Export limit exceeded: 359063 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359063 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-10303 | 2026-06-16 | 7.4 High | ||
| In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being used in challenge-file handling, allowing a maliciously crafted token to influence local path/filename usage during validation. An attacker who can supply ACME challenge responses to getssl (for example, a malicious or compromised CA endpoint, or an on-path adversary able to tamper with that response path) could exploit this to achieve unauthorized file write/path traversal effects, usually with elevated privileges, ultimately allowing for remote command injection. This issue appears related in spirit to CVE-2023-38198, and is an instance of CWE-73, "External control of file name or path." Other ACME shell script handlers may be affected by similar issues. | ||||
| CVE-2026-42915 | 1 Microsoft | 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more | 2026-06-16 | 5.7 Medium |
| Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service over an adjacent network. | ||||
| CVE-2026-47750 | 2026-06-16 | 7.8 High | ||
| stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the GLOBAL opcode handler. The issue was caused by missing validation when searching for newline-delimited fields. A crafted .ckpt file without the expected newline could cause the parser to use -1 as a copy length, resulting in immediate heap corruption. The attack requires the victim or application to load a .ckpt file from an untrusted source, such as a downloaded model from a model sharing site. The issue has been resolved in version master-584-0a7ae07. If developers are unable to immediately update their applications they can work around this issue by following these instructions: do not load .ckpt checkpoint files from untrusted sources, and prefer trusted model sources and safer formats such as .safetensors where possible. | ||||
| CVE-2026-12310 | 1 Mozilla | 1 Firefox | 2026-06-16 | 7.5 High |
| Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | ||||
| CVE-2026-24637 | 2026-06-16 | 8.5 High | ||
| Contributor SQL Injection in PowerPress Podcasting <= 11.15.10 versions. | ||||
| CVE-2026-12312 | 1 Mozilla | 1 Firefox | 2026-06-16 | 7.5 High |
| Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | ||||
| CVE-2025-68049 | 2026-06-16 | 6.3 Medium | ||
| Subscriber Broken Access Control in bunny.net <= 2.3.6 versions. | ||||
| CVE-2026-27407 | 2026-06-16 | 7.2 High | ||
| Editor Privilege Escalation in AI Engine <= 3.4.9 versions. | ||||
| CVE-2026-45602 | 1 Microsoft | 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more | 2026-06-16 | 9.1 Critical |
| No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network. | ||||
| CVE-2026-28237 | 1 Amd | 2 Amd Uprof, Uprof | 2026-06-16 | 5.5 Medium |
| Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability. | ||||
| CVE-2026-40773 | 2026-06-16 | 6.5 Medium | ||
| Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions. | ||||
| CVE-2026-0466 | 1 Amd | 2 Amd Uprof, Uprof | 2026-06-16 | 5.5 Medium |
| Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service. | ||||
| CVE-2026-39481 | 2 Wordpress, Wpchill | 2 Wordpress, Modula Image Gallery | 2026-06-16 | 7.2 High |
| Author PHP Object Injection in Modula Image Gallery <= 2.14.18 versions. | ||||
| CVE-2026-53866 | 1 Openclaw | 1 Openclaw | 2026-06-16 | 8.1 High |
| OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execute unapproved commands. A command request using shell inline-command forms could route through a parser case missing the expected allowlist decision, enabling shell content execution without intended approval prompts. | ||||
| CVE-2026-53861 | 1 Openclaw | 1 Openclaw | 2026-06-16 | 6.6 Medium |
| OpenClaw before 2026.5.6 contains an allowlist bypass vulnerability in the macOS Swift exec feature that misses combined POSIX inline-command flags. Attackers can execute shell content outside the intended allowlist check by using combined flag forms, potentially allowing unauthorized command execution depending on operator configuration. | ||||
| CVE-2026-53860 | 1 Openclaw | 1 Openclaw | 2026-06-16 | 4.2 Medium |
| OpenClaw before 2026.5.7 contains a sender policy bypass vulnerability in BlueBubbles that allows participants to match allowlist entries through conversation metadata rather than stable sender identity. Attackers can influence conversation-level identifiers to receive agent responses intended for configured senders, potentially bypassing access controls. | ||||
| CVE-2026-53855 | 1 Openclaw | 1 Openclaw | 2026-06-16 | 8.1 High |
| OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell carriers outside intended allowlist rules, enabling execution of unapproved shell-provided content. | ||||
| CVE-2026-53854 | 1 Openclaw | 1 Openclaw | 2026-06-16 | 6.5 Medium |
| OpenClaw before 2026.4.25 contains a privilege escalation vulnerability in internal and webchat command authentication that allows senders to inherit wildcard ownerAllowFrom state across channel boundaries. Attackers can exploit this by sending commands on affected internal or webchat paths to execute owner-style command behavior outside intended channel scope, potentially bypassing access controls. | ||||
| CVE-2026-53849 | 1 Openclaw | 1 Openclaw | 2026-06-16 | 8.1 High |
| OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names instead of immutable user IDs. Attackers with Discord accounts can change their display name to match a policy entry and gain unauthorized agent access intended for another Discord identity. | ||||
| CVE-2026-53848 | 1 Openclaw | 1 Openclaw | 2026-06-16 | 4.3 Medium |
| OpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated operators to execute wrapper-level side effects outside allowlisted command intent. Attackers can craft command requests that bypass allowlist validation by leveraging transparent command wrappers to perform unintended operations. | ||||