CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-47248
Medium

Parse Server prior to versions 8.6.78 and 9.9.1-alpha.2 discloses schema metadata through GraphQL validation-error messages, allowing unauthenticated users to reconstruct class and field names.

CVE-2026-47236
Medium

Solidtime is a time-tracking application that prior to version 0.12.2 had improperly configured permissions for the invitations and members API. Employees of the organization could access invitation email addresses and members, even though the API forbade them from doing so.

CVE-2026-42932
Medium

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Additionally, the platform exposes an endpoint that reveals the current identifier high-water mark, allowing for enumeration of the active fleet.

CVE-2026-41568
Medium

In Moby, versions prior to 2.0.0-beta.14 and Docker Engine prior to 29.5.1, a race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem.

CVE-2026-10715
Medium

Camaleon CMS version 2.9.2 contains an improper authorization vulnerability in the administrator draft autosave endpoint. A low-privileged authenticated user can send an arbitrary post_id to POST /admin/post_type/<POST_TYPE_ID>/drafts and overwrite the draft associated with another user's post.

CVE-2026-47225
Medium

Typesense, a typo-tolerant search engine, has a cache isolation issue affecting search requests that use server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across requests with different Scoped Search API Key constraints, leading to unintended disclosure of search results.

CVE-2026-47223
Medium

In NanaZip, from version 3.0.1000.0 to before version 6.0.1698.0, a heap out-of-bounds read exists in the Android Verified Boot (AVB) vbmeta image parser. A 32-bit unsigned integer overflow in the bounds check allows an attacker-controlled salt_len field to bypass validation.

CVE-2026-44173
Medium

A vulnerability in MariaDB allows SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without the required FILE privilege when the FROM clause contains only subqueries. Affected versions include 10.6.1 to 10.6.26, 10.11.1 to 10.11.17, 11.4.1 to 11.4.11, 11.8.1 to 11.8.7, and 12.3.1.

CVE-2026-44171
Medium

MariaDB server versions from 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1 had an issue with not checking for /../ in the path when unpacking the archive. A specially crafted archive could have caused mbstream to create files outside of the target-dir path.

CVE-2026-44169
Medium

In MariaDB versions from 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user with EXECUTE access to a stored routine could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been patched in versions 11.4.11, 11.8.7, and 12.3.2.

CVE-2026-7184
Medium

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, and 10.11.x <= 10.11.15 fail to sanitize the Remote Cluster API response on PATCH operations. This allows authenticated users with the {{manage_secure_connections}} permission to obtain remote cluster authentication tokens via a PATCH request to the remote cluster endpoint.

CVE-2026-6739
Medium

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, and 10.11.x <= 10.11.16 fail to require system-level permission when patching protected default system roles. This allows authenticated users with delegated user-management permissions to escalate privileges by altering built-in role permissions via the role patch API.

CVE-2026-6689
Medium

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, and 10.11.x <= 10.11.16 fail to enforce proper permissions when creating teams, allowing authenticated users with PermissionCreateTeam but without PermissionInviteUser to modify team invite settings.

CVE-2026-6046
Medium

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, and 10.11.x <= 10.11.16 fail to validate that a username returned during bot registration belongs to a bot account. This allows an unprivileged attacker to intercept private messages sent by plugins via direct message channels by pre-registering a user account with a predictable plugin bot username.

CVE-2026-53982
Medium

Cap-go Console versions below 12.28.2 contain a denial-of-service vulnerability in the account deletion flow that allows an attacker to block authentication and onboarding functions. The issue arises from incorrectly associating the deletion state with the device identifier, leading to redirection to an account-disabled page for approximately 30 days.

CVE-2026-47224
Medium

NanaZip, a derivative of 7-Zip, has a heap buffer-overflow read vulnerability in the LVM2 physical-volume metadata parser. This issue exists in versions from 3.0.1000.0 to before 6.0.1698.0 when opening a crafted LVM disk image.

CVE-2026-47222
Medium

In NanaZip, from version 3.0.1000.0 to before version 6.0.1698.0, a heap out-of-bounds read exists in the Android Verified Boot (AVB) vbmeta image parser. An attacker can exploit this vulnerability to cause a crash of the application when opening a crafted .avb or .img file.

CVE-2026-3433
Medium

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, and 10.11.x <= 10.11.15 and 10.11.x <= 10.11.16 fail to restrict 'role_updated' websocket event broadcasts to members of the affected team or channel. This allows an authenticated attacker with guest-level access to observe permission scheme change notifications for private teams they are not a member of.

CVE-2026-9641
Medium

Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems.

CVE-2026-5792
Medium

CVE-2026-5792 is a vulnerability affecting Hedef Media Promotion Interactive Media Marketing Inc. that allows authentication bypass through spoofing, enabling Brute Force attacks.

PreviousPage 107 of 510Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS