Vulnerabilities

Recent vulnerabilities

Recent vulnerabilities from 🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.

CVE Program

Recent vulnerabilities · 363880 entries
ID CVSS Description Vendor Product Published Updated
CVE-2026-55076
7.4 (3.1)
Coder's OIDC email_verified type coercion bypass enabl… coder
coder
2026-07-07T22:23:26.179Z 2026-07-08T14:03:39.329Z
CVE-2026-50007
7.2 (4.0)
Actual: Shared users can perform owner-only file manag… actualbudget
actual
2026-07-07T20:53:21.457Z 2026-07-08T14:02:20.277Z
CVE-2026-5459
5.3 (3.1)
User Frontend: AI Powered Frontend Posting, User Direc… wedevs
User Frontend: AI Powered Frontend Posting, User Directory, Profile Builder, Membership & User Registration
2026-07-08T12:33:16.401Z 2026-07-08T14:00:54.082Z
CVE-2026-55437
5.4 (3.1)
Coder vulnerable to stored HTML injection via workspac… coder
coder
2026-07-08T00:29:18.268Z 2026-07-08T14:00:43.204Z
CVE-2026-6230
7.5 (3.1)
Tainacan <= 1.0.3 - Unauthenticated SQL Injection via … tainacan
Tainacan
2026-07-08T11:30:32.366Z 2026-07-08T14:00:11.719Z
CVE-2026-15035
4.8 (4.0)
5.3 (3.1)
5.3 (3.0)
bentoml OpenLLM Model Repository Directory Name common… bentoml
OpenLLM
2026-07-08T14:00:09.786Z 2026-07-08T14:00:09.786Z
CVE-2026-55655
5 (3.1)
Openssh: local mitm of x11 forwarding via abstract uni… Red Hat
Red Hat Hardened Images
2026-06-23T03:36:25.724Z 2026-07-08T13:59:46.603Z
CVE-2026-55654
3.7 (3.1)
Openssh: heap out-of-bounds read in red hat enterprise… Red Hat
Red Hat Hardened Images
2026-06-23T03:37:00.160Z 2026-07-08T13:59:46.550Z
CVE-2026-55653
4.3 (3.1)
Openssh: double free in red hat enterprise linux versi… Red Hat
Red Hat Hardened Images
2026-06-23T03:36:22.741Z 2026-07-08T13:59:46.452Z
CVE-2026-14740
9.1 (3.1)
DBI versions before 1.650 for Perl read one byte out-o… HMBRAND
DBI
2026-07-07T22:05:45.077Z 2026-07-08T13:59:33.009Z
CVE-2026-12041
4.4 (3.1)
Chatra Live Chat + ChatBot + Cart Saver <= 1.0.12 - Au… chatra
Chatra Live Chat + ChatBot + Cart Saver
2026-07-08T05:34:08.842Z 2026-07-08T13:59:24.726Z
CVE-2026-9700
7.5 (3.1)
Eventer <= 4.4.2 - Unauthenticated SQL Injection via '… joe007
Eventer
2026-07-08T05:34:08.504Z 2026-07-08T13:58:51.010Z
CVE-2026-49229
8.3 (3.1)
Actual: Disabled OpenID users keep access through exis… actualbudget
actual
2026-07-07T20:59:34.173Z 2026-07-08T13:58:43.272Z
CVE-2026-14482
8.8 (3.1)
多说社会化评论框 <= 1.2 - Unauthenticated Privilege Escalation… shen2
多说社会化评论框
2026-07-08T04:30:50.223Z 2026-07-08T13:57:46.333Z
CVE-2026-50530
7.1 (4.0)
DataEase: Token with Overly Broad Privileges in Share … dataease
dataease
2026-07-07T20:41:07.576Z 2026-07-08T13:57:27.568Z
CVE-2026-55431
7.7 (3.1)
Coder's session token leaked to arbitrary hosts via `c… coder
coder
2026-07-08T00:10:49.165Z 2026-07-08T13:57:02.059Z
CVE-2026-14739
9.8 (3.1)
DBI versions before 1.650 for Perl have a heap overflo… HMBRAND
DBI
2026-07-07T22:05:18.457Z 2026-07-08T13:56:43.597Z
CVE-2026-55078
6.5 (3.1)
Coder: Zip upload decompression lacks aggregate size l… coder
coder
2026-07-07T22:47:07.079Z 2026-07-08T13:55:16.017Z
CVE-2026-45796
6.5 (3.1)
Coder vulnerable to unauthenticated SSRF via Azure Ins… coder
coder
2026-07-07T21:03:11.066Z 2026-07-08T13:53:41.602Z
CVE-2026-54601
6.3 (3.1)
FastGPT: reTrainingCollection allows server-owned data… labring
FastGPT
2026-07-07T21:16:12.976Z 2026-07-08T13:53:13.863Z
CVE-2026-28378
3.1 (3.1)
Cross-Organization Public Dashboard Deletion via Missi… Grafana
Grafana Enterprise
2026-07-07T21:08:04.579Z 2026-07-08T13:52:50.293Z
CVE-2026-55490
6.5 (3.1)
OpenWrt: EAD Integer Underflow → Pre-Auth Denial of Service openwrt
openwrt
2026-07-07T21:08:26.638Z 2026-07-08T13:52:07.490Z
CVE-2026-60092
5.1 (4.0)
6.1 (3.1)
AVideo - Stored Cross-Site Scripting via Unescaped Use… AVideo
AVideo
2026-07-08T13:51:30.509Z 2026-07-08T13:51:30.509Z
CVE-2026-55647
5.1 (4.0)
DataEase: authenticated stored XSS in the dashboard te… dataease
dataease
2026-07-07T20:37:54.884Z 2026-07-08T13:50:59.742Z
CVE-2026-59153
2.1 (4.0)
Anki's local HTTP server does not sufficiently validat… ankitects
anki
2026-07-07T21:11:01.808Z 2026-07-08T13:50:15.783Z
CVE-2026-53751
8.7 (4.0)
DataEase: H2 JDBC URL Filter Bypass Leads to Remote Co… dataease
dataease
2026-07-07T20:31:12.180Z 2026-07-08T13:49:16.880Z
CVE-2026-59257
5.3 (4.0)
n8n - SQL Injection in MySQL v1 executeQuery Operation… n8n
n8n
2026-07-08T13:49:13.618Z 2026-07-08T13:49:13.618Z
CVE-2026-59253
5.3 (4.0)
n8n - Improper Authorization in Workflow Assignment to… n8n
n8n
2026-07-08T13:49:12.902Z 2026-07-08T13:49:12.902Z
CVE-2026-58657
4.8 (4.0)
4.8 (3.1)
Grav - Stored CSS Injection via Markdown Image resize(… Grav
Grav
2026-07-08T13:49:12.183Z 2026-07-08T13:49:12.183Z
CVE-2026-58656
8.7 (4.0)
7.5 (3.1)
Grav API Plugin - Cross-Origin Admin Account Takeover … getgrav
grav
2026-07-08T13:49:11.408Z 2026-07-08T13:49:11.408Z