Export limit exceeded: 343798 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343798 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-34841 | 1 Usebruno | 1 Bruno | 2026-04-08 | 9.8 Critical |
| Bruno is an open source IDE for exploring and testing APIs. Prior to 3.2.1, Bruno was affected by a supply chain attack involving compromised versions of the axios npm package, which introduced a hidden dependency deploying a cross-platform Remote Access Trojan (RAT). Users of @usebruno/cli who ran npm install between 00:21 UTC and ~03:30 UTC on March 31, 2026 may have been impacted. Upgrade to 3.2.1 | ||||
| CVE-2026-4656 | 2026-04-07 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2026-20632 | 1 Apple | 1 Macos | 2026-04-07 | 5.3 Medium |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data. | ||||
| CVE-2026-4519 | 1 Python | 1 Cpython | 2026-04-07 | 7.1 High |
| The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to webbrowser.open(). | ||||
| CVE-2026-3644 | 1 Python | 1 Cpython | 2026-04-07 | 5.4 Medium |
| The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output(). | ||||
| CVE-2026-2297 | 1 Python | 1 Cpython | 2026-04-07 | 3.3 Low |
| The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does not use io.open_code() to read the .pyc files. sys.audit handlers for this audit event therefore do not fire. | ||||
| CVE-2025-13462 | 1 Python | 1 Cpython | 2026-04-07 | N/A |
| The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations. | ||||
| CVE-2026-28844 | 1 Apple | 1 Macos | 2026-04-07 | 6.5 Medium |
| A file access issue was addressed with improved input validation. This issue is fixed in macOS Tahoe 26.4. An attacker may gain access to protected parts of the file system. | ||||
| CVE-2026-35540 | 1 Roundcube | 1 Webmail | 2026-04-07 | 5.4 Medium |
| An issue was discovered in Roundcube Webmail 1.6.0 before 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. | ||||
| CVE-2026-35545 | 1 Roundcube | 1 Webmail | 2026-04-07 | 5.3 Medium |
| An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke. | ||||
| CVE-2026-3566 | 2026-04-07 | N/A | ||
| After further discussion, the issue was determined to not meet the criteria for CVE assignment. | ||||
| CVE-2026-35459 | 1 Pyload | 1 Pyload | 2026-04-07 | 9.1 Critical |
| pyLoad is a free and open-source download manager written in Python. In 0.5.0b3.dev96 and earlier, pyLoad has a server-side request forgery (SSRF) vulnerability. The fix for CVE-2026-33992 added IP validation to BaseDownloader.download() that checks the hostname of the initial download URL. However, pycurl is configured with FOLLOWLOCATION=1 and MAXREDIRS=10, causing it to automatically follow HTTP redirects. Redirect targets are never validated against the SSRF filter. An authenticated user with ADD permission can bypass the SSRF fix by submitting a URL that redirects to an internal address. | ||||
| CVE-2026-35184 | 1 Phili67 | 1 Ecclesiacrm | 2026-04-07 | 9.8 Critical |
| EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom and value parameters. This vulnerability is fixed in 8.0.0. | ||||
| CVE-2026-5683 | 1 Tenda | 1 Cx12l | 2026-04-07 | 5.5 Medium |
| A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used. | ||||
| CVE-2026-35203 | 1 Zlmediakit | 1 Zlmediakit | 2026-04-07 | 7.5 High |
| ZLMediaKit is a streaming media service framework. the VP9 RTP payload parser in ext-codec/VP9Rtp.cpp reads multiple fields from the RTP payload based on flag bits in the first byte, without verifying that sufficient data exists in the buffer. A crafted VP9 RTP packet with a 1-byte payload (0xFF, all flags set) causes the parser to read past the end of the allocated buffer, resulting in a heap-buffer-overflow. This vulnerability is fixed with commit 435dcbcbbf700fd63b2ca9eac6cef3b5ea75169d. | ||||
| CVE-2026-34510 | 1 Openclaw | 1 Openclaw | 2026-04-07 | 5.3 Medium |
| OpenClaw before 2026.3.22 contains a path traversal vulnerability in Windows media loaders that accepts remote-host file URLs and UNC-style paths before local-path validation. Attackers can exploit this by providing network-hosted file targets that are treated as local content, bypassing intended access restrictions. | ||||
| CVE-2026-3989 | 1 Sglang | 1 Sglang | 2026-04-07 | 7.8 High |
| SGLangs `replay_request_dump.py` contains an insecure pickle.load() without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script. | ||||
| CVE-2026-3060 | 2 Lmsys, Sglang | 2 Sglang, Sglang | 2026-04-07 | 9.8 Critical |
| SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads() without authentication. | ||||
| CVE-2026-3059 | 2 Lmsys, Sglang | 2 Sglang, Sglang | 2026-04-07 | 9.8 Critical |
| SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication. | ||||
| CVE-2026-35566 | 2026-04-07 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-39319. Reason: This candidate is a duplicate of CVE-2026-39319. Notes: All CVE users should reference CVE-2026-39319 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.another CVE. | ||||