Search
1,613 CVEs
CVEs (1,613, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 201–225 of 1,613 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-10813 | LOW | 3.6 | 2026-06-04 | A flaw has been found in LMCache up to 0.4.6. This affects the function hex_hash_to_int16 of the file lmcache/integration/vllm/utils.py of the component KV Cache Handler. E… | |
| CVE-2026-10814 | MEDIUM | 4.5 | 2026-06-04 | A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects unknown code of the file internal/metastore/kv/rootcoord/kv_catalog.go of the co… | |
| CVE-2026-10815 | MEDIUM | 6.3 | 2026-06-04 | A vulnerability was found in LakshayD02 Hostel-Management-System-PHP up to f87e67c283bab6f718faf2fec6ae39a13bd7036b. This issue affects some unknown processing of the file … | |
| CVE-2026-10840 | CRITICAL | 9.6 | 2026-06-04 | A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and ce… | |
| CVE-2026-10843 | HIGH | 7.2 | 2026-06-04 | A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive act… | |
| CVE-2026-10854 | MEDIUM | Patched | 4.3 | 2026-06-04 | A visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organisations. The event templ… |
| CVE-2026-10855 | MEDIUM | Patched | 4.3 | 2026-06-04 | An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a … |
| CVE-2026-10856 | MEDIUM | Patched | 6.1 | 2026-06-04 | A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an ex… |
| CVE-2026-10860 | MEDIUM | Patched | 6.5 | 2026-06-04 | A logic error in the MISP CRUD component delete handler allowed validation failures to be bypassed when requests used the HTTP DELETE method. Due to missing parentheses in … |
| CVE-2026-10861 | MEDIUM | Patched | 6.1 | 2026-06-04 | An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session key was used as the post-l… |
| CVE-2026-10862 | MEDIUM | 6.4 | 2026-06-09 | The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficie… | |
| CVE-2026-10863 | HIGH | Patched | 8.1 | 2026-06-04 | A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This al… |
| CVE-2026-10864 | MEDIUM | Patched | 4.3 | 2026-06-04 | A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields were returned by the New Users and Ne… |
| CVE-2026-10868 | NONE | — | 2026-06-04 | A mass assignment vulnerability exists in the MISP user edit functionality due to insufficient filtering of user-supplied fields in UsersController::edit(). When processing… | |
| CVE-2026-10870 | HIGH | 7.2 | 2026-06-04 | A flaw has been found in Shibby Tomato 1.28.0000. This affects the function start_dhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command in… | |
| CVE-2026-10871 | HIGH | 7.2 | 2026-06-04 | A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start_6rd_tunnel of the file /sbin/rc of the component Web UI. Such manip… | |
| CVE-2026-10872 | HIGH | 7.2 | 2026-06-04 | A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function start_vpnserver of the file /sbin/rc of the component Web UI. Performing a manipulatio… | |
| CVE-2026-10873 | HIGH | 7.2 | 2026-06-04 | A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstats_path of the file /bin/rstats of the component Web UI. Executing a manipulation ca… | |
| CVE-2026-10874 | MEDIUM | 6.3 | 2026-06-04 | A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manip… | |
| CVE-2026-10875 | MEDIUM | 6.3 | 2026-06-04 | A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The m… | |
| CVE-2026-10876 | MEDIUM | 6.3 | 2026-06-05 | A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown function of the file /admin/. This manipulation of the ar… | |
| CVE-2026-10877 | HIGH | 7.3 | 2026-06-05 | A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php o… | |
| CVE-2026-10878 | MEDIUM | 6.3 | 2026-06-05 | A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub_41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argum… | |
| CVE-2026-10879 | CRITICAL | Patched | 9.8 | 2026-06-05 | DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to … |
| CVE-2026-10880 | CRITICAL | 9.8 | 2026-06-04 | OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being incorporated into a SQL query… |