Export limit exceeded: 347341 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 43438 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43438 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2192 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2026-04-17 | 7.2 High |
| A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.start_time/sys.schedulereboot.end_time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-2202 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-04-17 | 8.8 High |
| A vulnerability was detected in Tenda AC8 16.03.33.05. Affected is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet of the component httpd. The manipulation of the argument shareSpeed results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-2203 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-04-17 | 8.8 High |
| A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-2215 | 1 Rachelos | 1 Werss We-mp-rss | 2026-04-17 | 3.7 Low |
| A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of the argument SECRET_KEY results in use of default cryptographic key. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit is now public and may be used. | ||||
| CVE-2026-1868 | 1 Gitlab | 1 Ai-gateway | 2026-04-17 | 9.9 Critical |
| GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 in which AI Gateway was vulnerable to insecure template expansion of user supplied data via crafted Duo Agent Platform Flow definitions. This vulnerability could be used to cause Denial of Service or gain code execution on the Gateway. This has been fixed in versions 18.6.2, 18.7.1, and 18.8.1 of the GitLab AI Gateway. | ||||
| CVE-2026-22903 | 1 Wago | 2 0852-1322, 0852-1328 | 2026-04-17 | 9.8 Critical |
| An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the modified lighttpd server, causing it to crash and potentially enabling remote code execution due to missing stack protections. | ||||
| CVE-2026-22904 | 1 Wago | 2 0852-1322, 0852-1328 | 2026-04-17 | 9.8 Critical |
| Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution. | ||||
| CVE-2026-29063 | 1 Immutable-js | 2 Immutable, Immutable-js | 2026-04-17 | 9.8 Critical |
| Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in immutable via the mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject() APIs. This issue has been patched in versions 3.8.3, 4.3.7, and 5.1.5. | ||||
| CVE-2026-2240 | 1 Janet-lang | 1 Janet | 2026-04-17 | 3.3 Low |
| A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted element is the function janetc_pop_funcdef of the file src/core/compile.c. Such manipulation leads to out-of-bounds read. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The name of the patch is 4dd08a4cdef5b1c42d9a2c19fc24412e97ef51d5. A patch should be applied to remediate this issue. | ||||
| CVE-2026-24684 | 1 Freerdp | 1 Freerdp | 2026-04-17 | 7.5 High |
| FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave. This vulnerability is fixed in 3.22.0. | ||||
| CVE-2026-25479 | 2 Litestar, Litestar-org | 2 Litestar, Litestar | 2026-04-17 | 6.5 Medium |
| Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.20.0, in litestar.middleware.allowed_hosts, allowlist entries are compiled into regex patterns in a way that allows regex metacharacters to retain special meaning (e.g., . matches any character). This enables a bypass where an attacker supplies a host that matches the regex but is not the intended literal hostname. This vulnerability is fixed in 2.20.0. | ||||
| CVE-2026-2246 | 1 Aprilrobotics | 1 Apriltag | 2026-04-17 | 3.3 Low |
| A security vulnerability has been detected in AprilRobotics apriltag up to 3.4.5. Affected by this vulnerability is the function apriltag_detector_detect of the file apriltag.c. The manipulation leads to memory corruption. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The identifier of the patch is cfac2f5ce1ffe2de25967eb1ab80bc5d99fc1a61. It is suggested to install a patch to address this issue. | ||||
| CVE-2026-34238 | 1 Imagemagick | 1 Imagemagick | 2026-04-17 | 5.1 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a heap buffer overflow on 32-bit builds that will result in an out of bounds write. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. | ||||
| CVE-2026-33899 | 1 Imagemagick | 1 Imagemagick | 2026-04-17 | 5.3 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when `Magick` parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. | ||||
| CVE-2026-33900 | 1 Imagemagick | 1 Imagemagick | 2026-04-17 | 5.9 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write, potentially causing a crash. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. | ||||
| CVE-2026-25639 | 1 Axios | 1 Axios | 2026-04-17 | 7.5 High |
| Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5. | ||||
| CVE-2026-25889 | 1 Filebrowser | 1 Filebrowser | 2026-04-17 | 5.4 Medium |
| File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, a case-sensitivity flaw in the password validation logic allows any authenticated user to change their password (or an admin to change any user's password) without providing the current password. By using Title Case field name "Password" instead of lowercase "password" in the API request, the current_password verification is completely bypassed. This enables account takeover if an attacker obtains a valid JWT token through XSS, session hijacking, or other means. This vulnerability is fixed in 2.57.1. | ||||
| CVE-2026-25920 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2026-04-17 | 5.5 Medium |
| SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, a heap out-of-bounds read vulnerability exists in SumatraPDF's MOBI HuffDic decompressor. The bounds check in AddCdicData() only validates half the range that DecodeOne() actually accesses. Opening a crafted .mobi file can read nearly (1 << codeLength) bytes beyond the CDIC dictionary buffer, leading to a crash. | ||||
| CVE-2026-25951 | 1 Frangoteam | 1 Fuxa | 2026-04-17 | 7.2 High |
| FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protections. By using nested traversal sequences (e.g., ....//), an attacker can write arbitrary files to the server filesystem, including sensitive directories like runtime/scripts. This leads to Remote Code Execution (RCE) when the server reloads the malicious scripts. This vulnerability is fixed in 1.2.11. | ||||
| CVE-2026-25894 | 1 Frangoteam | 1 Fuxa | 2026-04-17 | 9.8 Critical |
| FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is enabled, but the administrator JWT secret is not configured. This issue has been patched in FUXA version 1.2.10. | ||||