Search

74,887 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH8.8CVE-2026-49143browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler6/3/2026
MEDIUM6.5CVE-2026-49144browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server6/3/2026
HIGH7.5CVE-2026-42342React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint6/3/2026
HIGH8.1CVE-2026-42211React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE6/3/2026
—CVE-2026-40181React Router's same-origin redirect with path starting // causes open redirect via protocol-relative URL reinterpretation6/3/2026
HIGH8.0CVE-2026-33245React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets6/3/2026
MEDIUM5.4CVE-2026-33244React Router has stored XSS via unescaped Location header in prerendered redirect HTML6/3/2026
—CVE-2024-52011launch-editor vulnerable to command injection via the crafted request on Windows6/3/2026
—CVE-2026-42507Arbitrary inputs are included in errors without any escaping in net/textproto6/2/2026
—CVE-2026-42504Quadratic complexity in WordDecoder.DecodeHeader in mime6/2/2026
—CVE-2026-27145Inefficient candidate hostname parsing in crypto/x5096/2/2026
MEDIUM6.3CVE-2026-49943CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS_PATH mask matching implementation i…6/2/2026
LOW3.3CVE-2026-10528EPSS 0.01%A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11.6/2/2026
LOW3.3CVE-2026-10298EPSS 0.01%A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2.6/1/2026
MEDIUM4.3CVE-2026-46605EPSS 0.06%Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing d…6/1/2026
MEDIUM6.1CVE-2026-42253EPSS 0.17%Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web.6/1/2026
HIGH8.8CVE-2026-49157EPSS 0.07%Incorrect Default Permissions vulnerability in Apache ActiveMQ.6/1/2026
HIGH8.1CVE-2026-42588EPSS 0.06%Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache Active…6/1/2026
HIGH8.8CVE-2026-45505EPSS 0.10%Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache Active…6/1/2026
MEDIUM5.9CVE-2026-49270EPSS 0.09%Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.6/1/2026
MEDIUM4.3CVE-2026-10294EPSS 0.03%A vulnerability has been found in PackageKit up to 1.3.5.6/1/2026
HIGH7.8CVE-2026-43958EPSS 0.01%A flaw was found in rrdcached, a component of rrdtool.6/1/2026
MEDIUM4.3CVE-2026-45729EPSS 0.03%Thor Vector Graphics (ThorVG) is a production-ready vector graphics engine.6/1/2026
HIGH7.8CVE-2026-46243EPSS 0.02%In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key…6/1/2026
MEDIUM5.0CVE-2026-10275EPSS 0.06%A flaw has been found in OpenSC up to 0.26.1.6/1/2026

Page 1 of 2996Next →