Export limit exceeded: 358249 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358249 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-53833 | 2 Openclaw, Qqbot | 2 Openclaw, Qqbot | 2026-06-16 | 7.7 High |
| OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate configuration without explicit allowFrom restrictions. Attackers can modify QQBot streaming configuration outside intended admin policy by reaching the affected command without non-wildcard allowlist entry requirements. | ||||
| CVE-2026-12087 | 2026-06-16 | N/A | ||
| Socket versions before 2.041 for Perl have an out-of-bounds heap read. In Socket.xs, pack_ip_mreq_source() checks the length of its source argument before the argument is read, so the check tests the byte length carried over from the preceding multiaddr argument instead. Both addresses occupy a 4-byte field, so a valid multiaddr lets a source of any length pass the check, and the source is then copied into the 4-byte imr_sourceaddr field with a fixed-size copy. A source shorter than 4 bytes is not rejected, and the copy reads up to 3 bytes past the end of its buffer. Calling pack_ip_mreq_source() with a source value shorter than 4 bytes copies adjacent heap memory into the returned packed structure. | ||||
| CVE-2026-46690 | 1 Spearman | 1 Unbounded-spsc | 2026-06-16 | 5.8 Medium |
| unbounded_spsc is an "unbounded" extension of bounded_spsc_queue. In versions 0.2.0 and prior, sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race. At time of publication, there are no publicly available patches. | ||||
| CVE-2026-12162 | 2026-06-15 | N/A | ||
| Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain. | ||||
| CVE-2026-12161 | 2026-06-15 | N/A | ||
| Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alternate username and user interaction with the Elevate Shell action. | ||||
| CVE-2026-9262 | 2026-06-15 | 6.5 Medium | ||
| Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||||
| CVE-2026-9261 | 2026-06-15 | 6.8 Medium | ||
| Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||||
| CVE-2026-9260 | 2026-06-15 | 6.2 Medium | ||
| Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||||
| CVE-2026-9259 | 2026-06-15 | 6.5 Medium | ||
| Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||||
| CVE-2026-9258 | 2026-06-15 | 6.5 Medium | ||
| Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||||
| CVE-2026-46447 | 1 Openstack | 1 Ironic | 2026-06-15 | 5.8 Medium |
| OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info. | ||||
| CVE-2026-12205 | 2026-06-15 | N/A | ||
| Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign() on a Key object picks a nonce, and every later sign() on that same object reuses it, producing an identical "r". Keys used to sign more than once with an affected version should be considered compromised. | ||||
| CVE-2026-45437 | 2026-06-15 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Product Filter Widget for Elementor <= 1.0.6 versions. | ||||
| CVE-2026-48874 | 2026-06-15 | 8.5 High | ||
| Subscriber SQL Injection in GamiPress <= 7.8.7 versions. | ||||
| CVE-2026-42655 | 2026-06-15 | 7.5 High | ||
| Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions. | ||||
| CVE-2026-42411 | 2026-06-15 | 8.1 High | ||
| Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions. | ||||
| CVE-2026-40799 | 2026-06-15 | 5.8 Medium | ||
| Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions. | ||||
| CVE-2026-40792 | 2026-06-15 | 6.3 Medium | ||
| Subscriber Insecure Direct Object References (IDOR) in KiviCare <= 4.2.1 versions. | ||||
| CVE-2026-48723 | 2026-06-15 | 7.8 High | ||
| The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6. | ||||
| CVE-2026-40785 | 2026-06-15 | 7.1 High | ||
| Subscriber Broken Authentication in AutomatorWP <= 5.6.7 versions. | ||||