Search
56 CVEs · Low severity
CVEs (56)
Showing 1–25 of 56
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-9088 | LOW | 2.7 | 2026-06-05 | A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the g… | |
| CVE-2026-8404 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not match `Cache-Control` response … |
| CVE-2026-7666 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.core.mail.backends.smtp.EmailBackend` in Django fails to prevent reuse of a partially-init… |
| CVE-2026-6873 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injective salt derivation (concat… |
| CVE-2026-50266 | LOW | Patched | 2.2 | 2026-06-04 | In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set device_owner to a value that has "net… |
| CVE-2026-48587 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading or trailing whitespace fro… |
| CVE-2026-48102 | LOW | Patched | 3.1 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File … |
| CVE-2026-45739 | LOW | Patched | 3.1 | 2026-06-04 | Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.288.4 through 0.315.3, Strawberry's bundled GraphiQL template wrote values from the GraphiQL header… |
| CVE-2026-45683 | LOW | Patched | 3.8 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled… |
| CVE-2026-44546 | LOW | Patched | 3.7 | 2026-06-03 | daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, … |
| CVE-2026-44367 | LOW | Patched | 2.7 | 2026-06-02 | Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, a vulnerability exists in the user registration and login mechanisms d… |
| CVE-2026-35193 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not add `Authorization` to the `Var… |
| CVE-2026-21027 | LOW | 3.3 | 2026-06-05 | Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function. | |
| CVE-2026-11555 | LOW | 3.7 | 2026-06-08 | A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such m… | |
| CVE-2026-11534 | LOW | 3.5 | 2026-06-08 | A vulnerability was detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of t… | |
| CVE-2026-11520 | LOW | 3.5 | 2026-06-08 | A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes… | |
| CVE-2026-11511 | LOW | 3.5 | 2026-06-08 | A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerability affects unknown code of the file src/Storage/Field/Type/TextType.php of the component HTML Attrib… | |
| CVE-2026-11502 | LOW | 3.1 | 2026-06-08 | A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main… | |
| CVE-2026-11491 | LOW | 2.4 | 2026-06-08 | A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/All_notice of the component Notice Boa… | |
| CVE-2026-11481 | LOW | 2.5 | 2026-06-08 | A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of… | |
| CVE-2026-11478 | LOW | 3.3 | 2026-06-08 | A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the compon… | |
| CVE-2026-11468 | LOW | 2.4 | 2026-06-08 | A vulnerability was detected in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /admin/?page=room_typ… | |
| CVE-2026-11465 | LOW | 3.1 | 2026-06-07 | A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the com… | |
| CVE-2026-11464 | LOW | 3.1 | 2026-06-07 | A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\con… | |
| CVE-2026-11459 | LOW | 3.3 | 2026-06-07 | A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler.… |