Search
1,557 CVEs
CVEs (1,557, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 126–150 of 1,557 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↑ | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-11481 | LOW | 2.5 | 2026-06-08 | A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of… | |
| CVE-2026-10783 | LOW | 2.5 | 2026-06-04 | A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipu… | |
| CVE-2026-48488 | NONE | — | 2026-06-08 | phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vu… | |
| CVE-2026-9088 | LOW | 2.7 | 2026-06-05 | A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the g… | |
| CVE-2026-44367 | LOW | Patched | 2.7 | 2026-06-02 | Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, a vulnerability exists in the user registration and login mechanisms d… |
| CVE-2026-11686 | LOW | 3.1 | 2026-06-09 | Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to l… | |
| CVE-2026-11691 | LOW | 3.1 | 2026-06-09 | Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to le… | |
| CVE-2026-11684 | LOW | 3.1 | 2026-06-09 | Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin d… | |
| CVE-2026-11675 | LOW | 3.1 | 2026-06-09 | Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft… | |
| CVE-2026-11502 | LOW | 3.1 | 2026-06-08 | A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main… | |
| CVE-2026-11465 | LOW | 3.1 | 2026-06-07 | A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the com… | |
| CVE-2026-11464 | LOW | 3.1 | 2026-06-07 | A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\con… | |
| CVE-2026-48102 | LOW | Patched | 3.1 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File … |
| CVE-2026-11247 | LOW | Patched | 3.1 | 2026-06-05 | Insufficient policy enforcement in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page… |
| CVE-2026-11251 | LOW | Patched | 3.1 | 2026-06-05 | Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass dis… |
| CVE-2026-11240 | LOW | Patched | 3.1 | 2026-06-05 | Insufficient validation of untrusted input in Loader in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass si… |
| CVE-2026-11244 | LOW | Patched | 3.1 | 2026-06-05 | Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process t… |
| CVE-2026-45739 | LOW | Patched | 3.1 | 2026-06-04 | Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.288.4 through 0.315.3, Strawberry's bundled GraphiQL template wrote values from the GraphiQL header… |
| CVE-2025-52611 | LOW | 3.1 | 2026-06-04 | HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the applicat… | |
| CVE-2025-52608 | LOW | 3.1 | 2026-06-04 | HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attributes, including Secure … | |
| CVE-2026-7666 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.core.mail.backends.smtp.EmailBackend` in Django fails to prevent reuse of a partially-init… |
| CVE-2026-8404 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not match `Cache-Control` response … |
| CVE-2026-6873 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injective salt derivation (concat… |
| CVE-2026-48587 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading or trailing whitespace fro… |
| CVE-2026-35193 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not add `Authorization` to the `Var… |