CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.16)

CVE-2026-6654
Medium

A double-free and use-after-free vulnerability was found in the `IntoIter::drop` and `ThinVec::clear` functions of the thin_vec crate. A panic in `ptr::drop_in_place` skips resetting the length to zero.

CVE-2026-6587
Medium

A server-side request forgery (SSRF) vulnerability has been discovered in the RAGAS library up to version 0.4.3 in the Collections module. The functions _try_process_local_file/_try_process_url in util.py improperly validate the retrieved_contexts argument, allowing a remote attacker to make requests to internal resources. The exploit has been published, and the vendor did not respond.

CVE-2026-40293
Medium

In OpenFGA versions 0.1.4 through 1.13.1, when using preshared-key authentication with the playground enabled, the API key is included in the HTML response of the /playground endpoint. This endpoint is enabled by default and does not require authentication, potentially leaking sensitive credentials.

CVE-2026-31927
Medium

A vulnerability in Anviz CX7 firmware allows an authenticated attacker to upload a CSV file with path traversal, overwriting arbitrary files such as /etc/shadow. Combined with debug-setting changes, this can lead to unauthorized SSH access.

CVE-2026-6437
Medium

W składniku obsługi wolumenów w AWS EFS CSI Driver (aws-efs-csi-driver) przed wersją v3.0.1 występuje niewłaściwe neutralizowanie ograniczników argumentów, co pozwala zdalnym uwierzytelnionym użytkownikom z uprawnieniami do tworzenia PersistentVolume na wstrzykiwanie dowolnych opcji montowania za pomocą wstrzyknięcia przecinka.

CVE-2026-40002
Medium

A vulnerability in Red Magic 11 Pro (NX809J) allows non-privileged applications to trigger sensitive operations. The lack of validation for applications accessing the service interface enables an attacker to write files to specific partitions and set writable system properties.

CVE-2026-35469
Medium

The Go library spdystream in versions 0.5.0 and below does not validate attacker-controlled counts and lengths before memory allocation when parsing SPDY/3 frames. An attacker can send a single crafted control frame that, after zlib decompression, triggers massive memory allocation, leading to process memory exhaustion and crash.

CVE-2026-3861
Medium

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.

CVE-2026-40503
Medium

A path traversal vulnerability in OpenHarness prior to commit dd1d235 allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can bypass the project memory directory validation and access sensitive files accessible to the OpenHarness process.

CVE-2026-21726
Medium

The CVE-2026-21726 vulnerability allows an attacker to read files by exploiting double encoding in the namespace parameter at the Ruler API endpoint.

CVE-2026-20170
Medium

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center allowed an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks. The issue was due to improper handling of HTML and script content. Cisco has addressed this vulnerability in the service, requiring no customer action.

CVE-2026-20148
MediumEPSS 95%

A vulnerability in Cisco ISE and Cisco ISE-PIC allows an authenticated remote attacker to perform path traversal attacks on the underlying OS and read arbitrary files. The flaw is due to improper validation of user-supplied input.

CVE-2026-20136
Medium

A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) allows an authenticated local attacker with administrative privileges to perform command injection on the underlying OS and elevate privileges to root. The issue is due to insufficient input validation.

CVE-2026-20132
Medium

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) allow an authenticated remote attacker with administrative write privileges to conduct stored XSS or reflected XSS attacks against a user of the interface. These issues stem from insufficient sanitization of user-supplied data stored in web pages.

CVE-2026-0636
Medium

An LDAP injection vulnerability in the Legion of the Bouncy Castle Inc. BC-JAVA bcprov library affects all prov modules. The issue is associated with the LDAPStoreHelper program files and allows an attacker to manipulate LDAP queries.

CVE-2026-5713
Medium

The 'profiling.sampling' module (Python 3.15+) and 'asyncio introspection capabilities' (3.14+) could be exploited to read and write addresses in a privileged process if that process connected to a malicious or 'infected' Python process via the remote debugging feature.

CVE-2026-22155
Medium

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR (PaaS and on-premise versions) allows an attacker to intercept sensitive data sent in plaintext. The flaw affects multiple versions from 7.3 to 7.6.

CVE-2026-21742
Medium

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR (PaaS and on-premise versions) allows an authenticated attacker to view cleartext passwords in responses to Secure Message Exchange and Radius queries, if configured. The issue involves sending sensitive data in an unencrypted form.

CVE-2026-37980
Medium

W Keycloak znaleziono lukę w stronie logowania do wyboru organizacji. Zdalny atakujący z uprawnieniami `manage-realm` lub `manage-organizations` może wykorzystać podatność na przechowywane Cross-Site Scripting (XSS), co pozwala na wykonanie złośliwego kodu JavaScript w przeglądarce użytkownika.

CVE-2025-69893
Medium

A side-channel vulnerability in BIP-39 mnemonic processing implementation in Trezor hardware wallets (versions 1.13.0-1.14.0) allows an attacker with physical access during setup to recover the mnemonic code using deep learning-based side-channel analysis. The issue has been patched.

PreviousPage 289 of 610Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS