CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, providing invalid arguments to the connected-components option causes an infinite loop. This issue has been fixed in the mentioned versions.
In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder leads to a stack overflow when processing a crafted image.
In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out-of-bounds write when processing a crafted image.
In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, a use-after-free vulnerability occurs when identifying an image with a crafted 8BIM profile containing a specific format string. The issue is fixed in the mentioned versions.
In containerd versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts CDI annotations from untrusted checkpoint image metadata during container restoration. A user with pod creation permissions can bypass standard Kubernetes resource allocation and inject arbitrary devices or host mounts into the restored container.
A vulnerability in containerd allows reading arbitrary files on the host via kubectl logs. The bug occurs in the CRI plugin, which restores container.log from a checkpoint image without validating a symlinked path.
In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a heap information disclosure vulnerability because part of the pixels are left unchanged.
In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out-of-bounds read when a crafted image is processed, potentially causing a crash.
A vulnerability in Pivotal CRM 6.6.4.08 and systems with patch ghi-15381-cwe-502-20251225.zip allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. This issue exists due to an incomplete fix for CVE-2026-39253.
A vulnerability in containerd prior to versions 2.3.2, 2.2.5 and 2.1.9 allows an attacker with pod creation permissions to poison the local image cache via a crafted checkpoint image. Missing validation of image references in the checkpoint import process enables assigning an arbitrary local tag to a malicious image.
In self-hosted Hoppscotch deployments version 2026.4.1 and earlier, the unauthenticated POST /v1/onboarding/config endpoint is vulnerable to mass assignment. The missing whitelist: true in NestJS ValidationPipe allows extra request properties like JWT_SECRET and SESSION_SECRET to be treated as valid InfraConfig entries, enabling an attacker to overwrite them.
Gradio before version 6.16.0 contains a path traversal vulnerability in the FileExplorer component's preprocess() method. Unauthenticated attackers can bypass the configured root directory by supplying path segments with directory traversal sequences or absolute paths, leading to arbitrary file read or exposure of sensitive files outside the intended directory.
A vulnerability in containerd allows memory exhaustion via a maliciously crafted container image, causing an OOM kill of the containerd process and making the runtime API unavailable. Affected versions are prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5, and 2.3.2.
Dell Device Management Agent (DDMA) versions prior to 26.05 contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
An unauthenticated command injection vulnerability exists in the /goform/fast_setting_internet_set endpoint of Tenda AC18 firmware version 15.03.05.05. An attacker can send a crafted request with a malicious payload in the mac parameter to execute arbitrary system commands.
The Charts extension for MediaWiki contains an XSS vulnerability due to improper input neutralization during page generation. Affected versions are before 1.43.9, 1.44.6, and 1.45.4.
Overly permissive file permissions in AWS CLI before versions 1.44.78 (v1) and 2.34.29 (v2) on Unix-like systems, where umask has not been configured to restrict file permissions (the default on most systems), may allow other local users on the same host to read credentials written by certain CLI subcommands (aws codeartifact login, aws iam create-virtual-mfa-device, aws deploy register).
OS command injection vulnerability in the NodejsFunction Docker bundling pipeline (OsCommand helper) in AWS aws-cdk-lib. An attacker controlling dependency version strings in package.json can execute arbitrary commands on the CDK toolchain host via injected shell metacharacters.
In HashiCorp Vault and Vault Enterprise prior to version 2.0.1, the audit device validation logic did not consistently apply plugin directory protections when the legacy file audit path option was used. This vulnerability is fixed in versions 2.0.1, 1.21.6, 1.20.11, and 1.19.17.
An SQL injection vulnerability was found in the Cargo extension for MediaWiki due to improper neutralization of special elements in SQL commands. The issue affects versions before 1.43.9, 1.44.6, and 1.45.4.

