Search
18,985 CVEs
CVEs (18,985, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 51–75 of 18,985 (capped at 500)
| CVE ID | Severity ↑ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-49975 | NONE | — | 2026-06-08 | Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apach… | |
| CVE-2026-48488 | NONE | — | 2026-06-08 | phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vu… | |
| CVE-2026-49755 | NONE | Patched | — | 2026-06-08 | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in wojtekmach Req allows attacker-controlled HTTP servers to exhaust memory in a Req client v… |
| CVE-2026-46477 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment allows cross-work… |
| CVE-2026-46478 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-w… |
| CVE-2026-46479 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluation create and update mass-assignment allows cross-w… |
| CVE-2026-46480 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluator create and update mass-assignment allows cross-wo… |
| CVE-2026-46441 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the assistant upd… |
| CVE-2026-46442 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, POST /api/v1/node-custom-function lacks route-level authori… |
| CVE-2026-46443 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, when credentials are fetched with a credentialName filter p… |
| CVE-2026-46444 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, all CRUD endpoints for OpenAI Assistants Vector Store have … |
| CVE-2026-46475 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant create and update mass-assignment allows cross-wo… |
| CVE-2026-46476 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cro… |
| CVE-2026-44119 | NONE | Patched | — | 2026-06-08 | Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Th… |
| CVE-2026-44186 | NONE | Patched | — | 2026-06-08 | Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server. This… |
| CVE-2026-46274 | NONE | — | 2026-06-08 | In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io_wq_remove_pending() io_wq_remove_pending() needs to … | |
| CVE-2026-46275 | NONE | — | 2026-06-08 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to U… | |
| CVE-2026-42535 | NONE | Patched | — | 2026-06-08 | A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing c… |
| CVE-2026-42861 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the variable upda… |
| CVE-2026-42862 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the tool update e… |
| CVE-2026-42863 | NONE | Patched | — | 2026-06-08 | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the chatflow upda… |
| CVE-2026-29167 | NONE | Patched | — | 2026-06-08 | Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users ar… |
| CVE-2025-71315 | NONE | — | 2026-06-08 | In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DR… | |
| CVE-2026-49234 | NONE | — | 2026-06-08 | When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes. This only affects users who allow … | |
| CVE-2026-49235 | NONE | — | 2026-06-08 | When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes. |