CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-43219 The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory. | 8.8 | HIGH | β | 0 |
| CVE-2025-43210 An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7... | 6.3 | MEDIUM | β | 0 |
| CVE-2025-43202 This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption. | 8.8 | HIGH | β | 0 |
| CVE-2024-44303 The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1. A malicious application may be able to modify protected parts of the file system. | 7.5 | HIGH | β | 0 |
| CVE-2024-44286 This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access can input keyboard events to apps running on a locked device. | 7.5 | HIGH | β | 0 |
| CVE-2024-44250 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to execute arbitrary code out of its sandbox or with certain elevated priv... | 8.2 | HIGH | β | 0 |
| CVE-2024-44219 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious application with root privileges may be able to access private information. | 7.5 | HIGH | β | 0 |
| CVE-2024-40858 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to access Contacts without user consent. | 7.1 | HIGH | β | 0 |
| CVE-2024-40849 A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to break out of its sandbox. | 7.5 | HIGH | β | 0 |
| CVE-2023-7342 HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administ... | 8.8 | HIGH | β | 0 |
| CVE-2026-5414 A security flaw has been discovered in Newgen OmniDocs up to 12.0.00. Affected by this issue is some unknown functionality of the file /omnidocs/WebApiRequestRedirection. The manipulation of the argum... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-5413 A vulnerability was identified in Newgen OmniDocs up to 12.0.00. Affected by this vulnerability is an unknown functionality of the file /omnidocs/GetWebApiConfiguration. The manipulation of the argume... | 3.7 | LOW | β | 0 |
| CVE-2026-5370 A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities... | 3.5 | LOW | β | 0 |
| CVE-2026-5368 A vulnerability was determined in projectworlds Car Rental Project 1.0. The affected element is an unknown function of the file /login.php of the component Parameter Handler. This manipulation of the ... | 7.3 | HIGH | β | 0 |
| CVE-2026-35414 OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma chara... | 4.2 | MEDIUM | β | 0 |
| CVE-2026-34835 Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Request parses the Host header using an AUTHORITY regular expression that acce... | 4.8 | MEDIUM | β | 0 |
| CVE-2026-34828 listmonk is a standalone, self-hosted, newsletter and mailing list manager. From version 4.1.0 to before version 6.1.0, a session management vulnerability allows previously issued authenticated sessio... | 7.1 | HIGH | β | 0 |
| CVE-2026-34827 Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Multipart::Parser#handle_mime_head parses quoted multipart parameters such as ... | 7.5 | HIGH | β | 0 |
| CVE-2026-34725 DbGate is cross-platform database manager. From version 7.0.0 to before version 7.1.5, a stored XSS vulnerability exists in DbGate because attacker-controlled SVG icon strings are rendered as raw HTML... | 8.2 | HIGH | β | 0 |
| CVE-2026-34717 OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-34715 ewe is a Gleam web server. Prior to version 3.0.6, the encode_headers function in src/ewe/internal/encoder.gleam directly interpolates response header keys and values into raw HTTP bytes without valid... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34610 The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lc_x509_extract_name_segment() casts size_t vlen to uin... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-34608 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhook_inproc.c, the hook_work_cb() function processes nng messages by parsing the message ... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-34606 Frappe Learning Management System (LMS) is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue... | N/A | NONE | β | 0 |
| CVE-2026-34601 xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, ... | 7.5 | HIGH | β | 0 |
| CVE-2026-34598 YesWiki is a wiki system written in PHP. Prior to version 4.6.0, a stored and blind XSS vulnerability exists in the form title field. A malicious attacker can inject JavaScript without any authenticat... | N/A | NONE | β | 0 |
| CVE-2026-34593 Ash Framework is a declarative, extensible framework for building Elixir applications. Prior to version 3.22.0, Ash.Type.Module.cast_input/2 unconditionally creates a new Erlang atom via Module.concat... | N/A | NONE | β | 0 |
| CVE-2026-34591 Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary f... | N/A | NONE | β | 0 |
| CVE-2026-34590 Postiz is an AI social media scheduling tool. Prior to version 2.21.4, the POST /webhooks/ endpoint for creating webhooks uses WebhooksDto which validates the url field with only @IsUrl() (format chec... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34584 listmonk is a standalone, self-hosted, newsletter and mailing list manager. From version 4.1.0 to before version 6.1.0, bugs in list permission checks allows users in a multi-user environment to acces... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34577 Postiz is an AI social media scheduling tool. Prior to version 2.21.3, the GET /public/stream endpoint in PublicController accepts a user-supplied url query parameter and proxies the full HTTP respons... | 8.6 | HIGH | β | 0 |
| CVE-2026-34576 Postiz is an AI social media scheduling tool. Prior to version 2.21.3, the POST /public/v1/upload-from-url endpoint accepts a user-supplied URL and fetches it server-side using axios.get() with no SSR... | N/A | NONE | β | 0 |
| CVE-2026-34526 SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34524 SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version ... | 8.3 | HIGH | β | 0 |
| CVE-2026-34523 SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34522 SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version ... | 8.1 | HIGH | β | 0 |
| CVE-2026-34124 A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but doe... | N/A | NONE | β | 0 |
| CVE-2026-34122 A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vul... | N/A | NONE | β | 0 |
| CVE-2026-34121 An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON ... | N/A | NONE | β | 0 |
| CVE-2026-34120 A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buff... | N/A | NONE | β | 0 |
| CVE-2026-34119 A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous writeβboundary verificatio... | N/A | NONE | β | 0 |
| CVE-2026-34118 A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6Β in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocatio... | N/A | NONE | β | 0 |
| CVE-2026-33271 Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902. | N/A | NONE | β | 0 |
| CVE-2026-32762 Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21 and 3.2.0 to before 3.2.6, Rack::Utils.forwarded_values parses the RFC 7239 Forwarded header by splitting on sem... | 4.8 | MEDIUM | β | 0 |
| CVE-2026-28728 Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902. | N/A | NONE | β | 0 |
| CVE-2026-27774 Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902. | N/A | NONE | β | 0 |
| CVE-2026-26962 Rack is a modular Ruby web server interface. From version 3.2.0 to before version 3.2.6, Rack::Multipart::Parser unfolds folded multipart part headers incorrectly. When a multipart header contains an ... | 4.8 | MEDIUM | β | 0 |
| CVE-2026-5360 A vulnerability has been found in Free5GC 4.2.0. The affected element is an unknown function of the component aper. Such manipulation leads to type confusion. The attack may be launched remotely. This... | 3.7 | LOW | β | 0 |
| CVE-2026-5355 A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function vpn_drop of the file /setup.cgi. The manipulation of the argument policy_name leads to os command i... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-5354 A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpn_connect of the file /setup.cgi. Executing a manipulation of the argument policy_name can lead to... | 6.3 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.