CVE-2026-43479 - In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in

CVE-2026-31219 - The _load_model() function in the neural_magic_training.py script of the optimate project in commit

CVE-2026-31218 - The _load_model() function in the neural_magic_training.py script of the optimate project in commit

CVE-2026-31217 - The _load_model() function in the neural_magic_training.py script of the optimate project in commit

CVE-2026-31214 - The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe

CVE-2026-32687 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

CVE-2026-8349 - A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of th

CVE-2026-43885 - WWBN AVideo is an open source video platform. In versions up to and including 29.0, an unauthenticat

CVE-2026-43879 - WWBN AVideo is an open source video platform. In versions up to and including 29.0, an authenticated

CVE-2026-43873 - WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite

CVE-2026-8319 - A weakness has been identified in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59.

CVE-2026-8318 - A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929

CVE-2026-8305 - A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handl

CVE-2026-42858 - Open edX Platform enables the authoring and delivery of online learning at any scale. The sync_provi

CVE-2026-31246 - GPT-Pilot thru commit 0819827ce20346ef5f25b3fe29293cb448840565 (2025-09-03) contains a command injec

CVE-2026-43449 - In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix slab-out-of-bound

CVE-2026-43448 - In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix race bug in nvme_

CVE-2026-43441 - In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fix nd_tbl NULL d

CVE-2026-43408 - In the Linux kernel, the following vulnerability has been resolved: ceph: add a bunch of missing ce

CVE-2026-43385 - In the Linux kernel, the following vulnerability has been resolved: net: Fix rcu_tasks stall in thr

CVE-2026-43367 - In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix a few more NULL po

CVE-2026-43365 - In the Linux kernel, the following vulnerability has been resolved: xfs: fix undersized l_iclog_rou

CVE-2026-43360 - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on

CVE-2026-43349 - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value

CVE-2026-43314 - In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoi

CVE-2026-43291 - In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fix parameter va

CVE-2026-42278 - UltraDAG is a minimal DAG-BFT blockchain in Rust. Prior to commit fb6ef59, the UltraDAG StateEngine

CVE-2026-43252 - In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always se

CVE-2026-43234 - In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEV_CHANGEMTU ev

CVE-2026-43232 - In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-afte

CVE-2026-43180 - In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: remove TX que

CVE-2026-43147 - In the Linux kernel, the following vulnerability has been resolved: Revert "PCI/IOV: Add PCI rescan

CVE-2025-71273 - In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devm_kmemdup()

CVE-2026-43094 - In the Linux kernel, the following vulnerability has been resolved: ixgbevf: add missing negotiate_

CVE-2026-43080 - In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with U

CVE-2026-36355 - The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4

CVE-2026-42146 - CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field rea

CVE-2026-7735 - A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.Deco

CVE-2026-7713 - A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this v

CVE-2026-37535 - openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac (2021-08-09) contains an out-of-

CVE-2026-43015 - In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on

CVE-2026-31766 - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate doorbell_o

CVE-2026-31765 - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPU_VA_RE

CVE-2026-31747 - In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential o

CVE-2026-31697 - In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to c

CVE-2026-5404 - K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

CVE-2026-7446 - A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyz

CVE-2026-7272 - A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d99

CVE-2026-31686 - In the Linux kernel, the following vulnerability has been resolved: mm/kasan: fix double free for k

CVE-2026-7141 - A vulnerability was found in vllm up to 0.19.0. The affected element is the function has_mamba_layer

CVE-2026-31654 - In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in __mm

CVE-2026-31625 - In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer der

CVE-2026-31617 - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: validate mi

CVE-2026-31601 - In the Linux kernel, the following vulnerability has been resolved: vfio/xe: Reorganize the init to

CVE-2026-31551 - In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix static_bran

CVE-2026-31496 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect:

CVE-2026-31490 - In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix use-after-free i

CVE-2026-31488 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip un

CVE-2026-31450 - In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after init

CVE-2026-40925 - WWBN AVideo is an open source video platform. In versions 29.0 and prior, `objects/configurationUpda

CVE-2026-40497 - FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's

CVE-2026-39866 - Lawnchair is a free, open-source home app for Android. Prior to commit fcba413f55dd47f8a392144525284

CVE-2026-40340 - libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-o

CVE-2026-40339 - libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-o

CVE-2026-40334 - libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing

CVE-2026-40333 - libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two funct

CVE-2025-67841 - Nordic Semiconductor IronSide SE for nRF54H20 before 23.0.2+17 has an Algorithmic complexity issue.

CVE-2026-39399 - NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the

CVE-2026-39979 - jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the

CVE-2026-39956 - jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the

CVE-2026-6142 - A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf

CVE-2026-6141 - A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up to 2.3.0. Affected is

CVE-2026-29043 - HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file

CVE-2026-5972 - A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the funct

CVE-2026-34734 - HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the

CVE-2026-5831 - A security flaw has been discovered in Agions taskflow-ai up to 2.1.8. This impacts an unknown funct

CVE-2026-5803 - A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f38934

CVE-2026-5587 - A vulnerability was identified in wbbeyourself MAC-SQL up to 31a9df5e0d520be4769be57a4b9022e5e34a14f

CVE-2026-5470 - A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6

CVE-2026-31396 - In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free a

CVE-2026-23467 - In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely N

CVE-2026-23460 - In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dere

CVE-2026-23418 - In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Fix leak on xa_s

CVE-2026-34425 - OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in she

CVE-2026-5328 - A weakness has been identified in shsuishang modulithshop up to 829bac71f507e84684c782b9b062b8bf3b55

CVE-2026-5322 - A vulnerability has been found in AlejandroArciniegas mcp-data-vis bc597e391f184d2187062fd567599a3cb

CVE-2026-23407 - In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds ch

CVE-2026-23406 - In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug i

CVE-2026-5125 - A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is

CVE-2026-34247 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `plugin/Live

CVE-2026-4907 - A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db675105

CVE-2026-23382 - In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guar

CVE-2026-23353 - In the Linux kernel, the following vulnerability has been resolved: ice: fix crash in ethtool offli

CVE-2026-23327 - In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size

CVE-2026-23293 - In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL der

CVE-2026-33690 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `getRealIpAd

CVE-2026-33688 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the password rec

CVE-2026-33493 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `objects/imp

CVE-2026-33485 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the RTMP `on_pub

CVE-2026-33231 - NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials s

CVE-2026-32810 - Halloy is an IRC application written in Rust. In versions on \*nix and macOS prior to commit f180e41

CVE-2026-33061 - Jexactyl is a customisable game management panel and billing system. Commits after 025e8dbb0daaa0405

CVE-2026-23263 - In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix page array l

CVE-2026-32836 - dr_libs dr_flac.h version 0.13.3 and earlier (fixed in commits fefced4, 4f5a4cd, and 663239a) contai

CVE-2026-23940 - Uncontrolled Resource Consumption vulnerability in hexpm hexpm/hexpm allows Excessive Allocation. Pu

CVE-2026-4015 - A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of th

CVE-2026-1776 - Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulne

CVE-2026-3789 - A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file

CVE-2026-3788 - A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getMod

CVE-2026-3749 - A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function hand

CVE-2026-3748 - A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of

CVE-2025-69654 - A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7

CVE-2026-21622 - Insufficient Session Expiration vulnerability in hexpm hexpm/hexpm ('Elixir.Hexpm.Accounts.PasswordR

CVE-2026-3484 - A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0

CVE-2026-3395 - A flaw has been found in MaxSite CMS up to 109.1. This impacts the function eval of the file applica

CVE-2026-3293 - A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function S

CVE-2026-3284 - A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the

CVE-2026-3283 - A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_

CVE-2026-3282 - A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_

CVE-2026-28230 - SteVe is an open-source EV charging station management system. In versions up to and including 3.11.

CVE-2026-23748 - Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bou

CVE-2026-23747 - Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based

CVE-2026-25701 - An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a d

CVE-2026-2492 - TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. T

CVE-2026-26200 - HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` f

CVE-2026-2676 - A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. A

CVE-2026-2658 - A vulnerability was found in newbee-ltd newbee-mall up to a069069b07027613bf0e7f571736be86f431faee.

CVE-2025-71235 - In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unl

CVE-2026-23215 - In the Linux kernel, the following vulnerability has been resolved: x86/vmware: Fix hypercall clobb

CVE-2026-2553 - A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1

CVE-2026-23126 - In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix a race issue rel