Common Vulnerabilities and Exposures (CVE)

CVE-2026-46244

Jul 7, 2026 12:04:59 UTC

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6 inner_thoff desync In nft_inner_parse_l2l3(), when processing inner IPv6 packets, ipv6_find_hdr() correctly computes the transport header o...

CVE-2026-54293

Jul 7, 2026 12:04:57 UTC

NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Prior to 3.10.0-rc1, nltk.data.load() in NLTK is vulnerable to path trave...

CVE-2025-56005

Jul 7, 2026 12:04:55 UTC

An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle....

CVE-2026-8450

Jul 7, 2026 12:04:46 UTC

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subproces...

CVE-2024-54216

Jul 7, 2026 11:22:19 UTC

Path Traversal: '.../...//' vulnerability in reputeinfosystems ARForms allows Path Traversal. This issue affects ARForms: from n/a before 7.0.2.

CVE-2026-41048

Jul 7, 2026 09:31:37 UTC

Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions like "restore from snapshot" even if only allowed to do "delete snapshot".

CVE-2022-21952

Jul 7, 2026 09:28:04 UTC

A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE M...

CVE-2025-4994

Jul 7, 2026 09:05:50 UTC

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuratio...

CVE-2026-12491

Jul 7, 2026 07:44:29 UTC

A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency (tRNS) data, during image processing...

CVE-2026-3823

Jul 7, 2026 06:24:16 UTC

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

CVE-2026-56810

Jul 7, 2026 04:32:36 UTC

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint (Mint.HTTP1 module) allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files l...

CVE-2026-54893

Jul 7, 2026 04:32:26 UTC

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path (/users/{from}/sendMail) without percent-encoding ...

CVE-2026-13383

Jul 7, 2026 03:56:38 UTC

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS ikestubd process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fire...

CVE-2026-13384

Jul 7, 2026 03:56:37 UTC

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS wgagent process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Firew...

CVE-2026-13722

Jul 7, 2026 03:56:36 UTC

WatchGuard Fireware OS contains a firmware validation bypass when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this vulnerability to install a tampered firmware image.This vulnerabilit...