Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-35211 |
6.5 (3.1)
|
OpenCTI: Elasticsearch Painless Script Injection via G… |
OpenCTI-Platform |
opencti |
2026-07-08T21:08:27.097Z | 2026-07-08T21:08:27.097Z |
| CVE-2026-35210 |
7.1 (3.1)
|
OpenCTI: Authorization Bypass via `synchronized-upsert… |
OpenCTI-Platform |
opencti |
2026-07-08T21:06:02.349Z | 2026-07-08T21:06:02.349Z |
| CVE-2026-54528 |
7.1 (3.1)
|
jupyterlab-git excluded_paths Case-Sensitivity Bypass … |
jupyterlab |
jupyterlab-git |
2026-07-08T21:04:18.613Z | 2026-07-08T21:04:18.613Z |
| CVE-2026-54527 |
9.3 (4.0)
|
JupyterLab Git: Stored XSS leading to RCE |
jupyterlab |
jupyterlab-git |
2026-07-08T21:03:01.698Z | 2026-07-08T21:03:01.698Z |
| CVE-2026-60105 |
7.7 (4.0)
8.6 (3.1)
|
Monsta FTP < 2.14.5 SSRF via IPv4-Mapped IPv6 Address Bypass |
Monsta Limited of New Zealand |
Monsta FTP |
2026-07-08T21:02:37.204Z | 2026-07-08T21:02:37.204Z |
| CVE-2026-11610 |
8.8 (3.1)
|
389-ds-base: 389-ds-base: heap buffer overflow in sasl… |
389ds |
389-ds-base |
2026-07-07T09:17:36.519Z | 2026-07-08T21:02:28.863Z |
| CVE-2026-59818 |
6.5 (3.1)
|
etcd: gRPC client listener does not enforce `--client-… |
etcd-io |
etcd |
2026-07-08T21:00:18.207Z | 2026-07-08T21:00:18.207Z |
| CVE-2026-58191 |
6.5 (3.1)
|
Appium: Reflected XSS / arbitrary JS in @appium/base-d… |
appium |
appium |
2026-07-08T20:57:43.237Z | 2026-07-08T20:57:43.237Z |
| CVE-2026-58192 |
8.6 (3.1)
|
Appium: Unauthenticated arbitrary file/directory delet… |
appium |
appium |
2026-07-08T20:56:30.810Z | 2026-07-08T20:56:30.810Z |
| CVE-2026-15166 |
5.5 (3.1)
|
Stack-based Buffer Overflow in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:55:55.070Z | 2026-07-08T20:55:55.070Z |
| CVE-2026-57481 |
2.3 (4.0)
|
Parse Server: LiveQuery discloses object data to a sub… |
parse-community |
parse-server |
2026-07-08T20:54:55.923Z | 2026-07-08T20:54:55.923Z |
| CVE-2026-57480 |
8.7 (4.0)
|
Parse Server: Denial of service via exponential-time p… |
parse-community |
parse-server |
2026-07-08T20:53:21.307Z | 2026-07-08T20:53:21.307Z |
| CVE-2026-15174 |
5.5 (3.1)
|
Heap-based Buffer Overflow in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:51:25.274Z | 2026-07-08T20:51:25.274Z |
| CVE-2026-15172 |
5.5 (3.1)
|
Unchecked Input for Loop Condition in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:51:20.287Z | 2026-07-08T20:51:20.287Z |
| CVE-2026-15173 |
4.7 (3.1)
|
Heap-based Buffer Overflow in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:51:15.275Z | 2026-07-08T20:51:15.275Z |
| CVE-2026-15171 |
5.5 (3.1)
|
NULL Pointer Dereference in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:51:10.283Z | 2026-07-08T20:51:10.283Z |
| CVE-2026-15169 |
5.5 (3.1)
|
Heap-based Buffer Overflow in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:51:05.273Z | 2026-07-08T20:51:05.273Z |
| CVE-2026-15167 |
7.5 (3.1)
|
Stack-based Buffer Overflow in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:51:00.295Z | 2026-07-08T20:51:00.295Z |
| CVE-2026-55778 |
2.1 (4.0)
|
Parse Server: Stored XSS via non-standard file extensi… |
parse-community |
parse-server |
2026-07-08T20:50:52.531Z | 2026-07-08T20:50:52.531Z |
| CVE-2026-15170 |
5.5 (3.1)
|
Heap-based Buffer Overflow in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:50:50.275Z | 2026-07-08T20:50:50.275Z |
| CVE-2026-15165 |
5.5 (3.1)
|
Heap-based Buffer Overflow in Wireshark |
Wireshark Foundation |
Wireshark |
2026-07-08T20:50:45.283Z | 2026-07-08T20:50:45.283Z |
| CVE-2026-15163 |
5.5 (3.1)
|
Loop with Unreachable Exit Condition ('Infinite Loop')… |
Wireshark Foundation |
Wireshark |
2026-07-08T20:50:40.278Z | 2026-07-08T20:50:40.278Z |
| CVE-2026-15164 |
5.5 (3.1)
|
Heap-based Buffer Overflow in ciscodump |
Wireshark Foundation |
ciscodump |
2026-07-08T20:50:35.393Z | 2026-07-08T20:50:35.393Z |
| CVE-2025-12506 |
3.5 (3.1)
|
Use of Incorrectly-Resolved Name or Reference in GitLab |
GitLab |
GitLab |
2026-07-08T20:47:28.863Z | 2026-07-08T20:47:28.863Z |
| CVE-2026-49866 |
7.5 (3.1)
|
libp2p: CPU DoS via oversized IHAVE and IWANT control … |
libp2p |
js-libp2p |
2026-07-08T20:47:09.051Z | 2026-07-08T20:47:09.051Z |
| CVE-2026-6352 |
2.7 (3.1)
|
Incorrect Authorization in GitLab |
GitLab |
GitLab |
2026-07-08T20:46:43.862Z | 2026-07-08T20:46:43.862Z |
| CVE-2026-6896 |
8.7 (3.1)
|
Improper Neutralization of Input During Web Page Gener… |
GitLab |
GitLab |
2026-07-08T20:46:38.858Z | 2026-07-08T20:46:38.858Z |
| CVE-2026-7492 |
4.3 (3.1)
|
Missing Authorization in GitLab |
GitLab |
GitLab |
2026-07-08T20:46:33.861Z | 2026-07-08T20:46:33.861Z |
| CVE-2026-8472 |
4.3 (3.1)
|
Missing Authorization in GitLab |
GitLab |
GitLab |
2026-07-08T20:46:28.855Z | 2026-07-08T20:46:28.855Z |
| CVE-2026-11827 |
4.9 (3.1)
|
Insufficiently Protected Credentials in GitLab |
GitLab |
GitLab |
2026-07-08T20:46:23.863Z | 2026-07-08T20:46:23.863Z |