Export limit exceeded: 350765 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350765 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44446 | 1 Frappe | 1 Erpnext | 2026-05-13 | 8.8 High |
| ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.104.3 and 16.14.0, some endpoints were vulnerable to SQL injection through specially crafted requests, which would allow a malicious actor to extract sensitive information. This vulnerability is fixed in 15.104.3 and 16.14.0. | ||||
| CVE-2026-27135 | 1 Nghttp2 | 1 Nghttp2 | 2026-05-13 | 7.5 High |
| nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API `nghttp2_session_terminate_session` or `nghttp2_session_terminate_session2` is called by the application. They might be called internally by the library when it detects the situation that is subject to connection error. Due to the missing internal state validation, the library keeps reading the rest of the data after one of those APIs is called. Then receiving a malformed frame that causes FRAME_SIZE_ERROR causes assertion failure. nghttp2 v1.68.1 adds missing state validation to avoid assertion failure. No known workarounds are available. | ||||
| CVE-2026-28996 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-13 | 5.5 Medium |
| A race condition was addressed with additional validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to access sensitive user data. | ||||
| CVE-2026-28958 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-05-13 | 5.5 Medium |
| This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data. | ||||
| CVE-2026-28953 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28944 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-05-13 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-33381 | 2026-05-13 | 5.9 Medium | ||
| When a user's access to mint tokens for a service account is revoked, it is sometimes still possible to do so for a few seconds after the event. The user will eventually lose access to do this. | ||||
| CVE-2026-33380 | 2026-05-13 | 6.3 Medium | ||
| A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from the Grafana server's filesystem. Only instances with the sqlExpressions feature toggle enabled are vulnerable. | ||||
| CVE-2026-33378 | 2026-05-13 | 6.5 Medium | ||
| Using the $__timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server. | ||||
| CVE-2026-28883 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 7.5 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28913 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-05-13 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28917 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 4.3 Medium |
| The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28383 | 2026-05-13 | 6.5 Medium | ||
| A request to the Grafana plugin resources endpoint can cause unbounded memory allocation by reading the entire request body into memory. An authenticated user can exploit this to trigger an out-of-memory condition, potentially causing a denial of service. | ||||
| CVE-2026-28374 | 2026-05-13 | 4.3 Medium | ||
| Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations. | ||||
| CVE-2026-43658 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-28946 | 1 Apple | 1 Macos | 2026-05-13 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-33377 | 2026-05-13 | 7.1 High | ||
| An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the dashboard to escalate privilege. | ||||
| CVE-2026-33376 | 2026-05-13 | 7.4 High | ||
| When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask (usually /128) to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here. | ||||
| CVE-2026-42602 | 1 Opentelemetry | 1 Opentelemetry Collector Contrib | 2026-05-13 | 8.1 High |
| azureauthextension is the Azure Authenticator Extension. From 0.124.0 to 0.150.0, a server-side authentication bypass in azureauthextension allows any party who holds a single valid Azure access token for any scope the collector's configured identity can mint for to authenticate to any OpenTelemetry receiver that uses auth: azure_auth. The extension's Authenticate method does not validate incoming bearer tokens as JWTs. Instead, it calls its own configured credential to obtain an access token and compares the client's token to the result with string equality — and the scope for that server-side token request is taken from the client-supplied Host header. As a result, a token minted for any Azure resource the service principal has ever been issued a token for (ARM, Graph, Key Vault, Storage, etc.) will authenticate to the collector if the attacker picks a matching Host. Tokens are replayable for the full issued lifetime (commonly several hours for managed identity tokens). | ||||
| CVE-2026-42577 | 1 Netty | 1 Netty | 2026-05-13 | 7.5 High |
| Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100% CPU busy-loop in the event loop thread. This vulnerability is fixed in 4.2.13.Final. | ||||