Search
1,463 CVEs
CVEs (1,463, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 376–400 of 1,463 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-45679 | MEDIUM | Patched | 6.5 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span s… |
| CVE-2026-45678 | HIGH | Patched | 7.5 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND mess… |
| CVE-2026-45676 | MEDIUM | Patched | 5.5 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section of… |
| CVE-2026-45614 | MEDIUM | Patched | 4.7 | 2026-06-03 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to v… |
| CVE-2026-45581 | MEDIUM | Patched | 5.5 | 2026-06-08 | fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in c… |
| CVE-2026-45554 | MEDIUM | Patched | 5.3 | 2026-06-02 | NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may r… |
| CVE-2026-45553 | HIGH | Patched | 7.5 | 2026-06-02 | NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructured_text() renders reStructuredText server-side with Docutils without disabling file insertion … |
| CVE-2026-45497 | HIGH | 7.7 | 2026-06-04 | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network. | |
| CVE-2026-45433 | NONE | — | 2026-06-04 | This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vuln… | |
| CVE-2026-45432 | NONE | — | 2026-06-04 | This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could… | |
| CVE-2026-45431 | NONE | — | 2026-06-04 | This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authen… | |
| CVE-2026-45409 | NONE | — | 2026-06-05 | Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility P… | |
| CVE-2026-45327 | HIGH | 8.2 | 2026-06-05 | TinyIce is a streaming server for audio and video. In versions 0.8.95 through 2.4.1, missing authentication on WebRTC ingest endpoint allows unauthenticated stream injectio… | |
| CVE-2026-45300 | HIGH | Patched | 7.4 | 2026-06-05 | The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.… |
| CVE-2026-45291 | HIGH | Patched | 7.5 | 2026-06-05 | Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR3-20260418.124334-32` impacts publicly accessi… |
| CVE-2026-45290 | HIGH | Patched | 7.5 | 2026-06-05 | Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR3-20260417.085727-30` impacts publicly accessi… |
| CVE-2026-45289 | MEDIUM | Patched | 5.3 | 2026-06-02 | CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0.0.Beta12-20260420.182526-15, CloudburstMC Protocol is partially missing vali… |
| CVE-2026-45287 | NONE | — | 2026-06-04 | OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, `go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.io/otel/schema/v1.1` leaks… | |
| CVE-2026-45080 | NONE | Patched | — | 2026-06-02 | Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue… |
| CVE-2026-44917 | MEDIUM | Patched | 4.9 | 2026-06-04 | OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_template. |
| CVE-2026-44682 | HIGH | 7.3 | 2026-06-03 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | |
| CVE-2026-44654 | HIGH | Patched | 8.1 | 2026-06-02 | LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, a shared-agent editor can delete file records through `DE… |
| CVE-2026-44653 | MEDIUM | Patched | 6.5 | 2026-06-02 | LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, users with only `VIEW` access to an MCP server can retrie… |
| CVE-2026-44631 | CRITICAL | Patched | 9.8 | 2026-06-08 | Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67… |
| CVE-2026-44609 | HIGH | 7.3 | 2026-06-03 | Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. |