CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.16)

CVE-2026-2394
Medium

Buffer Over-read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers. This issue affects Connext Professional from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.2.34, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, and from 4.3x before 5.2.*.

CVE-2026-34237
Medium

MCP Java SDK, the official Java SDK for Model Context Protocol servers and clients, had a hardcoded wildcard CORS vulnerability prior to versions 0.83.0, 1.0.1, and 1.1.1. This issue has been patched in the mentioned versions.

CVE-2026-34881
Medium

OpenStack Glance before versions 29.1.1, 30.1.1, and 31.0.0 is vulnerable to Server-Side Request Forgery (SSRF). An authenticated user can bypass URL validation checks using HTTP redirects to access internal services. The vulnerability affects only the image import functionality, specifically the web-download and glance-download import methods, as well as the optional ovf_process plugin.

CVE-2026-33997
Medium

In the Moby (Docker) framework prior to version 29.3.1, a vulnerability allows bypassing plugin privilege validation during installation. An error in the daemon's privilege comparison logic may cause it to accept a privilege set different from the one approved by the user, and for plugins requesting exactly one privilege, no comparison is performed at all.

CVE-2026-33983
Medium

In FreeRDP before version 3.24.2, a vulnerability in progressive_decompress_tile_upgrade() does not halt execution after detecting a mismatch, only logging a warning. Using a wrapped value (247) as a shift exponent causes undefined behavior and an approximately 80 billion iteration loop, resulting in CPU denial of service (DoS).

CVE-2026-29597
Medium

DDSN Interactive cm3 Acora CMS version 10.7.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive configuration files by force browsing the “/Admin/file_manager/file_details.asp” endpoint and manipulating the “file” parameter. By referencing specific files (e.g., cm3.xml), the attacker can retrieve system administrator credentials, SMTP settings, database credentials, and other confidential information.

CVE-2026-30082
Medium

Multiple stored cross-site scripting (XSS) vulnerabilities were found in the Edit feature of the Software Package List page in IngEstate Server v11.14.0. Attackers can inject malicious payloads into the About application, What's news, or Release note parameters, leading to arbitrary script or HTML execution.

CVE-2026-28528
Medium

A vulnerability in BTstack prior to version 1.8.1 allows an out-of-bounds read in the AVRCP Browsing Target GET_FOLDER_ITEMS handler due to missing packet boundary and attribute count validation. A paired Bluetooth Classic attacker can trigger crashes and corrupt attribute bitmap state.

CVE-2026-5119
Medium

A flaw was found in libsoup that allows sensitive session cookies to be transmitted in cleartext during the establishment of HTTPS tunnels through a configured HTTP proxy. Attackers can intercept these cookies, leading to potential session hijacking or user impersonation.

CVE-2026-23399
Medium

W jądrze systemu Linux zidentyfikowano podatność, która została naprawiona. Problem dotyczy możliwego wycieku pamięci w wyrażeniu stanowym w ścieżce błędu, gdy klonowanie drugiego wyrażenia stanowego nie powiedzie się.

CVE-2026-34411
Medium

A vulnerability in Appsmith versions prior to 1.98 exposes sensitive instance management API endpoints without authentication. Unauthenticated attackers can query endpoints like /api/v1/consolidated-api/view and /api/v1/tenants/current to retrieve configuration metadata, license information, and unsalted SHA-256 hashes of admin email domains.

CVE-2026-33758
Medium

OpenBao versions prior to 2.5.2 with OIDC/JWT authentication enabled and a role configured with `callback_mode=direct` are vulnerable to XSS via the `error_description` parameter on the failed authentication page. An attacker can steal the token used in the Web UI by a victim.

CVE-2026-30689
Medium

In Blog.Core up to version bcb4d17, the getinfobytoken API interface has improper access control leading to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security.

CVE-2026-28375
Medium

A testdata data-source can be used to trigger out-of-memory crashes in Grafana.

CVE-2026-27879
Medium

A resample query can lead to out-of-memory crashes in Grafana.

CVE-2026-27877
Medium

A vulnerability in public dashboards and direct data-sources exposes passwords of all direct data-sources, even if not used in dashboards. Passwords of proxied data-sources are not exposed.

CVE-2025-61190
Medium

A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in DSpace JSPUI 6.5 within the search/discover filtering functionality. The vulnerability exists due to improper sanitization of user-supplied input via the filter_type_1 parameter.

CVE-2026-32859
Medium

A stored cross-site scripting vulnerability in the artifacts API of ByteDance DeerFlow prior to commit 5dbb362 allows attackers to inject malicious HTML or JavaScript by uploading it as artifacts. The code executes in the browser context when users view the artifacts.

CVE-2026-27857
Medium

Sending a "NOOP (((...)))" command with 4000 parentheses increases memory usage by about 1 MB. Longer commands cause client disconnection. An attacker can keep this memory allocated by not sending the line feed (LF) character.

CVE-2026-33375
Medium

The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, crashing the host container.

PreviousPage 294 of 610Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS