| CVE-2026-10735 | Multiple plugins by ShapedPlugin contain a backdoor in various versions. This makes it possible for unauthenticated attackers to achieve backdoor access to sites with the compromised copy of the software installed. CVE-2026-49777 is a duplicate of this CVE. | No Score | |
| CVE-2026-8049 | SignalRGB is a Windows application used for RGB lighting control and hardware monitoring. Its kernel component, SignalIo.sys, provides the low-level interfaces required to access and interact with hardware resources. Seven of the sixteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash. | No Score | |
| CVE-2026-8050 | SignalRGB is a Windows application used for RGB lighting control and hardware monitoring. Its kernel component, SignalIo.sys, provides the low-level interfaces required to access and interact with hardware resources. he \\.\SignalIo device object is created without an explicit SDDL security descriptor and without FILE_DEVICE_SECURE_OPEN. This results in overly permissive default access control, allowing any authenticated local user to obtain a handle to the device and issue privileged IOCTLs. | No Score | |
| CVE-2026-55806 | Drupal core ships a rebuild.php front controller that can be used to rebuild Drupal (clearing the caches and rebuilding the container) when the site is in an unexpected condition.
This script doesn't correctly check the Host header against the list of trusted host patterns. This could result in cache poisoning or a redirect to an attacker-controlled domain. | No Score | |
| CVE-2026-55202 | Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a matching Host header or bypass detection via port manipulation. Remote attackers can trigger unauthorized access to internal proxy statistics or misroute requests as transparent proxy connections to circumvent access controls. | high | |
| CVE-2026-55201 | Evil-WinRM through 3.9, fixed in commit 6ecd570, contains a path traversal vulnerability in the download_dir() function that allows a rogue or compromised remote Windows server to write files outside the intended download directory by returning filenames with traversal sequences from Get-ChildItem command output that are passed unsanitized to File.join(). Attackers controlling the remote server can exploit this to overwrite sensitive client-side files such as SSH authorized_keys or shell configuration files, achieving persistent access or privilege escalation on the client machine. | high | |
| CVE-2026-55200 | libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transport_read() that fails to enforce upper bounds on packet_length field. Remote attackers can send crafted SSH packets with excessively large packet_length values to corrupt heap memory and achieve remote code execution. | critical | |
| CVE-2026-55590 | CakePHP Authentication: Open redirect weakness via backslash bypass | medium | |
| CVE-2026-55517 | Deno: Denial of service via non-ASCII bytes in WebSocket response headers | medium | |
| CVE-2026-55470 | HAPI FHIR: Incomplete fix for CVE-2026-45367: DSTU2 FHIRPathEngine.matches() missing RegexTimeout protection allows ReDoS | high | |
| CVE-2026-55199 | libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSH_MSG_EXT_INFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can set nr_extensions to 0xFFFFFFFF during key exchange, causing the client to spin in a tight CPU loop for over 60 seconds because return values from _libssh2_get_string() are unchecked and the session timeout does not apply to CPU-bound loops. | high | |
| CVE-2026-55450 | Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak | critical | |
| CVE-2026-55409 | Filament: Disabled RichEditor field state can be used for XSS | high | |
| CVE-2026-55405 | LangChain4j: SQL injection via metadata filters in langchain4j-mariadb and langchain4j-pgvector | high | |
| CVE-2026-7300 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI... | high | |
| CVE-2026-48591 | Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark... | medium | |
| CVE-2026-39199 | snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file. | low | |
| CVE-2026-3894 | Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread... | critical | |
| CVE-2026-30803 | Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows... | high | |
| CVE-2026-53875 | picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function... | high | |
| CVE-2026-53874 | picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated... | critical | |
| CVE-2026-53872 | picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing... | high | |
| CVE-2026-35069 | Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Neutralization of Special... | medium | |
| CVE-2026-32652 | Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials"... | high | |
| CVE-2026-30802 | Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers... | high | |
| CVE-2026-2675 | Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security... | medium | |
| CVE-2026-2467 | Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows... | critical | |
| CVE-2026-20246 | A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an... | medium | |
| CVE-2026-1288 | A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk... | medium | |
| CVE-2026-12515 | A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where... | medium | |
| CVE-2026-55748 | OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have... | medium | |
| CVE-2026-55743 | The shell tool command allowlist in the SecurityPolicy of OpenHuman desktop agent through 0.54.0 ... | critical | |
| CVE-2026-54812 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... | critical | |
| CVE-2026-49502 | Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Authentication... | high | |
| CVE-2026-48142 | NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When... | medium | |
| CVE-2026-42530 | NGINX Open Source has a vulnerability in the ngx_http_v3_module module. When NGINX Open Source is... | critical | |
| CVE-2026-42055 | NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and... | critical | |
| CVE-2026-35162 | Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control... | medium | |
| CVE-2026-35066 | Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control... | high | |
| CVE-2026-35065 | Dell PowerFlex Manager, version(s) [Versions], contain(s) a Missing Authentication for Critical... | high | |
| CVE-2026-20181 | A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute... | critical | |
| CVE-2025-71323 | picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote... | critical | |
| CVE-2025-71322 | PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list,... | high | |
| CVE-2025-71321 | picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers... | critical | |
| CVE-2025-71320 | picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and... | critical | |
| CVE-2025-32748 | Dell PowerFlex rack, version(s) RCM 3.7/3.7, contain(s) a Host Header Injection vulnerability. An... | medium | |
| CVE-2025-26240 | In JazzCore python-pdfkit 1.0.0, the from_string method enables the execution of JavaScript code... | high | |
| CVE-2026-9591 | Cross-site request forgery (CSRF) in NewsItemApiController in SimplCommerce prior to commit... | high | |
| CVE-2026-55738 | A stack-based buffer overflow exists in the raw_to_header() function in src/microtar.c in rxi... | high | |
| CVE-2026-54819 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... | critical | |
