Export limit exceeded: 351558 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351558 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7163 | 1 Redhat | 2 Multicluster Engine, Multicluster Engine For Kubernetes | 2026-05-19 | 6.1 Medium |
| A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub. The credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace. The affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected. This issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode. Successful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters. | ||||
| CVE-2025-13601 | 2 Gnome, Redhat | 41 Glib, Ceph Storage, Codeready Linux Builder and 38 more | 2026-05-19 | 7.7 High |
| A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. | ||||
| CVE-2026-44408 | 2026-05-19 | 6.3 Medium | ||
| There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can modify configuration through the interface. | ||||
| CVE-2026-47309 | 1 Samsung Open Source | 1 Escargot | 2026-05-19 | 5.5 Medium |
| Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Oversized Serialized Data Payloads. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3. | ||||
| CVE-2026-47311 | 1 Samsung Open Source | 1 Escargot | 2026-05-19 | 7.8 High |
| Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3. | ||||
| CVE-2026-41525 | 1 Kde | 1 Dolphin | 2026-05-19 | 6.5 Medium |
| KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of the application sandbox without additional scrutiny. Dolphin's implementation of the FileManager1 protocol allows the path given to be any type of file, including scripts or executables. (By default, Dolphin will then prompt the user to determine if they want to launch a script or executable; however, the intended behavior is to block the attempted action, not present a consent prompt.) | ||||
| CVE-2026-4885 | 2026-05-19 | 9.8 Critical | ||
| The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'pafe_ajax_form_builder' function in all versions up to, and including, 7.1.70. The plugin uses an incomplete extension blacklist that only blocks php, phpt, php5, php7, and exe extensions, while allowing dangerous extensions such as .phar or .phtml to be uploaded. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The exploit can only be exploited if a file field is added to the form. | ||||
| CVE-2026-32994 | 1 Rocket.chat | 1 Rocket.chat | 2026-05-19 | N/A |
| The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content of any message from any room (private groups, direct messages, channels) by simply providing the target message ID. The endpoint fetches the message via Messages.findOneById(messageId) with no room access check (canAccessRoomIdAsync is never called), returning the complete IMessage object including message text, sender info, room ID, timestamps, and markdown content. | ||||
| CVE-2026-25110 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 3.3 Low |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||||
| CVE-2026-25850 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 5.5 Medium |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak | ||||
| CVE-2026-24792 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 8.1 High |
| in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps. | ||||
| CVE-2026-27781 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 3.3 Low |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||||
| CVE-2026-28751 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 3.3 Low |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||||
| CVE-2026-25781 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 8.4 High |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered. | ||||
| CVE-2026-27766 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 5.5 Medium |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak. | ||||
| CVE-2026-28733 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 6.5 Medium |
| in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution. | ||||
| CVE-2026-33565 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 3.3 Low |
| in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | ||||
| CVE-2026-27648 | 1 Openharmony | 1 Openharmony | 2026-05-19 | 8.8 High |
| in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps. | ||||
| CVE-2026-43487 | 1 Linux | 1 Linux Kernel | 2026-05-19 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Disable LPM on ST1000DM010-2EP102 According to a user report, the ST1000DM010-2EP102 has problems with LPM, causing random system freezes. The drive belongs to the same BarraCuda family as the ST2000DM008-2FR102 which has the same issue. | ||||
| CVE-2026-33232 | 1 Significant-gravitas | 1 Autogpt | 2026-05-19 | 7.5 High |
| AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service (DoS) through the server due to uncontrolled disk space consumption. The download_agent_file endpoint creates persistent temporary files for every request but fails to delete them after they are served. An unauthenticated attacker can repeatedly call this endpoint to exhaust the server's disk space, causing the database or other system services to fail due to "No space left on device" errors, rendering the entire AutoGPT Platform backend unavailable to all users. This issue has been patched in version 0.6.52. | ||||