CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.15)

CVE-2026-6845
Medium

A flaw was found in binutils, specifically within the `readelf` utility, allowing a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted ELF file. Exploitation can lead to excessive resource consumption or a program crash, making the system unresponsive.

CVE-2026-22747
Medium

A vulnerability in Spring Security's SubjectX500PrincipalExtractor incorrectly handles malformed CN values in X.509 certificates, potentially reading the wrong username. A crafted certificate could allow an attacker to impersonate another user.

CVE-2026-40451
Medium

The DeepL Chrome browser extension versions from v1.22.0 to v1.23.0 contain a cross-site scripting vulnerability, allowing an attacker to execute arbitrary scripts in a user's browser and inject malicious HTML into web pages viewed by the user.

CVE-2026-41457
Medium

OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling. Attackers can inject arbitrary SQL expressions via the query= and filter= parameters for integer-mapped DAAP fields.

CVE-2026-21999
Medium

Vulnerability in the XML Database component of Oracle Database Server allows an unauthenticated attacker remote access via HTTPS to confidential data. It requires user interaction and is difficult to exploit.

CVE-2026-41456
Medium

Bludit CMS prior to commit 6732dde contains a reflected cross-site scripting vulnerability in the search plugin that allows unauthenticated attackers to inject arbitrary JavaScript by crafting a malicious search query. Attackers can execute malicious scripts in the browsers of users who visit crafted URLs containing the payload, potentially stealing session cookies or performing actions on behalf of affected users.

CVE-2026-6058
Medium

An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 allows an adjacent attacker on the WLAN to cause a denial-of-service (DoS) condition in the web management interface. The attack requires convincing an authenticated administrator to visit the “AP Select” page while a malformed SSID is present.

CVE-2026-22051
Medium

A vulnerability in StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 allows an authenticated attacker with low privileges to run arbitrary metrics queries, revealing metric results they do not have access to.

CVE-2026-41245
Medium

In the Junrar library prior to version 7.5.10, a path traversal vulnerability in the `LocalFolderExtractor` class allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when extracting a crafted RAR archive.

CVE-2026-34429
Medium

Vvveb prior to version 1.0.8.1 contains a stored cross-site scripting vulnerability that allows authenticated users with media upload and rename permissions to bypass MIME type validation by prepending a GIF89a header to HTML/JavaScript payloads, then renaming the file to .html extension. This enables arbitrary JavaScript execution in an administrator's browser session, potentially leading to backdoor account creation and malicious plugin uploads for remote code execution.

CVE-2026-6369
Medium

W podatności CVE-2026-6369 występuje niewłaściwa kontrola dostępu w kliencie canonical-livepatch przed wersją 10.15.0, co pozwala lokalnemu użytkownikowi bez uprawnień na uzyskanie wrażliwego tokena uwierzytelniającego na poziomie roota poprzez wysłanie nieautoryzowanego żądania do gniazda Unix livepatchd.sock. Problem ten występuje na systemach, gdzie administrator włączył klienta Livepatch z ważną subskrypcją Ubuntu Pro.

CVE-2026-6654
Medium

A double-free and use-after-free vulnerability was found in the `IntoIter::drop` and `ThinVec::clear` functions of the thin_vec crate. A panic in `ptr::drop_in_place` skips resetting the length to zero.

CVE-2026-6587
Medium

A server-side request forgery (SSRF) vulnerability has been discovered in the RAGAS library up to version 0.4.3 in the Collections module. The functions _try_process_local_file/_try_process_url in util.py improperly validate the retrieved_contexts argument, allowing a remote attacker to make requests to internal resources. The exploit has been published, and the vendor did not respond.

CVE-2026-40293
Medium

In OpenFGA versions 0.1.4 through 1.13.1, when using preshared-key authentication with the playground enabled, the API key is included in the HTML response of the /playground endpoint. This endpoint is enabled by default and does not require authentication, potentially leaking sensitive credentials.

CVE-2026-31927
Medium

A vulnerability in Anviz CX7 firmware allows an authenticated attacker to upload a CSV file with path traversal, overwriting arbitrary files such as /etc/shadow. Combined with debug-setting changes, this can lead to unauthorized SSH access.

CVE-2026-6437
Medium

W składniku obsługi wolumenów w AWS EFS CSI Driver (aws-efs-csi-driver) przed wersją v3.0.1 występuje niewłaściwe neutralizowanie ograniczników argumentów, co pozwala zdalnym uwierzytelnionym użytkownikom z uprawnieniami do tworzenia PersistentVolume na wstrzykiwanie dowolnych opcji montowania za pomocą wstrzyknięcia przecinka.

CVE-2026-40002
Medium

A vulnerability in Red Magic 11 Pro (NX809J) allows non-privileged applications to trigger sensitive operations. The lack of validation for applications accessing the service interface enables an attacker to write files to specific partitions and set writable system properties.

CVE-2026-3861
Medium

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.

CVE-2026-40503
Medium

A path traversal vulnerability in OpenHarness prior to commit dd1d235 allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can bypass the project memory directory validation and access sensitive files accessible to the OpenHarness process.

CVE-2026-21726
Medium

The CVE-2026-21726 vulnerability allows an attacker to read files by exploiting double encoding in the namespace parameter at the Ruler API endpoint.

PreviousPage 267 of 588Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS