CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-53982
Medium

Cap-go Console versions below 12.28.2 contain a denial-of-service vulnerability in the account deletion flow that allows an attacker to block authentication and onboarding functions. The issue arises from incorrectly associating the deletion state with the device identifier, leading to redirection to an account-disabled page for approximately 30 days.

CVE-2026-47224
Medium

NanaZip, a derivative of 7-Zip, has a heap buffer-overflow read vulnerability in the LVM2 physical-volume metadata parser. This issue exists in versions from 3.0.1000.0 to before 6.0.1698.0 when opening a crafted LVM disk image.

CVE-2026-47222
Medium

In NanaZip, from version 3.0.1000.0 to before version 6.0.1698.0, a heap out-of-bounds read exists in the Android Verified Boot (AVB) vbmeta image parser. An attacker can exploit this vulnerability to cause a crash of the application when opening a crafted .avb or .img file.

CVE-2026-3433
Medium

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, and 10.11.x <= 10.11.15 and 10.11.x <= 10.11.16 fail to restrict 'role_updated' websocket event broadcasts to members of the affected team or channel. This allows an authenticated attacker with guest-level access to observe permission scheme change notifications for private teams they are not a member of.

CVE-2026-9641
Medium

Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems.

CVE-2026-5792
Medium

CVE-2026-5792 is a vulnerability affecting Hedef Media Promotion Interactive Media Marketing Inc. that allows authentication bypass through spoofing, enabling Brute Force attacks.

CVE-2026-53568
Medium

Frappe is a web application framework. Prior to versions 15.107.2 and 16.17.4, there was a stored XSS vulnerability in the report/list view. This issue has been patched in versions 15.107.2 and 16.17.4.

CVE-2026-50560
Medium

Netty, a network application framework, prior to versions 4.1.135.Final and 4.2.15.Final had an issue with handling max HTTP/2 header size, allowing an attack similar to HTTP/2 Rapid Reset. This could result in exceptions when writing response headers during request processing.

CVE-2026-50089
Medium

The Aqara IAM/SSO Gateway (gw-builder.aqara.com) contains an open redirect vulnerability (CWE-601), allowing an attacker to redirect users to an external malicious site. The estimated CVSS score is 6.1 (Medium).

CVE-2026-50082
Medium

The Aqara Cloud Developer Portal (developer.aqara.com) issued a developer token to any email address supplied by the attacker. This is a missing authentication for critical function (CWE-306) with an estimated CVSS of 6.5 (Medium). When combined with other vulnerabilities (CVE-2026-50083, CVE-2026-50084, CVE-2026-50085), an unauthenticated attacker could fully take over affected devices.

CVE-2026-50026
Medium

Frappe is a web application framework that prior to versions 15.107.0 and 16.17.0 had a vulnerability related to a lack of permission checks in certain endpoints, allowing unauthorized access to resources.

CVE-2026-50020
Medium

In versions prior to 4.1.135.Final and 4.2.15.Final, `HttpObjectDecoder` in the Netty framework skipped control bytes and whitespace before reading the first request line. This can lead to request-boundary confusion in complex transports, creating a risk of attacks.

CVE-2026-50009
Medium

Netty prior to version 4.2.15.Final exposes the stateless reset token on the network path, which can be exploited by an attacker to perform a Denial of Service attack.

CVE-2026-48043
Medium

In the Netty library, in the netty-codec-http2 component prior to versions 4.1.135.Final and 4.2.15.Final, a resource leak vulnerability was found in the `DelegatingDecompressorFrameListener` class. A remote attacker can send specially crafted HTTP/2 frames that cause the flow controller to throw an exception, leading to improper release of pooled `ByteBuf` buffers and eventually to JVM memory exhaustion.

CVE-2026-47190
Medium

IPAM, the IP address Manager for Cluster API Provider Metal3, prior to versions 1.11.7, 1.12.4, and 1.13.0, granted full CRUD permissions for core/v1 Secrets. Under normal operation, the controller does not access Secrets, but if the controller pod were compromised, an attacker could leverage these excessive permissions to read, modify, or delete Secrets.

CVE-2026-47182
Medium

Frappe is a web application framework. Prior to version 16.17.4, any authenticated user could access private files by guessing the file path. This issue has been patched in version 16.17.4.

CVE-2026-46690
Medium

The unbounded_spsc extension in versions 0.2.0 and prior contains a bug that leads to out-of-bounds reads and fake resource drops due to a race condition between sender and receiver.

CVE-2026-44976
Medium

Frappe is a full-stack web application framework. Prior to version 16.17.4, any user could modify any field in any Onboarding Step record. This issue has been patched in version 16.17.4.

CVE-2026-44975
Medium

Frappe is a web application framework. Prior to versions 15.107.2 and 16.17.4, any authenticated user could reset onboarding for all users in the system.

CVE-2026-44967
Medium

OpenTelemetry-cpp prior to version 1.27.0 has a vulnerability where the OTLP HTTP exporters (traces/metrics/logs) read the full HTTP response into an in-memory vector of bytes without a size cap. This can lead to memory exhaustion when the configured collector endpoint is attacker-controlled.

PreviousPage 133 of 562Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS