CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
In versions prior to 2026.516.143833, Sunshine, a game streaming host, has a vulnerability in client-certificate authentication that can be bypassed due to improper handling of OpenSSL verification results. This allows an untrusted certificate to pass authentication and access protected HTTPS endpoints.
The ToASCII and ToUnicode functions in the idna package incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") returns "example.com" instead of an error.
W systemie syslink software AG Avantra na platformach Linux i Windows występuje luka związana z niewystarczającym wygasaniem sesji, co pozwala na ponowne wykorzystanie identyfikatorów sesji (tzw. Session Replay). Problem ten dotyczy wersji Avantra przed 25.3.1.
An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository.
An attacker sending tcp, il, rudp, or gre packets with a length less than the header size would trigger a kernel panic.
CVE-2026-46595 is a vulnerability in SSH server that bypasses source-address validation when callbacks other than public key are used. The fix for CVE-2024-45337 was incomplete, allowing attackers to bypass authorization.
A vulnerability in the key management system causes a revoked 'SignatureKey' belonging to a CA to not be correctly checked for revocation. Now both 'key' and 'key.SignatureKey' are verified for @revoked.
CVE-2026-39834 is a vulnerability related to an integer overflow that occurs when writing data larger than 4GB in a single Write call on an SSH channel. This error causes the write loop to spin indefinitely, sending empty packets without making progress.
The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect.
A vulnerability in OpenSSH causes constraint extensions such as [email protected] not to be serialized in the request when adding a key to a remote agent. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host.
Metoda Verify() dla typów kluczy bezpieczeństwa FIDO/U2F nie sprawdzała flagi obecności użytkownika. Podpisy generowane bez fizycznego dotyku były akceptowane, co umożliwiało nieautoryzowane użycie klucza bezpieczeństwa.
A malicious SSH peer can send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine cannot be released by calling Close(), causing a resource leak per connection. Unsolicited global responses are now discarded.
A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window.
UniFi OS devices have a vulnerability due to improper input validation that can be exploited by a malicious actor with network access to perform Command Injection.
A Path Traversal vulnerability in UniFi OS devices can be exploited by a malicious actor with network access. This allows access to files on the underlying system, which could be manipulated to access an underlying account.
There is an Improper Access Control vulnerability in UniFi OS devices that can be exploited by a malicious actor with network access to make unauthorized changes to the system.
There is an improper input validation vulnerability in UniFi OS devices that can be exploited by a malicious actor with network access and high privileges to execute a Command Injection attack.
The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_booking_form_func' function in all versions up to and including 5.6. This allows unauthenticated attackers to upload arbitrary files on the affected site's server.
Apache Fory has a vulnerability related to the deserialization of untrusted data in ReduceSerializer, which could bypass DeserializationPolicy validation during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory Python-native mode with strict mode disabled.
CVE-2026-39531 describes an improper neutralization of special elements used in SQL commands, allowing for Blind SQL Injection in WP Directory Kit.

