CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-52196
High

A buffer overflow vulnerability has been discovered in the UTT nv518G router running firmware version nv518GV3v3.2.7-210919-161313. A remote attacker can exploit the gohead/sub_416f28 component to cause a denial of service (DoS).

CVE-2026-50254
High

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it.

CVE-2026-50003
Critical

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths.

CVE-2026-37106
Critical

An issue in DokuWiki 2025-05-14b 'Librarian' 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. The supplier disputes this as a vulnerability, stating it is intentional behavior when self-registration is enabled (a non-default feature).

CVE-2026-35505
High

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart.

CVE-2026-11541
High

IBM WebSphere Application Server 9.0, 8.5 and Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability. This flaw allows an attacker to manipulate HTTP headers to bypass security controls.

CVE-2026-10585
Medium

A stored cross-site scripting vulnerability was found in GitHub Enterprise Server, allowing an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a malicious payload into the title of a Discussion in the Q&A category. The AnsweredQuestionStructuredDataComponent failed to escape user-controlled Discussion titles before embedding them in a <script type="application/ld+json"> block, enabling breakout from the script context. The attack was escalated to full XSS by leveraging JSONP callback support in the REST API to bypass Content Security Policy.

CVE-2026-9132
Medium

A missing authorization vulnerability in GitHub Enterprise Server allowed an authenticated user to read source code from private repositories they did not have access to via the Copilot pull request description diff summary endpoint. The vulnerability affects all versions prior to 3.21 and was fixed in versions 3.17.17, 3.18.11, 3.19.8, and 3.20.4.

CVE-2026-9106
Medium

A UI misrepresentation vulnerability in GitHub Enterprise Server allowed an OAuth application to gain unintended access to an organization's runner management. The issue occurred because the manage_runners:org scope was not displayed on the authorization consent screen, enabling an attacker to trick a user into authorizing a malicious app.

CVE-2026-44628
High

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record.

CVE-2026-13207
High

FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by prefixing paths with dot-segments such as /api/./users, /api/./roles, and /api/project/../users. These requests bypass authentication checks and return sensitive user and role data without credentials.

CVE-2026-11594
High

IBM WebSphere Application Server 9.0 and 8.5 is affected by a cross-site scripting vulnerability in the administrative console. This allows an attacker to inject malicious scripts into the server management interface.

CVE-2026-10562
Medium

An unauthenticated URL redirection vulnerability has been identified in Archer AX20 V2 due to improper validation of user-supplied URL input within the web interface. An unauthenticated attacker can craft URLs containing URL-encoded path traversal sequences, which when processed by the embedded web server may cause the device to respond with HTTP 3xx redirects to attacker-controlled external domains.

CVE-2025-36359
High

The vulnerability in IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration. This allows an authenticated user to impersonate another user on the system.

CVE-2025-36336
Medium

IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 transmit data in clear text, allowing an attacker to obtain sensitive information using man-in-the-middle techniques.

CVE-2025-36333
Medium

A vulnerability in IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 allows an authenticated user to perform unauthorized actions due to improper enforcement of behavioral workflow.

CVE-2025-36328
Medium

A vulnerability in IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 allows a remote attacker to obtain sensitive information through detailed error messages returned in the browser. This information could be used in further attacks against the system.

CVE-2025-36327
Medium

A vulnerability in IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 allows an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of server-side security.

CVE-2025-36324
Medium

IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 are vulnerable to server-side request forgery (SSRF). An authenticated attacker can send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

CVE-2025-36323
Medium

Cross-site scripting vulnerability in IBM watsonx.data intelligence allows an authenticated user to embed arbitrary JavaScript code in the Web UI, potentially leading to credential disclosure within a trusted session.

PreviousPage 102 of 4530Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS