CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.16)

CVE-2026-41607
MediumEPSS 58%

An out-of-bounds read vulnerability has been discovered in Apache Thrift before version 0.23.0. The issue is fixed in version 0.23.0.

CVE-2026-41606
MediumEPSS 63%

Uncontrolled recursion vulnerability in Apache Thrift before version 0.23.0 may lead to stack exhaustion and denial of service (DoS).

CVE-2024-54012
Medium

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the flaw.

CVE-2024-54011
Medium

Penetration Testing engineers at Amazon have discovered a flaw where the camera system fails to properly handle data supplied in certain requests, causing a service disruption. The manufacturer has released patch firmware for the flaw.

CVE-2026-40356
Medium

In MIT Kerberos 5 (krb5) before 1.22.3, an integer underflow and resultant out-of-bounds read occur if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.

CVE-2026-42510
Medium

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.

CVE-2026-40355
Medium

In MIT Kerberos 5 (krb5) before version 1.22.3, there is a NULL pointer dereference when an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.

CVE-2026-0711
MediumEPSS 56%

A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50(ABVY.7.1)C0 allows an authenticated, adjacent attacker with administrator privileges to execute OS commands on an affected device.

CVE-2026-40975
Medium

In Spring Boot, values produced by ${random.value} are not suitable for use as secrets due to a weak PRNG. ${random.uuid} is not affected, while ${random.int} and ${random.long} should never be used for secrets because of their predictable numeric range.

CVE-2026-38936
Medium

A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter.

CVE-2026-38935
Medium

A reflected cross-site scripting (XSS) vulnerability exists in diskover-community version 2.3.5 and earlier. An attacker can inject malicious JavaScript code via the doctype parameter in public/view.php.

CVE-2026-30462
Medium

A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to perform directory traversal operations.

CVE-2026-40514
Medium

SmarterTools SmarterMail w wersjach przed 9610 zawiera słabość kryptograficzną w punktach końcowych udostępniania plików i e-maili, wykorzystującą szyfrowanie DES-CBC z kluczami i wektorami inicjalizacyjnymi pochodzącymi z System.Random, co prowadzi do ograniczonej przestrzeni nasion do około 19 000 możliwych wartości. Atakujący bez uwierzytelnienia może wykorzystać punkt końcowy pobierania załączników jako oracle do określenia używanego nasienia i wyprowadzenia kluczy szyfrujących oraz wektorów inicjalizacyjnych, co pozwala na fałszowanie tokenów udostępniania dla dowolnych e-maili, załączników lub zawartości przechowywanych plików bez wcześniejszego dostępu do docelowej zawartości.

CVE-2026-31684
Medium

W jądrze systemu Linux zidentyfikowano podatność związaną z walidacją zagnieżdżonych nagłówków VLAN w funkcji tcf_csum_act(). Błąd polega na tym, że kod nie sprawdza, czy pełny nagłówek VLAN jest dostępny w liniowym obszarze przed jego odczytem, co może prowadzić do naruszenia zasad integralności skb.

CVE-2026-31681
Medium

W jądrze systemu Linux zidentyfikowano podatność w module netfilter, która dotyczy walidacji kodowania zakresu w funkcji checkentry. Funkcja ports_match_v1() błędnie traktuje niezerowe wpisy pflags jako początek zakresu portów, co może prowadzić do nieprawidłowej interpretacji reguł.

CVE-2026-41481
Medium

In LangChain before version 1.1.2, an SSRF vulnerability exists in HTMLHeaderTextSplitter.split_text_from_url(). Although the initial URL is validated, redirects are not checked, allowing an attacker to access internal network resources.

CVE-2026-41472
Medium

CyberPanel versions prior to 2.4.4 have a stored XSS vulnerability in the AI Scanner dashboard. The unauthenticated POST /api/ai-scanner/callback endpoint allows attackers to inject malicious JavaScript by overwriting the findings_json field of ScanHistory records.

CVE-2026-42044
Medium

The Axios library versions 1.0.0 through 1.15.1 are vulnerable to a Prototype Pollution gadget attack that allows any Object.prototype pollution in the application to be escalated into invisible modification of JSON API responses. The default transformResponse function lacks validation of the parseReviver parameter, enabling selective value changes in responses, including privilege escalation or balance manipulation.

CVE-2026-42041
Medium

The Axios library before versions 1.15.1 and 0.31.1 is vulnerable to a Prototype Pollution attack that silences all HTTP error responses (401, 403, 500, etc.), treating them as successful. The root cause is the use of the `in` operator in the `mergeDirectKeys` merge strategy for the `validateStatus` property, allowing polluted prototypes to affect validation logic.

CVE-2026-41898
Medium

A vulnerability in the rust-openssl library (versions 0.9.24 through 0.10.78) causes the PSK and cookie callbacks to not validate the user closure's return value against the buffer size. This can lead to buffer overflows and other unintended consequences.

PreviousPage 283 of 608Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS