CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.13)

CVE-2026-44577
Medium

Next.js versions 10.0.0 through 15.5.16 and 16.2.5, when self-hosted with the default image loader, do not enforce a maximum size limit for local assets fetched by the Image Optimization API. An attacker can trigger out-of-memory conditions by requesting large files from the /_next/image endpoint.

CVE-2026-44479
Medium

Podatność w Vercel AI Cloud występuje w wersjach od 50.16.0 do 52.0.0, gdzie w trybie nieinteraktywnym CLI Vercel emituje sugestie dotyczące dalszych działań, które zawierają tokeny uwierzytelniające użytkownika. Tokeny te mogą być przechwycone w logach CI/CD lub innych wynikach automatyzacji.

CVE-2026-44467
Medium

Aplikacja Claude Desktop w wersjach od 1.2581.0 do przed 1.4304.0 miała lukę w funkcji zdalnego rozwoju SSH, która weryfikowała jedynie istnienie nazwy hosta w pliku ~/.ssh/known_hosts, nie porównując klucza hosta serwera z zapisanym kluczem. To umożliwiało atakującemu w pozycji sieciowej przedstawienie dowolnego klucza hosta SSH, co mogło prowadzić do ataku typu man-in-the-middle na sesje zdalnego rozwoju.

CVE-2026-44431
Medium

A vulnerability in the urllib3 library for Python (versions 1.23 to 2.7.0) allows leakage of sensitive HTTP headers during cross-origin redirects. The issue occurs when using the low-level API ProxyManager.connection_from_url().urlopen() with assert_same_host=False.

CVE-2026-43489
Medium

In the Linux kernel, a vulnerability in the liveupdate (LUO) mechanism was found due to improper storage of the retrieve() status in the luo_file structure. On failure, the retrieve flag was not updated, allowing retries and causing errors in the finish() function, potentially leading to data integrity issues.

CVE-2026-43488
Medium

In the Linux kernel's USB xHCI driver, a vulnerability causes an interrupt storm after a Host Controller Error (HCE) during UAS Storage device plug/unplug on Android devices, leading to severe system faults. The fix adds xhci_halt() in the interrupt handler to stop the controller and break the storm.

CVE-2026-43487
Medium

In the Linux kernel, a problem was found with the ST1000DM010-2EP102 drive causing random system freezes due to faulty power management (LPM). The drive belongs to the same BarraCuda family as the ST2000DM008-2FR102 which has a similar issue.

CVE-2026-43486
Medium

In the Linux kernel, a vulnerability was found in the contpte_ptep_set_access_flags() function for ARM64 architecture. The function incorrectly compared the gathered ptep_get() value with the requested entry, which could lead to false no-op detection when only one sub-PTE in a CONT block was updated. As a result, for SMMU units or CPUs without DBM support, an infinite page fault loop could occur.

CVE-2026-43485
Medium

In the Linux kernel, WARN_ON calls in the nouveau driver during ACPI probing have been removed. These warnings triggered frequently and were considered harmless, so they were dropped.

CVE-2026-43484
Medium

In the Linux kernel, a vulnerability was found in the MMC subsystem where the 'claimed' and 'retune' control flags shared the same bitfield word. Concurrent writes in asynchronous contexts could overwrite other bits, causing spurious WARN_ON(!host->claimed) warnings. The fix converts these flags to bool type, eliminating unintended read-modify-write (RMW) side effects.

CVE-2026-43483
Medium

In the Linux kernel, a vulnerability was found in the KVM module for AMD processors (SVM). The issue is that CR8 write interception is not properly cleared when AVIC (Advanced Virtual Interrupt Controller) is activated, leaving it enabled permanently. Combined with another TPR sync bug, this causes the TPR value seen by hardware to become out of sync, which is fatal for Windows virtual machines.

CVE-2026-43482
Medium

In the Linux kernel, a vulnerability in the sched_ext mechanism where preemption between scx_claim_exit() and helper work kick can cause system wedging. Lack of preemption disabling in this critical code path prevents bypass mode activation and stops task scheduling.

CVE-2026-43480
Medium

In the Linux kernel, the ASoC driver for AMD ACP3x was missing error checking for clock acquisition. The acp3x_5682_init() function did not verify the result of clk_get(), which could lead to dereferencing error pointers in rt5682_clk_enable().

CVE-2026-43479
Medium

In the Linux kernel LAN78xx USB Ethernet driver, a redundant netif_napi_del() call was removed from the disconnect path. It triggered a WARN in __netif_napi_del_locked because NAPI was still active. The unregister_netdev() function handles NAPI teardown automatically and safely, so the extra call is unnecessary.

CVE-2026-43478
Medium

In the Linux kernel, in the RT1011 audio codec driver, a vulnerability was found where the rt1011_recv_spk_mode_put() function uses an incorrect method to retrieve the DAPM context, leading to a NULL pointer dereference.

CVE-2026-43477
Medium

In the Linux kernel, a vulnerability in the i915 driver for Intel Graphics causes a potential system hang (MCE) on ICL platforms when VRR timings are configured before enabling TRANS_DDI_FUNC_CTL.

CVE-2026-42946
MediumEPSS 56%

A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module that may result in excessive memory allocation or an over-read of data. An unauthenticated attacker with man-in-the-middle ability may read the memory of the NGINX worker process or restart it.

CVE-2026-42937
Medium

Vulnerabilities related to incorrect permission assignment exist in BIG-IP and BIG-IQ TMOS Shell (tmsh) arp and ndp commands, as well as in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information.

CVE-2026-42934
Medium

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When charset, source_charset, and charset_map and proxy_pass with disabled buffering are configured, unauthenticated attackers can send requests that lead to a heap buffer over-read in the NGINX worker process.

CVE-2026-42926
Medium

A vulnerability in NGINX Open Source allows an attacker to inject frame headers and payload bytes to the upstream peer when configured to proxy HTTP/2 and using proxy_set_body.

PreviousPage 227 of 556Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS