CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
In the Linux kernel, a double free of the fcport structure was found in the qla2xxx SCSI driver. The function qla2x00_els_dcmd_sp_free() frees fcport, and a subsequent kref_put() call triggers a second free, potentially causing memory corruption.
A vulnerability has been identified in the Linux kernel related to improper management of kthread exit paths, leading to a use-after-free issue. The problem was reported during KUnit testing, where crashes occurred due to corrupted RCU callback function pointers.
A vulnerability in the Linux kernel related to MAC comparison in the tcp-md5 protocol has been fixed to prevent timing attacks.
A vulnerability has been identified in the Linux kernel affecting the smb_lazy_parent_lease_break_close() function. The opinfo pointer is accessed after the RCU read unlock, leading to race conditions and potential use-after-free.
A vulnerability has been identified in the Linux kernel within ksmbd, related to a use-after-free error due to immediate freeing of the oplock_info structure. This issue occurs when the pointer is nullified without a grace period delay in RCU, allowing access to already freed memory.
RELATE is a web-based courseware package. Prior to commit 2f68e16, there was a timing attack vulnerability in course/auth.py — check_sign_in_key().
ZEBRA, a Zcash node written in Rust, prior to zebrad version 4.3.1 and zebra-script version 5.0.2, failed to validate a consensus rule regarding hash types for V5 transactions, potentially leading to a consensus split. Additionally, for V4 transactions, an incorrect hash type was used, which could also result in a consensus split.
Nhost, an alternative to Firebase, prior to version 0.49.1 automatically linked an incoming OAuth identity to an existing Nhost account when email addresses matched. The issue was that some provider adapters incorrectly populated the email verification field, potentially leading to unauthorized access.
Beauty Parlour Management System v1.1 was found to have a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.
PraisonAI prior to version 4.6.34 has a vulnerability in the MCP server that allows an attacker to write files outside the rules directory. This can lead to arbitrary code execution in the user's context.
PraisonAI is a multi-agent teams system. Prior to version 1.6.32, the URL checking logic in PraisonAI had a logical flaw that could be bypassed by attackers, leading to SSRF attacks.
SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval.
SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which may allow unauthenticated remote attackers to execute code via a crafted serialized object.
SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session.
A vulnerability has been identified in the Linux kernel that allows for a buffer overflow in the ioam6_fill_trace_data() function. The issue arises from improper storage of the schema length, leading to a bypass of the remaining space check in the trace buffer.
In versions from 1.0.0 to before 1.4.1, the ai-scanner tool has a remote code execution vulnerability via JavaScript injection in `BrowserAutomation::PlaywrightService`. This issue has been patched in version 1.4.1.
The CROSS implementation includes reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there was a buffer overflow in crypto_sign_open() caused by an underflow of the integer mlen.
math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse() was injected verbatim into a new Function() body without sanitization, allowing attackers to execute arbitrary system commands.
PraisonAI is a multi-agent system that prior to version 4.6.9 had a vulnerability in MCP command handling. The lack of a command allowlist and argument validation in parse_mcp_command() allowed arbitrary executables like bash or python with inline code execution flags to be executed.
The Proxmox extension for Apache CloudStack allows unauthorized access to instances belonging to other tenants. The issue arises from improper use of an instance setting, enabling attackers to modify and gain control over virtual machines of other users.

