Search
6,811 CVEs
CVEs (6,811, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 6,811 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2026-39869 | MEDIUM | Patched | 4.3 | 2026-05-11 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.… |
| CVE-2026-39870 | HIGH | Patched | 7.5 | 2026-05-11 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Processing a maliciously crafted … |
| CVE-2026-39871 | HIGH | Patched | 7.5 | 2026-05-11 | A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe u… |
| CVE-2026-41489 | HIGH | Patched | 8.8 | 2026-05-11 | Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to before Core 6.4.2 and FTL 6.6.1, two shell sc… |
| CVE-2026-42888 | NONE | Patched | — | 2026-05-11 | Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the podcast creation endpoint at server/controllers/PodcastController.js accepts a user-contr… |
| CVE-2026-43652 | HIGH | Patched | 7.5 | 2026-05-11 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data. |
| CVE-2026-43653 | MEDIUM | Patched | 6.2 | 2026-05-11 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5,… |
| CVE-2026-43654 | HIGH | Patched | 7.5 | 2026-05-11 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.… |
| CVE-2026-43655 | HIGH | Patched | 7.3 | 2026-05-11 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be… |
| CVE-2026-43656 | HIGH | Patched | 7.3 | 2026-05-11 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7… |
| CVE-2026-43658 | HIGH | Patched | 7.5 | 2026-05-11 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.… |
| CVE-2026-43659 | MEDIUM | Patched | 4.7 | 2026-05-11 | A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma… |
| CVE-2026-43660 | HIGH | Patched | 7.5 | 2026-05-11 | A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.… |
| CVE-2026-43661 | HIGH | Patched | 7.5 | 2026-05-11 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing … |
| CVE-2026-43666 | MEDIUM | Patched | 6.2 | 2026-05-11 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.… |
| CVE-2026-43668 | HIGH | Patched | 7.5 | 2026-05-11 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, m… |
| CVE-2026-43874 | HIGH | 7.2 | 2026-05-11 | WWBN AVideo is an open source video platform. In versions up to and including 29.0, the server-side mitigation for the YPTSocket autoEvalCodeOnHTML eval sink (from CVE-2026… | |
| CVE-2026-34960 | MEDIUM | Patched | 6.5 | 2026-05-11 | barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcp_message_type() function that fails to verify the opti… |
| CVE-2026-34961 | MEDIUM | Patched | 6.2 | 2026-05-11 | barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the eh_entries field against buffer capac… |
| CVE-2026-42046 | HIGH | 7.8 | 2026-05-11 | libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a … | |
| CVE-2026-42188 | LOW | Patched | 2.4 | 2026-05-11 | Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Prior to 2.9.3, a server-side request forgery (SSRF) vulnerability exists in Geyser’s han… |
| CVE-2026-42564 | HIGH | Patched | 8.2 | 2026-05-11 | jotty·page is a self-hosted app for your checklists and notes. Prior to 1.22.0, an unauthenticated path traversal vulnerability exists in /api/app-icons/[filename]. The fil… |
| CVE-2026-42600 | MEDIUM | Patched | 4.9 | 2026-05-11 | MinIO is a high-performance object storage system. From RELEASE.2022-07-24T01-54-52Z to before RELEASE.2026-04-14T21-32-45Z, A path traversal vulnerability in MinIO's ReadM… |
| CVE-2026-43873 | HIGH | 7.5 | 2026-05-11 | WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php echoes the local CloneSite shared secret ($objClon… | |
| CVE-2026-43875 | MEDIUM | 6.8 | 2026-05-11 | WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/MobileManager/oauth2.php completes an OAuth login by sending an HTTP 302 Location… |