Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-9212 |
5.6 (4.0)
|
Insufficient authentication and input validation in ceā¦ |
NETGEAR |
LBR1020 |
2026-06-09T15:50:53.044Z | 2026-06-11T05:03:05.236Z |
| CVE-2026-40985 |
6.4 (3.1)
|
Data Binding Vulnerability in Spring Web Flow with Uniā¦ |
Spring |
Spring Web Flow |
2026-06-11T05:02:53.887Z | 2026-06-11T05:02:53.887Z |
| CVE-2026-49760 |
6.9 (4.0)
|
Stack Buffer Overflow in ei_s_print_term at Very Largeā¦ |
Erlang |
OTP |
2026-06-10T14:35:36.804Z | 2026-06-11T04:45:57.427Z |
| CVE-2026-49759 |
8.8 (4.0)
|
Stack buffer overflow in SCTP error cause parsing in iā¦ |
Erlang |
OTP |
2026-06-10T14:35:38.838Z | 2026-06-11T04:45:45.953Z |
| CVE-2026-48860 |
7.5 (4.0)
|
Distribution-over-TLS LAN allowlist silently bypassed ā¦ |
Erlang |
OTP |
2026-06-10T14:35:49.987Z | 2026-06-11T04:45:42.753Z |
| CVE-2026-48858 |
6.3 (4.0)
|
ftp client PASV response IP not validated against contā¦ |
Erlang |
OTP |
2026-06-10T14:35:45.466Z | 2026-06-11T04:45:36.460Z |
| CVE-2026-48856 |
7.1 (4.0)
|
httpc leaks Authorization header to cross-origin redirā¦ |
Erlang |
OTP |
2026-06-10T14:41:51.616Z | 2026-06-11T04:45:35.836Z |
| CVE-2026-48859 |
6.3 (4.0)
|
SSH server timing side-channel in ssh_auth:check_passwā¦ |
Erlang |
OTP |
2026-06-10T14:35:43.553Z | 2026-06-11T04:45:32.938Z |
| CVE-2026-48855 |
2.3 (4.0)
|
SFTP READLINK Leaks Absolute Backend Filesystem Path Wā¦ |
Erlang |
OTP |
2026-06-10T14:35:49.683Z | 2026-06-11T04:45:29.864Z |
| CVE-2026-46614 |
9.8 (3.1)
|
Fission router exposes /fission-function/<ns>/<name> oā¦ |
fission |
fission |
2026-06-10T17:19:21.691Z | 2026-06-11T03:55:42.785Z |
| CVE-2026-1220 |
7.5 (3.1)
|
Race in V8 in Google Chrome prior to 144.0.7559.9ā¦ |
Google |
Chrome |
2026-06-10T19:39:42.115Z | 2026-06-11T03:55:41.658Z |
| CVE-2026-20253 |
9.8 (3.1)
|
Unauthenticated Arbitrary File Creation and Truncationā¦ |
Splunk |
Splunk Enterprise |
2026-06-10T17:16:21.242Z | 2026-06-11T03:55:40.574Z |
| CVE-2026-20251 |
8.8 (3.1)
|
Remote Code Execution through Deserialization of Untruā¦ |
Splunk |
Splunk Enterprise |
2026-06-10T17:16:00.352Z | 2026-06-11T03:55:39.372Z |
| CVE-2026-41717 |
8.1 (3.1)
|
Spring Data MongoDB - SpEL Expression Injection via Anā¦ |
Spring |
Spring Data MongoDB |
2026-06-09T23:48:38.290Z | 2026-06-11T03:55:38.286Z |
| CVE-2026-41729 |
8.1 (3.1)
|
Spring Data REST SpEL Injection via Map Key in JSON Patch |
Spring |
Spring Data REST |
2026-06-09T23:49:17.014Z | 2026-06-11T03:55:37.180Z |
| CVE-2026-0273 |
6.1 (4.0)
5.7 (4.0)
|
PAN-OS: Authenticated Admin Command Injection Vulnerabā¦ |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T21:01:45.198Z | 2026-06-11T03:55:36.051Z |
| CVE-2026-0272 |
6 (4.0)
5.6 (4.0)
|
PAN-OS: Privilege Escalation (PE) Vulnerability in theā¦ |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T21:01:10.714Z | 2026-06-11T03:55:34.909Z |
| CVE-2026-9151 |
8.5 (4.0)
|
Command Injection Vulnerability in OpenVPN on Multipleā¦ |
TP-Link Systems Inc. |
Archer AX12 V1 |
2026-06-10T17:10:10.842Z | 2026-06-11T03:55:33.812Z |
| CVE-2026-53435 |
8.8 (3.1)
|
In Jenkins 2.567 and earlier, LTS 2.555.2 and earā¦ |
Jenkins Project |
Jenkins |
2026-06-10T13:05:57.208Z | 2026-06-11T03:55:32.661Z |
| CVE-2026-46432 |
7.8 (3.1)
|
LMDeploy: Arbitrary code execution via hardcoded trustā¦ |
InternLM |
lmdeploy |
2026-06-09T23:05:38.876Z | 2026-06-11T03:55:31.478Z |
| CVE-2026-46517 |
7.8 (3.1)
|
LMDeploy: Hardcoded trust_remote_code=True is an impliā¦ |
InternLM |
lmdeploy |
2026-06-09T23:05:43.966Z | 2026-06-11T03:55:30.372Z |
| CVE-2025-10237 |
8.4 (4.0)
6.7 (3.1)
|
During an internal security assessment, a potentiā¦ |
Lenovo |
X13 Gen 6 (Type 21RK, 21RL) Laptops (ThinkPad) BIOS |
2026-06-10T14:10:56.181Z | 2026-06-11T03:55:29.206Z |
| CVE-2025-10238 |
8.4 (4.0)
6.7 (3.1)
|
During an internal security assessment, aĀ potentiā¦ |
Lenovo |
X13 Gen 6 (Type 21RK, 21RL) Laptops (ThinkPad) BIOS |
2026-06-10T14:11:21.336Z | 2026-06-11T03:55:27.982Z |
| CVE-2026-47838 |
6.8 (3.1)
|
Unauthorized User Impersonation when Using X.509 Clienā¦ |
Spring |
Spring Security |
2026-06-09T23:50:07.988Z | 2026-06-11T03:55:26.845Z |
| CVE-2025-66273 |
8.6 (4.0)
|
QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:04:39.973Z | 2026-06-11T03:55:25.759Z |
| CVE-2025-66279 |
8.6 (4.0)
|
QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:05:38.333Z | 2026-06-11T03:55:24.593Z |
| CVE-2026-22893 |
8.6 (4.0)
|
QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:06:34.562Z | 2026-06-11T03:55:23.448Z |
| CVE-2026-24719 |
8.6 (4.0)
|
QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:14:52.892Z | 2026-06-11T03:55:22.349Z |
| CVE-2026-49841 |
9.8 (3.1)
|
FreeSWITCH: Pre-authentication heap buffer overflow inā¦ |
signalwire |
freeswitch |
2026-06-09T16:02:24.116Z | 2026-06-11T03:55:21.275Z |
| CVE-2026-47932 |
8.8 (3.1)
|
ColdFusion | Improper Limitation of a Pathname to a Reā¦ |
Adobe |
ColdFusion |
2026-06-09T20:33:38.062Z | 2026-06-11T03:55:20.177Z |