

CVE-2026-45757 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8

CVE-2026-45689 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8

CVE-2026-45688 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8

CVE-2026-45687 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8

CVE-2026-45677 - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8

CVE-2026-33543 - FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior ex

CVE-2026-33235 - AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia

CVE-2026-32315 - motionEye (mEye) is an online interface for motion software, a video surveillance program with motio

CVE-2026-31978 - motionEye (mEye) is an online interface for motion software, which is a video surveillance program w

CVE-2026-25119 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, when ENABLE_REVERSE_PROXY_AUTHENTIC

CVE-2026-1840 - The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of

CVE-2026-13208 - A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomain

CVE-2026-13201 - A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function us

CVE-2026-11998 - A flaw in AngularJS' Strict Contextual Escaping (SCE) logic allows bypassing certain SCE policies fo

CVE-2025-64719 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, a malicious user with rights to cre

CVE-2026-55583 - Twenty is an open-source CRM (customer relationship management) platform. Prior to 2.9.0, Twenty was

CVE-2026-48028 - Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17,

CVE-2026-47389 - Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17,

CVE-2026-46349 - Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17,

CVE-2026-46348 - Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17,

CVE-2026-27708 - FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior

CVE-2026-23879 - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encr

CVE-2026-53950 - @tryghost/activitypub is Ghost’s social/federation client app. Prior to 3.1.0, the ActivityPub clien

CVE-2026-53949 - Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to fi