Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10441 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44111 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44111 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-29184 | 2 Backstage, Linuxfoundation | 2 Backstage, Backstage\/plugin-scaffolder-backend | 2026-04-25 | 2 Low |
| Backstage is an open framework for building developer portals. Prior to version 3.1.4, a malicious scaffolder template can bypass the log redaction mechanism to exfiltrate secrets provided run through task event logs. This issue has been patched in version 3.1.4. | ||||
| CVE-2025-52628 | 1 Hcltech | 1 Aion | 2026-04-25 | 4.6 Medium |
| HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow cookies to be sent in cross-site requests, potentially increasing exposure to cross-site request forgery and related security risks. This issue affects AION: 2.0. | ||||
| CVE-2026-6984 | 1 Astrbot | 1 Astrbot | 2026-04-25 | 4.7 Medium |
| A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function create_template of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in improper neutralization of special elements used in a template engine. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-0988 | 1 Redhat | 2 Enterprise Linux, Hummingbird | 2026-04-24 | 3.7 Low |
| A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS). | ||||
| CVE-2026-39320 | 1 Signalk | 2 Signal K Server, Signalk-server | 2026-04-24 | 7.5 High |
| Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to an unauthenticated Regular Expression Denial of Service (ReDoS) attack within the WebSocket subscription handling logic. By injecting unescaped regex metacharacters into the `context` parameter of a stream subscription, an attacker can force the server's Node.js event loop into a catastrophic backtracking loop when evaluating long string identifiers (like the server's self UUID). This results in a total Denial of Service (DoS) where the server CPU spikes to 100% and becomes completely unresponsive to further API or socket requests. Version 2.25.0 contains a fix. | ||||
| CVE-2026-40319 | 2 Giskard, Giskard-ai | 2 Giskard, Giskard | 2026-04-24 | 5.5 Medium |
| Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search() without any timeout or complexity guard. A crafted regex pattern can trigger catastrophic backtracking, causing the process to hang indefinitely. Exploitation requires write access to a check definition and subsequent execution of the test suite. This issue has been fixed in giskard-checks version 1.0.2b1. | ||||
| CVE-2026-40320 | 2 Giskard, Giskard-ai | 2 Giskard, Giskard | 2026-04-24 | 7.8 High |
| Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the ConformityCheck class rendered the rule parameter through Jinja2's default Template() constructor, silently interpreting template expressions at runtime. If check definitions are loaded from an untrusted source, a crafted rule string could achieve arbitrary code execution. Exploitation requires write access to a check definition and subsequent execution of the test suite. This issue has been fixed in giskard-checks version 1.0.2b1. | ||||
| CVE-2026-27890 | 1 Firebirdsql | 1 Firebird | 2026-04-24 | 8.2 High |
| Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCT_specific_data segments during authentication, the server assumes segments arrive in strictly ascending order. If segments arrive out of order, the Array class's grow() method computes a negative size value, causing a SIGSEGV crash. An unauthenticated attacker who knows only the server's IP and port can exploit this to crash the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14. | ||||
| CVE-2026-26153 | 1 Microsoft | 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more | 2026-04-24 | 7.8 High |
| Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-26155 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-04-24 | 6.5 Medium |
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | ||||
| CVE-2026-26156 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-04-24 | 7.8 High |
| Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-28214 | 1 Firebirdsql | 1 Firebird | 2026-04-24 | 6.5 Medium |
| Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize() function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges on any table can exploit this via a crafted Batch Parameter Block to cause a denial of service against the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14. | ||||
| CVE-2026-23354 | 1 Linux | 1 Linux Kernel | 2026-04-24 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fred_extint() array_index_nospec() is no use if the result gets spilled to the stack, as it makes the believed safe-under-speculation value subject to memory predictions. For all practical purposes, this means array_index_nospec() must be used in the expression that accesses the array. As the code currently stands, it's the wrong side of irqentry_enter(), and 'index' is put into %ebp across the function call. Remove the index variable and reposition array_index_nospec(), so it's calculated immediately before the array access. | ||||
| CVE-2026-0930 | 2 Wolfssh, Wolfssl | 2 Wolfssh, Wolfssh | 2026-04-24 | 4.3 Medium |
| Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output. | ||||
| CVE-2026-33602 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 6.5 Medium |
| A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service. | ||||
| CVE-2026-33599 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 3.1 Low |
| A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade (Lua) option to newServer or auto_upgrade (YAML) settings. DDR upgrade is not enabled by default. | ||||
| CVE-2026-33598 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 4.8 Medium |
| A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache. | ||||
| CVE-2026-33597 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 3.7 Low |
| PRSD detection denial of service | ||||
| CVE-2026-33596 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 3.1 Low |
| A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend. | ||||
| CVE-2026-23363 | 1 Linux | 1 Linux Kernel | 2026-04-24 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211() Check frame length before accessing the mgmt fields in mt7925_mac_write_txwi_80211 in order to avoid a possible oob access. | ||||