Export limit exceeded: 366715 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366715 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-63087 2026-07-16 9.8 Critical
Grafana OnCall through 1.16.11 contains an unauthenticated access vulnerability that allows remote attackers to obtain a valid PluginAuthToken by sending a POST request to the internal plugin install endpoint using hardcoded default stack_id and org_id values present in the public source tree. Attackers can leverage the acquired token to authenticate against all internal API endpoints, create arbitrary Admin users via the user-context header bootstrap path, revoke the legitimate plugin token, and redirect OnCall-to-Grafana API calls to an attacker-controlled host by overwriting the organization's grafana_url and api_token.
CVE-2026-47751 2026-07-16 N/A
Claude Code Action is a general-purpose GitHub action that runs Claude Code on GitHub pull requests and issues. Prior to 1.0.74, because the action checked out attacker-controlled pull request head branches, read .mcp.json from the working directory via default setting sources, and unconditionally enabled all project MCP servers via enableAllProjectMcpServers, an attacker who opened a pull request containing a malicious .mcp.json file could achieve arbitrary code execution on the GitHub Actions runner and exfiltrate secrets available to the workflow (such as API keys and tokens) when a privileged user or an automatic trigger invoked the Claude action on the pull request. This issue is fixed in version 1.0.74, which restores .claude/ and .mcp.json from the pull request base branch before the CLI runs.
CVE-2026-12379 1 Qt 1 Axivion 2026-07-16 N/A
An Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application's own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. Because the link points at the legitimate Dashboard, this can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow.
CVE-2026-55407 2026-07-16 N/A
Buffa is a pure-Rust Protocol Buffers implementation with first-class protobuf editions support. Prior to 0.8.0, the decode_unknown_field function in buffa's protobuf decoder allocated heap memory in proportion to untrusted input (unknown fields in the serialized protobuf) without enforcing an allocation budget, affecting any message decoded from untrusted input using code generated with preserve_unknown_fields=true (the default); a small, well-formed payload of nested unknown fields inside a StartGroup could trigger roughly 22x memory amplification (for example a 64 MiB input forcing about 1.4 GB of heap allocation), and length-delimited unknown fields could be sized arbitrarily, so an unauthenticated attacker could crash a process through memory exhaustion because the top-level message size cap did not account for in-decode amplification. This issue is fixed in version 0.8.0.
CVE-2026-63085 2026-07-16 8.8 High
Axelor Open Platform versions 8.x prior to 8.2.2 contains an authorization bypass vulnerability that allows authenticated non-admin users to escalate privileges by exploiting unenforced field restrictions on nested relational save operations. Attackers can modify sensitive User record fields such as roles and group by submitting changes through a related entity's save path, bypassing the USER_RESTRICTED_FIELDS control and causing the JPA persistence layer to flush attacker-supplied admin role and group assignments on commit.
CVE-2026-58614 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-16 5.5 Medium
Out-of-bounds read in Windows Kernel allows an authorized attacker to bypass a security feature locally.
CVE-2026-42900 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-16 8.1 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows App Store allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-49165 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-16 7.1 High
Use of uninitialized resource in Microsoft Windows App Store allows an authorized attacker to disclose information locally.
CVE-2026-49177 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-16 5.5 Medium
Out-of-bounds read in Windows TCP/IP allows an authorized attacker to disclose information locally.
CVE-2026-62193 1 Openclaw 1 Openclaw 2026-07-16 4.9 Medium
OpenClaw versions 2026.6.5 before 2026.6.9 contain a vulnerability in the plugin install wrappers that could skip the install policy (authorization) check. When the affected feature is enabled and reachable, a lower-trust caller or a configured input path could execute or persist actions beyond the caller's intended authorization. Impact depends on the operator's configuration and whether lower-trust input can reach the affected path. The issue is fixed in 2026.6.9.
CVE-2026-45695 2026-07-16 9.8 Critical
Kopia is a cross-platform backup tool for Windows, macOS, and Linux with fast incremental backups, client-side end-to-end encryption, compression, and data deduplication. Prior to 0.23.0, Kopia's HTTP server started with --without-password accepts unauthenticated requests to /api/v1/repo/exists and forwards attacker-supplied SFTP storage configuration to blob.NewStorage, where externalSSH: true and sshArguments containing -oProxyCommand=<cmd> can cause exec.CommandContext("ssh") to invoke the command through OpenSSH. This issue is fixed in version 0.23.0.
CVE-2026-54997 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-16 5.5 Medium
Use of uninitialized resource in Windows SMB allows an authorized attacker to disclose information locally.
CVE-2026-58595 1 Microsoft 1 Bing Search 2026-07-16 8.1 High
Improper restriction of rendered ui layers or frames in Microsoft Bing App for IOS allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-49784 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-16 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Windows App Store allows an authorized attacker to elevate privileges locally.
CVE-2024-7033 1 Openwebui 1 Open Webui 2026-07-16 7.2 High
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-7034 2 Open-webui, Openwebui 2 Open-webui, Open Webui 2026-07-16 7.2 High
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-7038 1 Openwebui 1 Open Webui 2026-07-16 2.7 Low
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-7039 2 Open-webui, Openwebui 2 Open-webui, Open Webui 2026-07-16 6.7 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-7959 2 Open-webui, Openwebui 2 Open-webui, Open Webui 2026-07-16 7.7 High
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-7040 2 Open-webui, Openwebui 2 Open-webui, Open Webui 2026-07-16 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.