Mon, May 18 · 05:16 PM CDTCVE-2026-45829
10.0/10 · Must read/watchNVDvuln
Summary
A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint
CVECVE-2026-45829
SeverityCRITICAL
TypeUPDATED
PublishedMon, May 18 · 05:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Fri, Jul 03 · 08:16 AM CDTCVE-2026-14544
9.8/10 · Must read/watchNVDvuln
Summary
A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted pr
CVECVE-2026-14544
SeverityCRITICAL
TypeUPDATED
PublishedFri, Jul 03 · 08:16 AM CDT
ModifiedWed, Jul 15 · 09:16 PM CDT
Tue, Jun 30 · 10:16 PM CDTCVE-2026-37106
9.8/10 · Must read/watchNVDvuln
Summary
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration (a non-default feature). The supplier also notes
CVECVE-2026-37106
SeverityCRITICAL
TypeUPDATED
PublishedTue, Jun 30 · 10:16 PM CDT
ModifiedWed, Jul 15 · 08:16 PM CDT
Thu, May 28 · 09:16 PM CDTCVE-2026-46817
9.8/10 · Must read/watchNVDvuln
Summary
Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnera
CVECVE-2026-46817
SeverityCRITICAL
TypeUPDATED
PublishedThu, May 28 · 09:16 PM CDT
ModifiedThu, Jul 16 · 05:16 AM CDT
Tue, Jun 23 · 09:16 PM CDTCVE-2026-11807
9.6/10 · Must read/watchNVDvuln
Summary
A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activation_id to receive plaintext credentials a
CVECVE-2026-11807
SeverityCRITICAL
TypeUPDATED
PublishedTue, Jun 23 · 09:16 PM CDT
ModifiedWed, Jul 15 · 03:16 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12294
9.6/10 · Must read/watchNVDvuln
Summary
Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
CVECVE-2026-12294
SeverityCRITICAL
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12295
9.6/10 · Must read/watchNVDvuln
Summary
Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
CVECVE-2026-12295
SeverityCRITICAL
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12296
9.6/10 · Must read/watchNVDvuln
Summary
Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
CVECVE-2026-12296
SeverityCRITICAL
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12297
9.6/10 · Must read/watchNVDvuln
Summary
Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
CVECVE-2026-12297
SeverityCRITICAL
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Fri, May 22 · 04:16 PM CDTCVE-2026-39821
9.6/10 · Must read/watchNVDvuln
Summary
The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a
CVECVE-2026-39821
SeverityCRITICAL
TypeUPDATED
PublishedFri, May 22 · 04:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Fri, Mar 20 · 11:16 PM CDTCVE-2026-33186
9.1/10 · Must read/watchNVDvuln
Summary
gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g.,
CVECVE-2026-33186
SeverityCRITICAL
TypeUPDATED
PublishedFri, Mar 20 · 11:16 PM CDT
ModifiedWed, Jul 15 · 02:17 PM CDT
Fri, Jun 12 · 06:16 PM CDTCVE-2026-44172
9.1/10 · Must read/watchNVDvuln
Summary
MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysql_real_escape_string() and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections, even though mysql_r
CVECVE-2026-44172
SeverityCRITICAL
TypeUPDATED
PublishedFri, Jun 12 · 06:16 PM CDT
ModifiedWed, Jul 15 · 04:17 PM CDT
Wed, Jun 24 · 05:17 PM CDTCVE-2026-52999
9.1/10 · Must read/watchNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix out-of-bounds read on option matching In nf_osf_match(), the nf_osf_hdr_ctx structure is initialized once and passed by reference to nf_osf_match_one() for each fingerprint checked. During TCP option parsing, nf_osf_match_
CVECVE-2026-52999
SeverityCRITICAL
TypeUPDATED
PublishedWed, Jun 24 · 05:17 PM CDT
ModifiedWed, Jul 15 · 12:54 PM CDT
Wed, Jul 08 · 09:16 PM CDTCVE-2026-54527
9.0/10 · Must read/watchNVDvuln
Summary
JupyterLab Git is a Git extension for JupyterLab. From 0.30.0b3 before 0.54.0, the PlainTextDiff.ts createHeader() method passes Git filenames directly to innerHTML when rendering renamed files in commit history, allowing a crafted filename to execute JavaScript when a victim views the rename diff in the Git History ta
CVECVE-2026-54527
SeverityCRITICAL
TypeUPDATED
PublishedWed, Jul 08 · 09:16 PM CDT
ModifiedWed, Jul 15 · 08:46 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12289
8.8/10 · Worth your timeNVDvuln
Summary
Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
CVECVE-2026-12289
SeverityHIGH
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12291
8.8/10 · Worth your timeNVDvuln
Summary
Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
CVECVE-2026-12291
SeverityHIGH
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Tue, Jun 09 · 05:17 PM CDTCVE-2026-45447
8.8/10 · Worth your timeNVDvuln
Summary
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedD
CVECVE-2026-45447
SeverityHIGH
TypeUPDATED
PublishedTue, Jun 09 · 05:17 PM CDT
ModifiedWed, Jul 15 · 02:18 PM CDT
Wed, Feb 05 · 05:15 AM CSTCVE-2025-1022
8.2/10 · Worth your timeNVDvuln
Summary
Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html(), which can be bypassed by omitting the slashes in the file URI (e.g., file:../../../../etc/passwd). This is due to missing validations of the user input that should
CVECVE-2025-1022
SeverityHIGH
TypeUPDATED
PublishedWed, Feb 05 · 05:15 AM CST
ModifiedWed, Jul 15 · 04:16 PM CDT
Wed, Apr 08 · 02:16 AM CDTCVE-2026-33810
8.2/10 · Worth your timeNVDvuln
Summary
When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in th
CVECVE-2026-33810
SeverityHIGH
TypeUPDATED
PublishedWed, Apr 08 · 02:16 AM CDT
ModifiedWed, Jul 15 · 02:17 PM CDT
Tue, May 26 · 10:16 PM CDTCVE-2026-42013
8.2/10 · Worth your timeNVDvuln
Summary
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-
CVECVE-2026-42013
SeverityHIGH
TypeUPDATED
PublishedTue, May 26 · 10:16 PM CDT
ModifiedWed, Jul 15 · 03:16 PM CDT
Tue, May 26 · 10:16 PM CDTCVE-2026-5260
8.2/10 · Worth your timeNVDvuln
Summary
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.
CVECVE-2026-5260
SeverityHIGH
TypeUPDATED
PublishedTue, May 26 · 10:16 PM CDT
ModifiedWed, Jul 15 · 03:16 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12290
8.1/10 · Worth your timeNVDvuln
Summary
Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
CVECVE-2026-12290
SeverityHIGH
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12292
8.1/10 · Worth your timeNVDvuln
Summary
Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
CVECVE-2026-12292
SeverityHIGH
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Tue, Jun 16 · 01:16 PM CDTCVE-2026-12328
8.1/10 · Worth your timeNVDvuln
Summary
Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Fir
CVECVE-2026-12328
SeverityHIGH
TypeUPDATED
PublishedTue, Jun 16 · 01:16 PM CDT
ModifiedWed, Jul 15 · 12:17 PM CDT
Wed, May 27 · 05:16 PM CDTCVE-2026-42790
8.1/10 · Worth your timeNVDvuln
Summary
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted (e.g. permitted;DNS:allowed.e
CVECVE-2026-42790
SeverityHIGH
TypeUPDATED
PublishedWed, May 27 · 05:16 PM CDT
ModifiedWed, Jul 15 · 02:18 PM CDT