CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed attacker app can read stale register values left by a separate sandboxed victim app.
A critical vulnerability in the Admin GUI of Payara Server allows an attacker to leak the administrator's REST session token to an attacker-controlled host, potentially leading to a full unauthenticated takeover of the Payara admin domain.
An unauthorized user can modify configuration through API calls in OpenText Access Manager. This issue affects versions before 5.1.3.
The Assembla Plugin for Jenkins version 1.4 and earlier does not configure its XML parser to prevent XXE attacks, allowing attackers to control responses from the Assembla server and extract secrets from the Jenkins controller.
Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller.
Jenkins External Workspace Manager Plugin version 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with Item/Configure permission to read arbitrary files on the Jenkins controller file system.
Jenkins Script Security Plugin version 1402.v94c9ce464861 and earlier does not reject Groovy AST transformation annotations carrying an extensions member, allowing attackers able to run sandboxed Groovy scripts to execute code outside the sandbox if a suitable script is present on the classpath of the component that evaluates the script.
Jenkins Script Security Plugin version 1402.v94c9ce464861 and earlier does not intercept the implicit type casts applied to the elements of typed for-each loops in sandboxed Groovy scripts, allowing attackers able to provide such scripts to invoke arbitrary constructors and bypass the sandbox protection.
OpenColorIO prior to version 2.5.2 contains a vulnerability in FileFormatSpi3D.cpp where sscanf with %s format writes data into 64-byte stack buffers. Input comes from a 4096-byte lineBuffer, allowing a crafted .spi3d file to overflow by approximately 4000 bytes on non-Windows systems.
A vulnerability in ProFTPD up to versions 1.3.9b and 1.3.10rc2 allows authenticated FTP users to bypass Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit unresolved symlink components in dir_canonical_path() to cause dir_check() to perform lexical path comparisons that match no configured Directory block, enabling rename operations on files in DenyAll-protected directories and subsequent retrieval.
A vulnerability in Google Gemini CLI and run-gemini-cli GitHub Action allows an unprivileged attacker to execute host-level code before sandboxing via a maliciously crafted .gemini/.env file. The issue affects CLI versions before 0.39.1 and Action versions before 0.1.22 on headless CI platforms.
An SQL injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes in n8n before version 2.4.0 allows authenticated users to inject arbitrary SQL through unescaped identifier values in node configuration parameters. Attackers with workflow creation permissions can supply specially crafted table or column names to execute unauthorized database commands and compromise data integrity.
Flowise before 3.1.0 (versions 3.0.13 and earlier) contains a missing authentication vulnerability in the /api/v1/loginmethod endpoint that allows unauthenticated users to retrieve an organization's complete SSO configuration, including OAuth client secrets in cleartext, by providing an organizationId parameter.
Capgo before 12.128.2 allows direct patching of public.apps.owner_org through PostgREST, bypassing the transfer_app() workflow and creating split-brain ownership. Attackers can directly update apps.owner_org while leaving app_versions.owner_org unchanged.
Capgo before version 12.128.2 enforces mandatory two-factor authentication only at the UI level. Sensitive organization management API endpoints do not validate 2FA completion on the backend, allowing an authenticated Admin user without 2FA to bypass the requirement.
Supabase Capgo before 12.128.2 contains an authorization bypass vulnerability in the SECURITY DEFINER record_build_time RPC function that allows unauthenticated attackers to insert arbitrary build-time records. Attackers can exploit this by calling POST /rest/v1/rpc/record_build_time with a public API key.
Capgo before 12.128.2 allows non-admin API keys to read webhook signing secrets due to insufficient row-level security policies on the webhooks table. Attackers can retrieve the webhook secret and forge valid X-Capgo-Signature headers to send authenticated webhook events to configured receivers.
Capgo versions before 12.128.2 fail to enforce limited_to_orgs and limited_to_apps constraints on subkeys provided via the x-limited-key-id header in the middlewareKey function. Attackers can bypass subkey scope restrictions by referencing their own subkeys.
Capgo before 12.128.2 contains a BOLA (broken object level authorization) vulnerability in the POST /build/start/:jobId and POST /build/cancel/:jobId endpoints. An attacker can exploit the controlled app_id to authorize requests, allowing them to start or cancel build jobs of other tenants.
Capgo before version 12.128.2 contains a cross-domain SSO account takeover vulnerability in the provision-user endpoint that allows attackers to merge arbitrary victim accounts based on email match without validating SSO provider domain authorization.

