Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-52907 |
7.8 (3.1)
|
media: rockchip: rkcif: fix off by one bugs |
Linux |
Linux |
2026-06-09T12:36:04.617Z | 2026-06-14T18:09:46.770Z |
| CVE-2026-52935 |
7.8 (3.1)
|
xfrm: espintcp: do not reuse an in-progress partial send |
Linux |
Linux |
2026-06-24T07:14:25.988Z | 2026-06-28T06:36:56.763Z |
| CVE-2026-52936 |
N/A
|
crypto: jitterentropy - replace long-held spinlock wit… |
Linux |
Linux |
2026-06-24T07:14:26.649Z | 2026-06-24T07:14:26.649Z |
| CVE-2026-52943 |
7.8 (3.1)
|
net: skbuff: fix missing zerocopy reference in pskb_ca… |
Linux |
Linux |
2026-06-24T09:00:12.292Z | 2026-07-07T12:05:03.334Z |
| CVE-2026-5724 |
6.3 (4.0)
|
Missing Authentication on Streaming gRPC Replication E… |
Temporal Technologies, Inc. |
temporal |
2026-04-10T21:06:31.788Z | 2026-07-08T19:20:28.034Z |
| CVE-2026-57676 |
4.3 (3.1)
|
WordPress Simple User Avatar plugin <= 4.9 - Insecure … |
Matteo Manna |
Simple User Avatar |
2026-06-29T08:19:51.896Z | 2026-07-08T19:42:22.691Z |
| CVE-2026-57572 |
10 (3.1)
|
Crawl4AI: Unauthenticated RCE via Chromium launch-argu… |
unclecode |
crawl4ai |
2026-07-06T20:16:21.597Z | 2026-07-08T19:42:13.954Z |
| CVE-2026-56346 |
6.9 (4.0)
6.5 (3.1)
|
AVideo - Unauthenticated PGP Message Decryption via de… |
AVideo |
AVideo |
2026-06-20T18:27:12.818Z | 2026-07-08T19:42:52.437Z |
| CVE-2026-54763 |
7.8 (4.0)
|
Traefik: headerField underscore-variant identity spoof… |
traefik |
traefik |
2026-07-06T20:33:36.059Z | 2026-07-08T19:42:06.759Z |
| CVE-2026-53641 |
4.8 (4.0)
|
FOSSBilling has stored XSS in client email views via u… |
FOSSBilling |
FOSSBilling |
2026-07-06T22:36:38.105Z | 2026-07-08T19:41:51.333Z |
| CVE-2026-50811 |
6.5 (3.1)
|
An out-of-bounds read vulnerability exists in Fre… |
n/a |
n/a |
2026-07-07T00:00:00.000Z | 2026-07-08T19:47:19.631Z |
| CVE-2026-50740 |
6.1 (3.0)
|
A missing sanitisation vulnerability of user inpu… |
Revive |
Adserver |
2026-06-26T01:11:14.295Z | 2026-07-08T19:42:43.574Z |
| CVE-2026-50263 |
5.5 (3.1)
|
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-se… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-06-05T10:36:46.377Z | 2026-07-08T19:27:15.420Z |
| CVE-2026-50262 |
5.5 (3.1)
|
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-se… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-06-05T10:36:43.916Z | 2026-07-08T19:27:14.070Z |
| CVE-2026-49763 |
9.8 (3.1)
|
WordPress Integration for Contact Form 7 HubSpot plugi… |
CRM Perks |
Integration for Contact Form 7 HubSpot |
2026-06-15T20:19:22.379Z | 2026-07-08T19:43:01.201Z |
| CVE-2026-49468 |
9.5 (4.0)
8.1 (3.1)
|
LiteLLM: Authentication Bypass via Host Header Injection |
BerriAI |
litellm |
2026-06-22T20:37:14.494Z | 2026-07-08T19:32:42.245Z |
| CVE-2026-48090 |
5.9 (3.1)
|
Envoy HTTP: OAuth2 filter late async token completion … |
envoyproxy |
envoy |
2026-06-26T18:03:05.257Z | 2026-07-08T19:42:34.188Z |
| CVE-2026-43918 |
8.7 (4.0)
|
Suspended or inactive FOSSBilling accounts can retain … |
FOSSBilling |
FOSSBilling |
2026-07-06T21:18:31.172Z | 2026-07-08T19:41:57.803Z |
| CVE-2026-34167 |
5 (3.1)
|
Coolify: Cross-tenant activity log disclosure via unlo… |
coollabsio |
coolify |
2026-07-06T21:28:24.046Z | 2026-07-08T19:43:19.741Z |
| CVE-2024-56141 |
5 (3.1)
|
Minosoft has IV equal to key |
Bixilon |
Minosoft |
2026-07-06T23:17:54.978Z | 2026-07-08T19:41:44.619Z |
| CVE-2026-14355 |
5.6 (3.1)
|
ext/openssl: Memory corruption in openssl_encrypt with… |
php |
php |
2026-07-03T20:57:31.958Z | 2026-07-06T13:57:58.387Z |
| CVE-2026-53482 |
7.5 (3.1)
|
Dell PowerProtect Data Domain, versions 7.7.1.0 t… |
Dell |
PowerProtect Data Domain |
2026-07-08T13:39:30.283Z | 2026-07-08T13:39:30.283Z |
| CVE-2026-53480 |
2.7 (3.1)
|
Dell PowerProtect Data Domain, versions 7.7.1.0 t… |
Dell |
PowerProtect Data Domain |
2026-07-08T13:44:45.485Z | 2026-07-08T14:29:57.118Z |
| CVE-2026-41122 |
7.1 (3.1)
|
Dell PowerProtect Data Domain, versions 7.7.1.0 t… |
Dell |
PowerProtect Data Domain |
2026-07-08T13:26:09.809Z | 2026-07-08T14:25:18.019Z |
| CVE-2026-49296 |
6.5 (3.1)
|
Apache Airflow: Per-DAG read bypass discloses co-locat… |
Apache Software Foundation |
Apache Airflow |
2026-07-07T09:18:12.369Z | 2026-07-07T13:28:17.894Z |
| CVE-2026-46327 |
7.8 (3.1)
|
dm: fix unlocked test for dm_suspended_md |
Linux |
Linux |
2026-06-09T12:25:54.781Z | 2026-06-14T04:30:25.673Z |
| CVE-2026-56086 |
8.8 (3.1)
|
Dell PowerProtect Data Domain, versions 7.7.1.0 t… |
Dell |
PowerProtect Data Domain |
2026-07-08T13:34:04.194Z | 2026-07-08T14:22:41.041Z |
| CVE-2026-53481 |
9.8 (3.1)
|
Dell PowerProtect Data Domain, versions 7.7.1.0 t… |
Dell |
PowerProtect Data Domain |
2026-07-07T13:02:37.613Z | 2026-07-08T03:56:41.732Z |
| CVE-2026-53479 |
7.2 (3.1)
|
Dell PowerProtect Data Domain, versions 7.7.1.0 t… |
Dell |
PowerProtect Data Domain |
2026-07-07T13:07:26.591Z | 2026-07-08T13:41:13.329Z |
| CVE-2026-53483 |
9.8 (3.1)
|
Dell PowerProtect Data Domain, versions 7.7.1.0 t… |
Dell |
PowerProtect Data Domain |
2026-07-07T12:57:07.708Z | 2026-07-08T03:56:40.966Z |