CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.16)

CVE-2025-71163
Medium

In the Linux kernel, a vulnerability in the idxd DMA driver causes device reference leaks during compat bind and unbind operations. Failure to release references leads to improper memory management.

CVE-2025-52023
Medium

A vulnerability in the PHP backend of gemscms.aptsys.com.sg (through May 28, 2025) allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This is achieved by sending specially crafted HTTP GET/POST requests to public API endpoints.

CVE-2025-52022
Medium

A vulnerability in the PHP backend of gemsloyalty.aptsys.com.sg (up to 2025-05-28) allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This is achieved by sending specially crafted HTTP GET/POST requests to public API endpoints.

CVE-2025-71177
Medium

LavaLite CMS versions up to and including 10.1.0 contain a stored cross-site scripting vulnerability in the package creation and search functionality. Authenticated users can inject malicious HTML or JavaScript into the Name or Description fields, which is stored and later rendered without proper output encoding in search results. When other users view these results, the script executes in their browsers.

CVE-2026-22994
Medium

A reference count leak was discovered in the Linux kernel's bpf_prog_test_run_xdp() function. The issue occurs when the error handling path fails to call xdp_convert_buff_to_md(), causing a network interface (e.g., sit0) to remain stuck and preventing its release.

CVE-2026-22982
Medium

A crash occurs in the ocelot network driver (Microsemi) when adding an interface to a LAG group. The bug is a NULL pointer dereference in ocelot_set_aggr_pgids() for unregistered ports (ocelot_vsc7514.c frontend).

CVE-2026-22979
Medium

A memory leak in the Linux kernel's skb_segment_list() function used for GRO packet segmentation. The leak stems from outdated truesize accounting after commit ed4cccef64c1 changed fragment orphaning, preventing socket deallocation.

CVE-2025-71161
Medium

In the Linux kernel, a vulnerability in dm-verity's recursive forward error correction (FEC) was found. Recursive calls can cause denial-of-service due to up to 4 billion iterations and overwrite shared buffers, breaking correction logic.

CVE-2025-2204
Medium

Podatność CVE-2025-2204 dotyczy niewłaściwej neutralizacji danych wejściowych podczas generowania stron internetowych w oprogramowaniu Tap&Sign firmy Tapandsign Technologies. Umożliwia to ataki typu Cross-Site Scripting (XSS).

CVE-2025-69612
MediumEPSS 55%

A path traversal vulnerability exists in TMS Management Console 6.3.7.27386.20250818 from TMS Global Software. The 'Download Template' function in the profile dashboard does not neutralize directory traversal sequences (../) in the filePath parameter, allowing authenticated users to read arbitrary files, such as the server's Web.config.

CVE-2025-4763
Medium

Podatność CVE-2025-4763 dotyczy niewłaściwej neutralizacji danych wejściowych podczas generowania stron internetowych w systemie Hotel Guest Hotspot firmy Aida Computer Information Technology Inc. Umożliwia to ataki typu Reflected XSS.

CVE-2026-23960
Medium

Stored XSS vulnerability in Argo Workflows allows arbitrary JavaScript execution in another user's browser via artifact directory listing. Affects versions prior to 3.6.17 and 3.7.8.

CVE-2025-13465
MediumEPSS 72%

A vulnerability in Lodash versions 4.0.0 through 4.17.22 allows prototype pollution via the _.unset and _.omit functions. An attacker can pass crafted paths that cause Lodash to delete methods from global prototypes.

CVE-2026-22977
Medium

A vulnerability in the Linux kernel causes a system panic when copying sk_buff.cb data to userspace via sock_recv_errqueue. The issue stems from the skbuff_fclone_cache lacking a usercopy whitelist, triggering a BUG() when CONFIG_HARDENED_USERCOPY is enabled. The fix uses a local stack variable as a bounce buffer to bypass the hardened usercopy check.

CVE-2026-22976
Medium

W jądrze systemu Linux zidentyfikowano podatność, która prowadzi do dereferencji wskaźnika NULL podczas dezaktywacji nieaktywnych agregatów w funkcji qfq_reset. Problem występuje, gdy dwa obiekty qfq_class wskazują na ten sam leaf_qdisc, co może prowadzić do błędów w zarządzaniu kolejkami.

CVE-2025-15366
Medium

The imaplib module in Python allows injection of additional commands via newline characters in a user-supplied command. Mitigation rejects commands containing control characters.

CVE-2026-22218
MediumEPSS 95%

A vulnerability in Chainlit versions prior to 2.9.4 allows an authenticated attacker to read arbitrary files on the server by manipulating the path in a project element update request. The attacker can copy the file to their session and then retrieve it using the element identifier.

CVE-2026-23745
Medium

The node-tar library (<= 7.5.2) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preservePaths is false (the default secure behavior). This allows malicious archives to bypass the extraction root restriction, leading to Arbitrary File Overwrite via hardlinks and Symlink Poisoning via absolute symlink targets.

CVE-2026-0990
MediumEPSS 51%

An uncontrolled recursion vulnerability was found in libxml2's xmlCatalogXMLResolveURI function. It occurs when an XML catalog contains a delegate URI entry that references itself, leading to infinite recursion and call stack exhaustion.

CVE-2025-13454
Medium

W oprogramowaniu konfiguracyjnym ThinkPlus zgłoszono potencjalną podatność, która może umożliwić lokalnie uwierzytelnionemu użytkownikowi dostęp do wrażliwych informacji o urządzeniu.

PreviousPage 312 of 617Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS