CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-43414
Critical

In the Linux kernel, a double free of the fcport structure was found in the qla2xxx SCSI driver. The function qla2x00_els_dcmd_sp_free() frees fcport, and a subsequent kref_put() call triggers a second free, potentially causing memory corruption.

CVE-2026-43402
Critical

A vulnerability has been identified in the Linux kernel related to improper management of kthread exit paths, leading to a use-after-free issue. The problem was reported during KUnit testing, where crashes occurred due to corrupted RCU callback function pointers.

CVE-2026-43383
Critical

A vulnerability in the Linux kernel related to MAC comparison in the tcp-md5 protocol has been fixed to prevent timing attacks.

CVE-2026-43379
Critical

A vulnerability has been identified in the Linux kernel affecting the smb_lazy_parent_lease_break_close() function. The opinfo pointer is accessed after the RCU read unlock, leading to race conditions and potential use-after-free.

CVE-2026-43376
Critical

A vulnerability has been identified in the Linux kernel within ksmbd, related to a use-after-free error due to immediate freeing of the oplock_info structure. This issue occurs when the pointer is nullified without a grace period delay in RCU, allowing access to already freed memory.

CVE-2026-41588
Critical

RELATE is a web-based courseware package. Prior to commit 2f68e16, there was a timing attack vulnerability in course/auth.py — check_sign_in_key().

CVE-2026-41583
Critical

ZEBRA, a Zcash node written in Rust, prior to zebrad version 4.3.1 and zebra-script version 5.0.2, failed to validate a consensus rule regarding hash types for V5 transactions, potentially leading to a consensus split. Additionally, for V4 transactions, an incorrect hash type was used, which could also result in a consensus split.

CVE-2026-41574
Critical

Nhost, an alternative to Firebase, prior to version 0.49.1 automatically linked an incoming OAuth identity to an existing Nhost account when email addresses matched. The issue was that some provider adapters incorrectly populated the email verification field, potentially leading to unauthorized access.

CVE-2026-37431
Critical

Beauty Parlour Management System v1.1 was found to have a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.

CVE-2026-44336
Critical

PraisonAI prior to version 4.6.34 has a vulnerability in the MCP server that allows an attacker to write files outside the rules directory. This can lead to arbitrary code execution in the user's context.

CVE-2026-44335
Critical

PraisonAI is a multi-agent teams system. Prior to version 1.6.32, the URL checking logic in PraisonAI had a logical flaw that could be bypassed by attackers, leading to SSRF attacks.

CVE-2026-44128
Critical

SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval.

CVE-2026-44126
Critical

SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which may allow unauthenticated remote attackers to execute code via a crafted serialized object.

CVE-2026-44125
Critical

SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session.

CVE-2026-43341
Critical

A vulnerability has been identified in the Linux kernel that allows for a buffer overflow in the ioam6_fill_trace_data() function. The issue arises from improper storage of the schema length, leading to a bypass of the remaining space check in the trace buffer.

CVE-2026-41512
Critical

In versions from 1.0.0 to before 1.4.1, the ai-scanner tool has a remote code execution vulnerability via JavaScript injection in `BrowserAutomation::PlaywrightService`. This issue has been patched in version 1.4.1.

CVE-2026-41509
Critical

The CROSS implementation includes reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there was a buffer overflow in crypto_sign_open() caused by an underflow of the integer mlen.

CVE-2026-41507
Critical

math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse() was injected verbatim into a new Function() body without sanitization, allowing attackers to execute arbitrary system commands.

CVE-2026-41497
Critical

PraisonAI is a multi-agent system that prior to version 4.6.9 had a vulnerability in MCP command handling. The lack of a command allowlist and argument validation in parse_mcp_command() allowed arbitrary executables like bash or python with inline code execution flags to be executed.

CVE-2026-25199
Critical

The Proxmox extension for Apache CloudStack allows unauthorized access to instances belonging to other tenants. The issue arises from improper use of an instance setting, enabling attackers to modify and gain control over virtual machines of other users.

PreviousPage 85 of 560Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS