CVE-2026-35431 - Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthoriz

CVE-2026-33819 - Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code

CVE-2026-41679 - Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business.

CVE-2026-41211 - Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, `download

CVE-2026-41196 - Luanti (formerly Minetest) is an open source voxel game-creation platform. Starting in version 5.0.0

CVE-2026-40911 - WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's Web

CVE-2025-15638 - Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Drop

CVE-2017-20230 - Storable versions before 3.05 for Perl has a stack overflow. The retrieve_hook function stored the

CVE-2026-39861 - Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not preven

CVE-2026-39907 - Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated W