CVE-2026-27637 - FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version

CVE-2026-27636 - FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version

CVE-2026-27627 - Karakeep is a elf-hostable bookmark-everything app. In version 0.30.0, when the Reddit metascraper p

CVE-2026-27597 - Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2

CVE-2026-3146 - A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_fo

CVE-2026-3145 - A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_loa

CVE-2026-27822 - RustFS is a distributed object storage system built in Rust. Prior to version 1.0.0-alpha.83, a Stor

CVE-2026-27632 - Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1

CVE-2026-27629 - InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-sid

CVE-2026-27628 - pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this v

CVE-2026-27626 - OliveTin gives access to predefined shell commands from a web interface. In versions up to and inclu

CVE-2026-27621 - TypiCMS is a multilingual content management system based on the Laravel framework. A Stored Cross-S

CVE-2026-27615 - ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer al

CVE-2026-27614 - Bugsink is a self-hosted error tracking tool. In versions prior to 2.0.13, an unauthenticated attack

CVE-2026-27612 - Repostat is a React component to fetch and display GitHub repository info. Prior to version 1.0.1, t

CVE-2026-27611 - FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable a

CVE-2026-27610 - Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42

CVE-2026-27609 - Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42

CVE-2026-27608 - Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42

CVE-2026-27607 - RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.56 through 1.0.

CVE-2026-27606 - Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollu

CVE-2026-27595 - Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42

CVE-2026-25135 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2025-5781 - Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configur

CVE-2026-2914 - CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized pr

CVE-2026-25131 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2026-25127 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2026-25124 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2026-24896 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2026-24849 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2026-24847 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2026-21443 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2025-69231 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2025-68277 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2025-67752 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2026-3137 - A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an un

CVE-2026-3135 - A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an u

CVE-2026-27598 - Dagu is a workflow engine with a built-in Web user interface. In versions up to and including 1.16.7

CVE-2025-67491 - OpenEMR is a free and open source electronic health records and medical practice management applicat

CVE-2026-3134 - A security flaw has been discovered in itsourcecode News Portal Project 1.0. The affected element is

CVE-2026-3133 - A vulnerability has been found in itsourcecode Document Management System 1.0. This issue affects so

CVE-2026-26351 - GetSimpleCMS Community Edition (CE) version 3.3.16 contains a stored cross-site scripting (XSS) vuln

CVE-2026-27593 - Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3 and

CVE-2026-27572 - Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0,

CVE-2026-27204 - Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0,

CVE-2026-27195 - Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the `component-model-async` fe

CVE-2026-27117 - bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files

CVE-2026-25899 - Fiber is an Express inspired web framework written in Go. In versions on the v3 branch prior to 3.1.

CVE-2026-25891 - Fiber is an Express inspired web framework written in Go. A Path Traversal (CWE-22) vulnerability in

CVE-2026-25882 - Fiber is an Express inspired web framework written in Go. A denial of service vulnerability exists i

CVE-2026-24443 - EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the ac

CVE-2026-22553 - All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in

CVE-2026-21410 - InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious u

CVE-2025-46320 - A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom homepage could lead to un

CVE-2026-3131 - Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and

CVE-2026-3105 - SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint used for retrieving

CVE-2026-27477 - Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requir

CVE-2026-26342 - Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an aut

CVE-2026-26341 - Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with defaul

CVE-2026-26340 - Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP stre

CVE-2026-24241 - NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an att

CVE-2026-23859 - Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-S

CVE-2026-23858 - Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input D

CVE-2026-22766 - Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with D

CVE-2026-22765 - Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability

CVE-2026-1768 - A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypas

CVE-2025-33181 - NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-pr

CVE-2025-33180 - NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-pr

CVE-2025-33179 - NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-pr

CVE-2025-1789 - Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user

CVE-2025-1787 - Local admin could to leak information from the Genetec Update Service configuration web page. An aut

CVE-2026-27468 - Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requir

CVE-2026-27156 - NiceGUI is a Python-based UI framework. Prior to version 3.8.0, several NiceGUI APIs that execute me

CVE-2026-26222 - Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes insecure .NET Remotin

CVE-2026-25603 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Link

CVE-2025-62512 - Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely earlier

CVE-2025-14963 - A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local

CVE-2026-27590 - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's Fa

CVE-2026-27589 - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local

CVE-2026-27588 - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HT

CVE-2026-27587 - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HT

CVE-2026-27586 - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallo

CVE-2026-27585 - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the path s

CVE-2026-27571 - NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The

CVE-2025-13776 - Multiple Finka programs use hard-coded Firebird database credentials (shared across all instances of

CVE-2024-48928 - Piwigo is an open source photo gallery application for the web. In versions on the 14.x branch, when

CVE-2026-27521 - Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rat

CVE-2026-27520 - Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user passwor

CVE-2026-27519 - Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-

CVE-2026-27518 - Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior lack CSRF protection

CVE-2026-27517 - Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized

CVE-2026-27516 - Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user password

CVE-2026-27515 - Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable

CVE-2026-27507 - Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded a

CVE-2026-23678 - Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command in

CVE-2025-69985 - FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Executio

CVE-2025-63409 - Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authen

CVE-2025-47904 - Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malici

CVE-2026-3102 - A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function Set

CVE-2026-3101 - A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of

CVE-2026-27732 - WWBN AVideo is an open source video platform. Prior to version 22.0, the `aVideoEncoder.json.php` AP

CVE-2026-27584 - Actual is a local-first personal finance tool. Prior to version 26.2.1, missing authentication middl

CVE-2026-27568 - WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video

CVE-2026-27567 - Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side

CVE-2026-27483 - MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25

CVE-2026-27208 - bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an

CVE-2026-0402 - A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash

CVE-2026-0401 - A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to

CVE-2026-0400 - A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fir

CVE-2026-0399 - Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management i

CVE-2025-67445 - TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cstec

CVE-2025-10010 - The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user auth

CVE-2026-2807 - Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of

CVE-2026-2806 - Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 an

CVE-2026-2805 - Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and T

CVE-2026-2804 - Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148

CVE-2026-2803 - Information disclosure, mitigation bypass in the Settings UI component. This vulnerability was fixed

CVE-2026-2802 - Race condition in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thun

CVE-2026-2801 - Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed

CVE-2026-2800 - Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Fir

CVE-2026-2799 - Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Th

CVE-2026-2798 - Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Th

CVE-2026-2797 - Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thun

CVE-2026-2796 - JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox

CVE-2026-2795 - Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thun

CVE-2026-2794 - Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vu

CVE-2026-2793 - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox

CVE-2026-2792 - Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird

CVE-2026-2791 - Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, F

CVE-2026-2790 - Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox

CVE-2026-2789 - Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Fir

CVE-2026-2788 - Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Fir

CVE-2026-2787 - Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 14

CVE-2026-2786 - Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Fire

CVE-2026-2785 - Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Fir

CVE-2026-2784 - Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firef

CVE-2026-2783 - Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulne

CVE-2026-2782 - Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firef

CVE-2026-2781 - Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Fir

CVE-2026-2780 - Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firef

CVE-2026-2779 - Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Fire

CVE-2026-2778 - Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerab

CVE-2026-2777 - Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148,

CVE-2026-2776 - Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software.

CVE-2026-2775 - Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Fi

CVE-2026-2774 - Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox

CVE-2026-2773 - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 14

CVE-2026-2772 - Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148,

CVE-2026-2771 - Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, F

CVE-2026-2770 - Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148,

CVE-2026-2769 - Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Fir

CVE-2026-2768 - Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Fir

CVE-2026-2767 - Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148

CVE-2026-2766 - Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148,

CVE-2026-2765 - Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Fire

CVE-2026-2764 - JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was f

CVE-2026-2763 - Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Fire

CVE-2026-2762 - Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Fire

CVE-2026-2761 - Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Fi

CVE-2026-2760 - Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulne

CVE-2026-2759 - Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in F

CVE-2026-2758 - Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox

CVE-2026-2757 - Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in

CVE-2026-2634 - Malicious scripts could cause desynchronization between the address bar and web content before a res

CVE-2026-2460 - A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and a

CVE-2026-2459 - A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter t

CVE-2026-23984 - An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated us

CVE-2026-23983 - A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to re

CVE-2026-23982 - An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user

CVE-2026-23980 - Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability in

CVE-2026-23969 - Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execut

CVE-2026-1773 - IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product

CVE-2026-1772 - RTU500 web interface: An unprivileged user can read user management information. The information can

CVE-2025-14577 - Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote a

CVE-2026-2664 - An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker

CVE-2025-27555 - Airflow versions before 2.11.1 have a vulnerability that allows authenticated users with audit log a

CVE-2024-56373 - DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in th

CVE-2025-11165 - A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine (VTools) that allows aut

CVE-2024-1524 - When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider (ID

CVE-2026-1229 - The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect valu

CVE-2025-40541 - An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, giv

CVE-2025-40540 - A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ab

CVE-2025-40539 - A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ab

CVE-2025-40538 - A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor

CVE-2026-24314 - Under certain conditions SAP S/4HANA (Manage Payment Media) allows an authenticated attacker to acce

CVE-2025-15589 - A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file

CVE-2025-15386 - The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated

CVE-2026-3070 - A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulner

CVE-2026-3069 - A security vulnerability has been detected in itsourcecode Document Management System 1.0. Affected

CVE-2026-3068 - A weakness has been identified in itsourcecode Document Management System 1.0. This impacts an unkno

CVE-2026-3067 - A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTar

CVE-2026-3066 - A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedComman

CVE-2026-27461 - Pimcore is an Open Source Data & Experience Management Platform. In versions up to and including 11.

CVE-2026-3091 - An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows

CVE-2026-3065 - A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commo

CVE-2026-3064 - A security vulnerability has been detected in HummerRisk up to 1.5.0. Affected by this issue is some

CVE-2026-3057 - A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the functi

CVE-2026-3054 - A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The m

CVE-2026-27129 - Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 thro

CVE-2026-27128 - Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 thro

CVE-2026-27127 - Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 thro

CVE-2026-27126 - Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 thro

CVE-2026-26983 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-26981 - OpenEXR provides the specification and reference implementation of the EXR file format, an image sto

CVE-2026-26331 - yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version

CVE-2026-26284 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-26283 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-26198 - Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate qu

CVE-2026-26066 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25989 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-1459 - A post-authentication command injection vulnerability in the TR-369 certificate download CGI program

CVE-2025-13943 - A post-authentication command injection vulnerability in the log file download function of the Zyxel

CVE-2025-13942 - A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions thro

CVE-2025-11848 - A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B fi

CVE-2025-11847 - A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B fi

CVE-2026-3053 - A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterce

CVE-2026-3052 - A vulnerability was found in DataLinkDC dinky up to 1.2.5. The impacted element is the function prox

CVE-2026-25988 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25987 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25986 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25985 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25983 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25982 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25971 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25970 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25969 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25968 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25967 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25966 - ImageMagick is free and open-source software used for editing and manipulating digital images. The s

CVE-2026-25965 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25898 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25897 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2025-11846 - A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T5

CVE-2025-11845 - A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3

CVE-2026-3051 - A vulnerability has been found in DataLinkDC dinky up to 1.2.5. The affected element is the function

CVE-2026-3050 - A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an unknown function of

CVE-2026-3049 - A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the funct

CVE-2026-3046 - A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System f

CVE-2026-27729 - Astro is a web framework. In versions 9.0.0 through 9.5.3, Astro server actions have no default requ

CVE-2026-27643 - free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generat

CVE-2026-27642 - free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th gener

CVE-2026-26025 - free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generat

CVE-2026-26024 - free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generat

CVE-2026-25802 - New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management sys

CVE-2026-25799 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25798 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25797 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25796 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25795 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior

CVE-2026-25794 - ImageMagick is free and open-source software used for editing and manipulating digital images. `Writ