CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-54074
High

A Remote Code Execution vulnerability exists in @tinacms/cli prior to version 2.4.3 during the Forestry-to-Tina migration. The addVariablesToCode helper unsafely processes user-supplied label and name fields from .forestry/**/*.yml, allowing arbitrary JavaScript injection into the generated tina/templates.{ts,js} file.

CVE-2026-50521
HighEPSS 53%

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code remotely over a network.

CVE-2026-58593
High

A vulnerability in NodeBB allows a remote attacker to impersonate any local user, including the administrator, by forging posts and private messages via the ActivityPub protocol. The issue stems from missing validation that the authenticated remote actor matches the claimed author of the ActivityPub object.

CVE-2026-58592
High

Ladybird contains a dangling-reference memory-safety flaw in its WebAssembly ESM-integration module loader. A JavaScript function imported into a WASM module via ESM causes a stack-local FunctionType to be destroyed after the link-loop iteration ends, while the host callback still references it, leading to memory corruption.

CVE-2026-55688
Medium

The AsyncHttpClient (AHC) library versions 2.0.0 through 2.15.0 and 3.0.0.Beta1 through 3.0.10 have a vulnerability in ThreadSafeCookieStore that does not verify whether the responding host is allowed to set a cookie for a domain. This allows an attacker-controlled host to inject a cookie for an unrelated domain, which the client then sends to that domain.

CVE-2026-54908
Medium

Pion DTLS library versions prior to 3.1.4 are vulnerable to remote denial of service via a panic triggered while parsing a crafted ECDHE_PSK ServerKeyExchange message. The issue is fixed in version 3.1.4.

CVE-2026-54164
Medium

Vulnerability in API Platform Core before versions 4.1.30, 4.2.26 and 4.3.12 allows an attacker to substitute resource types in IRI relations. Missing type validation in AbstractItemNormalizer enables assigning an object of an unintended type to a relation property.

CVE-2026-49858
Medium

In API Platform Core versions from 2.6.0 prior to 4.1.29, 4.2.26, and 4.3.12, a missing isCacheKeySafe gate in the JSON:API and HAL item normalizers causes a cross-user attribute leak. The component cache (attributes, relationships, links) keyed on context cache key can be reused for a subsequent request from a different user with different permissions, exposing properties that should be hidden.

CVE-2026-14363
Medium

An SQL injection vulnerability in the Cargo extension for MediaWiki allows an attacker to inject malicious SQL code. The issue affects versions before 1.43.9, 1.44.6, and 1.45.4.

CVE-2026-14265
High

A deserialization vulnerability in the RemoteQueryCachePlugin of AWS Advanced JDBC Wrapper versions 3.3.0 through 4.0.0 allows arbitrary code execution on application servers via untrusted data from Redis or Valkey cache. An attacker with write access to the shared cache can inject a crafted Java object that triggers gadget chains upon deserialization.

CVE-2026-58517
Medium

A vulnerability in the WikiLambda extension for MediaWiki allows authentication bypass due to improper neutralization of input terminators. The issue affects versions before 1.43.9, 1.44.6, and 1.45.4.

CVE-2026-58451
Medium

Horde IMP before version 7.0.1 contains a path traversal vulnerability in lib/Compose.php. Authenticated attackers can read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos() prefix validation by appending traversal sequences after the matching prefix, causing file_get_contents() to read sensitive files whose contents are then exfiltrated as MIME parts in outgoing email; unauthenticated exploitation is also achievable via CSRF against an active authenticated session.

CVE-2026-55628
Medium

In versions prior to 7.1.2-26he, the `-concatenate` operation lacked security policy checks, potentially allowing reading and writing to paths disallowed by the policy. This issue has been fixed in version 7.1.2-26.

CVE-2026-55597
Medium

In ImageMagick prior to version 7.1.2-26, a heap buffer over-write vulnerability exists in the JP2 encoder due to incorrect argument handling. The issue has been fixed in version 7.1.2-26.

CVE-2026-55595
Medium

In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, providing invalid arguments to the connected-components option causes an infinite loop. This issue has been fixed in the mentioned versions.

CVE-2026-55594
Medium

In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder leads to a stack overflow when processing a crafted image.

CVE-2026-55577
Medium

In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out-of-bounds write when processing a crafted image.

CVE-2026-55510
Medium

In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, a use-after-free vulnerability occurs when identifying an image with a crafted 8BIM profile containing a specific format string. The issue is fixed in the mentioned versions.

CVE-2026-53492
Critical

In containerd versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts CDI annotations from untrusted checkpoint image metadata during container restoration. A user with pod creation permissions can bypass standard Kubernetes resource allocation and inject arbitrary devices or host mounts into the restored container.

CVE-2026-53489
Medium

A vulnerability in containerd allows reading arbitrary files on the host via kubectl logs. The bug occurs in the CRI plugin, which restores container.log from a checkpoint image without validating a symlinked path.

PreviousPage 15 of 4471Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS