CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-4359 A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver. | 2.0 | LOW | β | 0 |
| CVE-2026-4358 A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution (SBE) engine when a... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-4295 Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted proj... | 7.8 | HIGH | β | 0 |
| CVE-2026-4064 Missing authorization checks on multiple gRPC service endpoints in PowerShell Universal before 2026.1.4 allows an authenticated user with any valid token to bypass role-based access controls and perfo... | 8.3 | HIGH | β | 0 |
| CVE-2026-3563 Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to overrid... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-32981 A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file... | 7.5 | HIGH | β | 0 |
| CVE-2026-32837 miniaudio version 0.11.25 and earlier contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WA... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-32836 dr_libsΒ dr_flac.h version 0.13.3 and earlier contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-30707 An issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypas... | 8.1 | HIGH | β | 0 |
| CVE-2026-25936 GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, an authenticated user can perfom a SQL injection. Version 11.0.6 fixes the issue. | 6.5 | MEDIUM | β | 0 |
| CVE-2025-15584 Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trig... | N/A | NONE | β | 0 |
| CVE-2026-3207 Configuration issueΒ in Java Management Extensions (JMX) in TIBCO BPM Enterprise version 4.x allows unauthorised access. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25790 Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the ... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-25772 Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists ... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-25771 Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.3.0 and prior to version 4.14.3, a Denial of Service (DoS) vulnerability exists in t... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-22882 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-20726 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-66633 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-66617 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-66503 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-66342 A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerability, which can lead to memory corruption and result in arbitra... | 7.8 | HIGH | β | 0 |
| CVE-2025-66042 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-66000 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-65119 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-64776 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-64735 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-64733 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-64301 An outβofβbounds write vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an outβofβbounds ... | 7.8 | HIGH | β | 0 |
| CVE-2025-62500 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-62403 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-61979 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-61952 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-58427 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-47873 An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds r... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-4319 A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/add-item.php. Such manipulation of the arg... | 7.3 | HIGH | β | 0 |
| CVE-2026-32298 The Angeet ES3 KVM does not properly sanitize user-supplied variables parsed by the 'cfg.lua' script, allowing an authenticated attacker to execute OS-level commands. | 9.1 | CRITICAL | β | 0 |
| CVE-2026-32297 The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries. Modified configuration files or system binaries could allow an ... | 7.5 | HIGH | β | 0 |
| CVE-2026-32296 Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network... | 8.2 | HIGH | β | 0 |
| CVE-2026-32295 JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials. | 7.5 | HIGH | β | 0 |
| CVE-2026-32294 JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 has... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-32293 The GL-iNet Comet (GL-RM1) KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker... | 3.7 | LOW | β | 0 |
| CVE-2026-32292 The GL-iNet Comet (GL-RM1) KVM web interface does not limit login requests, enabling brute-force attempts to guess credentials. | 7.5 | HIGH | β | 0 |
| CVE-2026-32291 The GL-iNet Comet (GL-RM1) KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins. | 6.8 | MEDIUM | β | 0 |
| CVE-2026-32290 The GL-iNet Comet (GL-RM1) KVM before version 1.8.2 does not sufficiently verify the authenticity of uploaded firmware files. An attacker-in-the-middle or a compromised update server could modify the ... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-25770 Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the ... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-25769 Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution (RCE) vulnerability due to Deserialization of U... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-25534 ### Impact Spinnaker updated URL Validation logic on user input to provide sanitation on user inputted URLs for clouddriver. However, they missed that Java URL objects do not correctly handle undersc... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-21570 This High severity RCE (Remote Code Execution)Β vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE (Remote Co... | N/A | NONE | β | 0 |
| CVE-2026-4148 A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline. | 8.8 | HIGH | β | 0 |
| CVE-2026-4147 An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command. | 6.5 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.