CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-9002
Medium

IBM WebSphere Extreme Scale versions 8.6.1.0 through 8.6.1.6 contain a denial-of-service vulnerability due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds checking, which may lead to a StackOverflowError or OutOfMemoryError.

CVE-2026-3602
Medium

IBM App Connect Enterprise versions 13.0.1.0 through 13.0.7.2 and 12.0.1.0 through 12.0.12.26, as well as IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7, are vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of.

CVE-2026-13773
MediumEPSS 87%

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 contains approximately 50 generated CORBA stub classes in ogclient.jar that call ORB.string_to_object() on an attacker-controlled IOR string during Java deserialization. This turns any unfiltered ObjectInputStream sink in WAS into outbound IIOP SSRF to an attacker-chosen host.

CVE-2026-12086
Medium

IBM UrbanCode Deploy and IBM DevOps Deploy store potentially sensitive information in log files that could be read by a local user. The vulnerability affects versions 7.2 through 7.2.3.23, 7.3 through 7.3.2.18, and 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0.

CVE-2026-12085
Medium

IBM UrbanCode Deploy and IBM DevOps Deploy in vulnerable versions may disclose sensitive configurations and secrets to authenticated users in API responses, which could be used in further attacks against the system.

CVE-2026-12084
Medium

IBM DevOps Deploy (UCD) versions 8.1 through 8.1.2.6 and 8.2 through 8.2.1.0 improperly configure CORS, allowing an attacker to perform privileged actions and retrieve sensitive information because the domain is not restricted to trusted domains.

CVE-2026-11906
Medium

IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 for Linux, UNIX, and Windows (including Db2 Connect Server) contain a denial-of-service vulnerability. An authenticated user can exploit improper neutralization of special elements in the data query logic for XMLTable-derived columns, causing a denial of service.

CVE-2026-11595
Medium

IBM WebSphere Application Server 9.0 and 8.5 contain a vulnerability that could allow a remote attacker to obtain sensitive information from the integrated help system of the administrative console.

CVE-2025-36372
Medium

A vulnerability in IBM Db2 allows an authenticated user to read sensitive information from monitoring and event tables. It affects versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 on Linux, UNIX, and Windows.

CVE-2026-9263
Medium

The Zephyr Bluetooth controller ISO Adaptation Layer fails to validate the length of a framed ISO PDU start segment, leading to an integer underflow and out-of-bounds read. An attacker can trigger information disclosure or denial of service over the air.

CVE-2026-58373
Medium

A vulnerability in CVAT before version 2.69.0 in the QualityReportViewSet.get_queryset allows authenticated attackers to enumerate quality report identifiers belonging to other organizations. The missing check_object_permissions call on the parent_id parameter in the quality reports API endpoint enables distinguishing existing and non-existing reports via HTTP 500 vs 404 responses.

CVE-2026-58369
Medium

Woodpecker before version 3.15.0 exposes the /api/orgs/lookup/*org_full_name endpoint without authentication middleware, and the handler triggers a NULL pointer dereference for unauthenticated requests. Each request causes a panic that is recovered by gin middleware but writes a multi-line stack trace to the error log.

CVE-2026-58176
Medium

In RuoYi-Vue-Plus up to version 5.6.2 (fixed in commit 88d03d9), workflow task management endpoints in FlwTaskController lack any permission checks. Any authenticated user, regardless of role, can reassign tasks, urge tasks, and list all pending and finished tasks.

CVE-2026-58174
Medium

A vulnerability in Hermes WebUI before version 0.51.521 allows bypassing profile isolation. When importing a session, the workspace of the active named profile is validated, but the Session object is created without setting its profile, resulting in the session being persisted with a null profile. A null profile is treated as the default profile, enabling a user on the default profile to export the session transcript and read files from the named profile's workspace.

CVE-2026-58173
Medium

A path traversal vulnerability in Vibe-Trading before version 0.1.10 allows attackers to write files outside the intended memory root directory by supplying a malicious memory_type value containing path traversal sequences. Attackers can manipulate the memory_type parameter in the persistent memory store to write arbitrary Markdown files to unintended filesystem locations.

CVE-2026-58171
Medium

A vulnerability in Vibe-Trading before version 0.1.10 allows reading and overwriting run.json files outside the runs directory. An attacker can exploit a crafted run identifier supplied via MCP swarm tools, leading to data confidentiality and integrity breaches.

CVE-2026-58167
Medium

A vulnerability in Nightingale (n9e) before version 9.0.0-beta.2 allows any authenticated low-privilege user (Standard role) to read full datasource configurations, including database passwords, HTTP bearer tokens, HTTP basic-auth passwords, and mTLS client keys. This occurs via the POST /api/n9e/datasource/list endpoint, which lacks admin authorization, and the DatasourceFilter does not redact secret fields.

CVE-2026-10655
Medium

A race condition vulnerability exists in the asynchronous SNTP client of Zephyr OS. When the client closes the UDP socket without synchronizing with the socket service thread, a use-after-free of the net_context structure can occur, leading to crashes or potential memory corruption.

CVE-2026-10653
Medium

A vulnerability in the Zephyr net_buf library involves non-atomic operations on buffer reference counts. Under concurrency (SMP or single-core preemption), double-free of memory or corruption of the free buffer list may occur.

CVE-2026-10652
Medium

A vulnerability in Zephyr's DNS resolver (subsys/net/lib/dns) allows an out-of-bounds read due to insufficient validation of the rdlength field in DNS responses. The dns_unpack_answer() function accepts any declared rdlength, enabling an attacker to craft a truncated TXT or SRV response that reads beyond the receive buffer. This leads to information disclosure (residual packet data or uninitialized memory) and potentially a denial of service.

PreviousPage 26 of 523Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS