Export limit exceeded: 355836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 355836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355836 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-45076 | 2 Element, Element-hq | 2 Synapse, Synapse | 2026-06-04 | 2.7 Low |
| Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This vulnerability is fixed in 1.152.1. | ||||
| CVE-2026-9813 | 1 Flowintel | 1 Flowintel | 2026-06-04 | 9.9 Critical |
| FlowIntel up to version 3.3.0 contains a server-side request forgery (SSRF) vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specified destination. Due to insufficient validation of the URL scheme and resolved destination address, affected versions may allow requests to loopback, link-local, private, reserved, or other restricted network resources, potentially enabling interaction with internal services or cloud metadata endpoints from the server's network context. | ||||
| CVE-2026-22226 | 1 Tp-link | 2 Archer Be230, Archer Be230 Firmware | 2026-06-04 | 7.2 High |
| A command injection vulnerability may be exploited after the admin's authentication in the VPN server configuration module on TP-Link Archer BE230 v1.2 and Archer AX73 v2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability. This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID. This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420 and Archer AX73 v2 < 1.3.1 Build 20260430. | ||||
| CVE-2026-45571 | 2 Go-git, Go-git Project | 2 Go-git, Go-git | 2026-06-04 | 5.4 Medium |
| go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, a path validation issue in go-git could allow crafted repository data to affect files outside the intended checkout target, including the repository's .git directory. These validations were introduced in upstream Git years ago, so the vulnerability arose from go-git drifting from those checks. This vulnerability is fixed in 5.19.1 and 6.0.0-alpha.4. | ||||
| CVE-2026-45570 | 2 Go-git, Go-git Project | 2 Go-git, Go-git | 2026-06-04 | 9.6 Critical |
| go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, go-git's SSH transport constructs the remote exec command by wrapping the repository path in single quotes without escaping single quotes embedded inside the path. A repository path containing a single quote can therefore break out of the quoted region in the exec command and be appended as additional shell tokens. This vulnerability is fixed in 5.19.1 and 6.0.0-alpha.4. | ||||
| CVE-2026-46739 | 2026-06-04 | 5.3 Medium | ||
| Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The update_stats (used for updating counters) and gauge methods do not check that values are numeric (which would block metric injection). | ||||
| CVE-2026-45022 | 2 Go-git, Go-git Project | 2 Go-git, Go-git | 2026-06-04 | 7.5 High |
| go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed Git objects in a way that differs from upstream Git. When commit or tag objects contain ambiguous or malformed headers, go-git’s decoded representation may expose values differently from how Git itself would interpret or reject the same object. Additionally, go-git’s commit signing and verification logic operates over commit data reconstructed from go-git’s parsed representation rather than the original raw object bytes. As a result, go-git may sign or verify a commit payload that is not byte-for-byte equivalent to the object stored in the repository. This can cause a signature to appear valid for a commit whose displayed or effective metadata differs from the object that was intended to be signed. This vulnerability is fixed in 5.19.0 and 6.0.0-alpha.3. | ||||
| CVE-2026-43985 | 1 Tautulli | 1 Tautulli | 2026-06-04 | 8.8 High |
| Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `configUpdate` as a state-changing administrator endpoint, but the route does not enforce `POST` and does not use any anti-CSRF token. In the default form and JWT-based authentication mode, the administrator session cookie is issued with `SameSite=Lax`, which still permits top-level cross-site navigation requests. An attacker can exploit this by luring a logged-in administrator to a malicious page that submits a cross-site request to `/configUpdate` and overwrites the local administrator username and password. The attacker can then sign in directly with the chosen credentials and take over the Tautulli administrative interface. Version 2.17.1 patches the issue. | ||||
| CVE-2026-5121 | 2 Libarchive, Redhat | 17 Libarchive, Ai Inference Server, Discovery and 14 more | 2026-06-04 | 7.5 High |
| A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system. | ||||
| CVE-2026-7299 | 1 Appsmith | 1 Appsmith | 2026-06-04 | 6.3 Medium |
| Appsmith’s SQL query editor’s autocomplete functionality fails to sanitize database object names before rendering them in innerHTML, allowing an authenticated Developer to inject persistent XSS by a malicious table or column names triggering arbitrary code execution in the sessions of other workspace members when they interact with the same datasource. | ||||
| CVE-2026-46741 | 2026-06-04 | 7.5 High | ||
| Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the gauge and set methods that also do not check for potential metric injections. | ||||
| CVE-2026-1871 | 1 Tp-link | 3 Tapo C200, Tapo C200 Firmware, Tapo C200 V5 | 2026-06-04 | 6.5 Medium |
| TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to crash and triggers an automatic system reboot, resulting in a denial of service (DoS) condition. This prevents legitimate users from accessing the camera’s live video stream or management interface until the service restarts. | ||||
| CVE-2026-24221 | 1 Nvidia | 1 Nvtabular | 2026-06-04 | 7.8 High |
| NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering and information disclosure. | ||||
| CVE-2026-24237 | 1 Nvidia | 1 Nvtabular | 2026-06-04 | 7.8 High |
| NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure. | ||||
| CVE-2026-44839 | 2 Broadcom, Rabbitmq | 2 Rabbitmq Server, Rabbitmq-server | 2026-06-04 | 4.8 Medium |
| RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1.2 and 4.0.13, This vulnerability is fixed in 4.1.2 and 4.0.13. | ||||
| CVE-2026-40713 | 1 Dell | 1 Thinos | 2026-06-04 | 6.1 Medium |
| Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2026-37462 | 1 Osrg | 1 Gobgp | 2026-06-04 | 7.5 High |
| An integer underflow in the BGPUpdate.DecodeFromBytes function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message. | ||||
| CVE-2026-22054 | 2026-06-04 | N/A | ||
| Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. | ||||
| CVE-2026-22055 | 2026-06-04 | N/A | ||
| Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. | ||||
| CVE-2026-38570 | 1 Bacnetstack | 1 Bacnet Stack | 2026-06-04 | N/A |
| bacnet_stack 1.3.1 contains an Out-of-bounds Read in bacnet_tag_number_decode which allows attackers to cause a denial of service. | ||||