Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-48855 |
2.3 (4.0)
|
SFTP READLINK Leaks Absolute Backend Filesystem Path W… |
Erlang |
OTP |
2026-06-10T14:35:49.683Z | 2026-06-11T04:45:29.864Z |
| CVE-2026-46614 |
9.8 (3.1)
|
Fission router exposes /fission-function/<ns>/<name> o… |
fission |
fission |
2026-06-10T17:19:21.691Z | 2026-06-11T03:55:42.785Z |
| CVE-2026-1220 |
7.5 (3.1)
|
Race in V8 in Google Chrome prior to 144.0.7559.9… |
Google |
Chrome |
2026-06-10T19:39:42.115Z | 2026-06-11T03:55:41.658Z |
| CVE-2026-20253 |
9.8 (3.1)
|
Unauthenticated Arbitrary File Creation and Truncation… |
Splunk |
Splunk Enterprise |
2026-06-10T17:16:21.242Z | 2026-06-11T03:55:40.574Z |
| CVE-2026-20251 |
8.8 (3.1)
|
Remote Code Execution through Deserialization of Untru… |
Splunk |
Splunk Enterprise |
2026-06-10T17:16:00.352Z | 2026-06-11T03:55:39.372Z |
| CVE-2026-41717 |
8.1 (3.1)
|
Spring Data MongoDB - SpEL Expression Injection via An… |
Spring |
Spring Data MongoDB |
2026-06-09T23:48:38.290Z | 2026-06-11T03:55:38.286Z |
| CVE-2026-41729 |
8.1 (3.1)
|
Spring Data REST SpEL Injection via Map Key in JSON Patch |
Spring |
Spring Data REST |
2026-06-09T23:49:17.014Z | 2026-06-11T03:55:37.180Z |
| CVE-2026-0273 |
6.1 (4.0)
5.7 (4.0)
|
PAN-OS: Authenticated Admin Command Injection Vulnerab… |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T21:01:45.198Z | 2026-06-11T03:55:36.051Z |
| CVE-2026-0272 |
6 (4.0)
5.6 (4.0)
|
PAN-OS: Privilege Escalation (PE) Vulnerability in the… |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T21:01:10.714Z | 2026-06-11T03:55:34.909Z |
| CVE-2026-9151 |
8.5 (4.0)
|
Command Injection Vulnerability in OpenVPN on Multiple… |
TP-Link Systems Inc. |
Archer AX12 V1 |
2026-06-10T17:10:10.842Z | 2026-06-11T03:55:33.812Z |
| CVE-2026-53435 |
8.8 (3.1)
|
In Jenkins 2.567 and earlier, LTS 2.555.2 and ear… |
Jenkins Project |
Jenkins |
2026-06-10T13:05:57.208Z | 2026-06-11T03:55:32.661Z |
| CVE-2026-46432 |
7.8 (3.1)
|
LMDeploy: Arbitrary code execution via hardcoded trust… |
InternLM |
lmdeploy |
2026-06-09T23:05:38.876Z | 2026-06-11T03:55:31.478Z |
| CVE-2026-46517 |
7.8 (3.1)
|
LMDeploy: Hardcoded trust_remote_code=True is an impli… |
InternLM |
lmdeploy |
2026-06-09T23:05:43.966Z | 2026-06-11T03:55:30.372Z |
| CVE-2025-10237 |
8.4 (4.0)
6.7 (3.1)
|
During an internal security assessment, a potenti… |
Lenovo |
X13 Gen 6 (Type 21RK, 21RL) Laptops (ThinkPad) BIOS |
2026-06-10T14:10:56.181Z | 2026-06-11T03:55:29.206Z |
| CVE-2025-10238 |
8.4 (4.0)
6.7 (3.1)
|
During an internal security assessment, a potenti… |
Lenovo |
X13 Gen 6 (Type 21RK, 21RL) Laptops (ThinkPad) BIOS |
2026-06-10T14:11:21.336Z | 2026-06-11T03:55:27.982Z |
| CVE-2026-47838 |
6.8 (3.1)
|
Unauthorized User Impersonation when Using X.509 Clien… |
Spring |
Spring Security |
2026-06-09T23:50:07.988Z | 2026-06-11T03:55:26.845Z |
| CVE-2025-66273 |
8.6 (4.0)
|
QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:04:39.973Z | 2026-06-11T03:55:25.759Z |
| CVE-2025-66279 |
8.6 (4.0)
|
QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:05:38.333Z | 2026-06-11T03:55:24.593Z |
| CVE-2026-22893 |
8.6 (4.0)
|
QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:06:34.562Z | 2026-06-11T03:55:23.448Z |
| CVE-2026-24719 |
8.6 (4.0)
|
QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:14:52.892Z | 2026-06-11T03:55:22.349Z |
| CVE-2026-49841 |
9.8 (3.1)
|
FreeSWITCH: Pre-authentication heap buffer overflow in… |
signalwire |
freeswitch |
2026-06-09T16:02:24.116Z | 2026-06-11T03:55:21.275Z |
| CVE-2026-47932 |
8.8 (3.1)
|
ColdFusion | Improper Limitation of a Pathname to a Re… |
Adobe |
ColdFusion |
2026-06-09T20:33:38.062Z | 2026-06-11T03:55:20.177Z |
| CVE-2026-47929 |
8.4 (3.1)
|
ColdFusion | Incorrect Authorization (CWE-863) |
Adobe |
ColdFusion |
2026-06-09T20:33:38.859Z | 2026-06-11T03:55:19.071Z |
| CVE-2026-47928 |
9.6 (3.1)
|
ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:36.440Z | 2026-06-11T03:55:17.985Z |
| CVE-2026-47931 |
8.4 (3.1)
|
ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:35.611Z | 2026-06-11T03:55:16.897Z |
| CVE-2026-47930 |
8.1 (3.1)
|
ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:34.756Z | 2026-06-11T03:55:15.464Z |
| CVE-2026-35273 |
9.8 (3.1)
|
Vulnerability in the PeopleSoft Enterprise People… |
Oracle Corporation |
PeopleSoft Enterprise PeopleTools |
2026-06-11T02:25:15.375Z | 2026-06-11T03:08:03.789Z |
| CVE-2026-2827 |
4.7 (3.1)
|
Open User Map PRO <= 1.4.31 - Unauthenticated Stored C… |
100plugins |
Open User Map PRO |
2026-06-11T01:27:56.479Z | 2026-06-11T01:27:56.479Z |
| CVE-2022-48575 |
3.5 (3.1)
|
A person with access to a Mac may be able to bypa… |
Apple |
macOS Monterey |
2026-06-10T20:09:04.767Z | 2026-06-11T00:25:13.286Z |
| CVE-2022-26758 |
7.1 (3.1)
|
A malicious application may cause unexpected chan… |
Apple |
macOS Monterey |
2026-06-10T20:09:03.837Z | 2026-06-11T00:23:14.636Z |