Export limit exceeded: 345062 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345062 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-34940 | 2 Kubeai, Kubeai-project | 2 Kubeai, Kubeai | 2026-04-17 | 8.7 High |
| KubeAI is an AI inference operator for kubernetes. Prior to 0.23.2, the ollamaStartupProbeScript() function in internal/modelcontroller/engine_ollama.go constructs a shell command string using fmt.Sprintf with unsanitized model URL components (ref, modelParam). This shell command is executed via bash -c as a Kubernetes startup probe. An attacker who can create or update Model custom resources can inject arbitrary shell commands that execute inside model server pods. This vulnerability is fixed in 0.23.2. | ||||
| CVE-2026-39841 | 2 Mediawiki, Wikimedia | 2 Cargo, Mediawiki-cargo Extension | 2026-04-17 | 6.1 Medium |
| Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7. | ||||
| CVE-2026-32282 | 2 Go Standard Library, Golang | 2 Internal/syscall/unix, Go | 2026-04-17 | 6.4 Medium |
| On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation. | ||||
| CVE-2026-32281 | 2 Go Standard Library, Golang | 2 Crypto/x509, Go | 2026-04-17 | 7.5 High |
| Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool. | ||||
| CVE-2026-39889 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-04-17 | 7.5 High |
| PraisonAI is a multi-agent teams system. Prior to 4.5.115, the A2U (Agent-to-User) event stream server in PraisonAI exposes all agent activity without authentication. The create_a2u_routes() function registers the following endpoints with NO authentication checks: /a2u/info, /a2u/subscribe, /a2u/events/{stream_name}, /a2u/events/sub/{id}, and /a2u/health. This vulnerability is fixed in 4.5.115. | ||||
| CVE-2026-5439 | 2 Orthanc, Orthanc-server | 2 Dicom Server, Orthanc | 2026-04-17 | 7.5 High |
| A memory exhaustion vulnerability exists in ZIP archive processing. Orthanc automatically extracts ZIP archives uploaded to certain endpoints and trusts metadata fields describing the uncompressed size of archived files. An attacker can craft a small ZIP archive containing a forged size value, causing the server to allocate extremely large buffers during extraction. | ||||
| CVE-2026-40175 | 1 Axios | 1 Axios | 2026-04-17 | 4.8 Medium |
| Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.3.1, the Axios library is vulnerable to a specific "Gadget" attack chain that allows Prototype Pollution in any third-party dependency to be escalated into Remote Code Execution (RCE) or Full Cloud Compromise (via AWS IMDSv2 bypass). This vulnerability is fixed in 1.15.0 and 0.3.1. | ||||
| CVE-2026-26460 | 1 Vtiger | 1 Crm | 2026-04-17 | 6.1 Medium |
| A HTML Injection vulnerability exists in the Dashboard module of Vtiger CRM 8.4.0. The application fails to properly neutralize user-supplied input in the tabid parameter of the DashBoardTab view (getTabContents action), allowing an attacker to inject arbitrary HTML content into the dashboard interface. The injected content is rendered in the victim's browser | ||||
| CVE-2026-21003 | 2 Samsung, Samsung Mobile | 3 Android, Mobile Devices, Samsung Mobile Devices | 2026-04-17 | 6.8 Medium |
| Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions. | ||||
| CVE-2026-31049 | 1 Hostbillapp | 1 Hostbill | 2026-04-17 | 9.8 Critical |
| An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code and escalate privileges via the CSV registration field | ||||
| CVE-2025-67841 | 1 Nordicsemi | 1 Ironside Se | 2026-04-17 | 7.5 High |
| Nordic Semiconductor IronSide SE for nRF54H20 before 23.0.2+17 has an Algorithmic complexity issue. | ||||
| CVE-2026-5758 | 1 Mafintosh | 1 Protocol-buffers-schema Parser | 2026-04-17 | 6.5 Medium |
| JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution. | ||||
| CVE-2026-6312 | 1 Google | 1 Chrome | 2026-04-17 | 3.1 Low |
| Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-22619 | 1 Eaton | 1 Ipp Software | 2026-04-17 | 7.8 High |
| Eaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an attacker with access to the software package. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download center. | ||||
| CVE-2026-6443 | 2 Essentialplugin, Wordpress | 2 Accordion And Accordion Slider, Wordpress | 2026-04-17 | 9.8 Critical |
| The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This makes it possible for the threat actor to maintain a persistent backdoor and inject spam into the affected sites. | ||||
| CVE-2026-6451 | 2026-04-17 | 4.3 Medium | ||
| The cms-fuer-motorrad-werkstaetten plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.0.0. This is due to missing nonce validation on all eight AJAX deletion handlers: vehicles_cfmw_d_vehicle, contacts_cfmw_d_contact, suppliers_cfmw_d_supplier, receipts_cfmw_d_receipt, positions_cfmw_d_position, catalogs_cfmw_d_article, stock_cfmw_d_item, and settings_cfmw_d_catalog. None of these handlers call check_ajax_referer() or wp_verify_nonce(), nor do they perform any capability checks via current_user_can(). This makes it possible for unauthenticated attackers to delete arbitrary vehicles, contacts, suppliers, receipts, positions, catalog articles, stock items, or entire supplier catalogs via a forged request, provided they can trick a logged-in user into performing an action such as clicking a link to a malicious page. | ||||
| CVE-2026-33392 | 1 Jetbrains | 1 Youtrack | 2026-04-17 | 7.2 High |
| In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass | ||||
| CVE-2026-6494 | 1 Redhat | 1 Ansible Automation Platform | 2026-04-17 | 5.3 Medium |
| A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially crafted input to the `toolsetroute` parameter. This parameter is not properly sanitized before being written to logs, allowing the attacker to inject control characters such as newlines and ANSI escape sequences. This enables the attacker to obscure legitimate log entries and insert forged ones, which could facilitate social engineering attacks, potentially leading to an operator executing dangerous commands or visiting malicious URLs. | ||||
| CVE-2026-6439 | 2026-04-17 | 4.4 Medium | ||
| The VideoZen plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.1. This is due to insufficient input sanitization and output escaping in the videozen_conf() function. The 'lang' POST parameter is stored directly via update_option() without any sanitization, and later echoed inside a <textarea> element without applying esc_textarea() or any equivalent escaping function. This makes it possible for authenticated attackers with Administrator-level access and above to inject arbitrary web scripts into the plugin settings page that will execute whenever any user accesses that page. | ||||
| CVE-2026-23778 | 2026-04-17 | 7.2 High | ||
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to gain root-level access. | ||||