Common Vulnerabilities and Exposures (CVE)

CVE-2026-13368

Jul 7, 2026 03:56:35 UTC

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary co...

CVE-2026-8247

Jul 7, 2026 03:56:33 UTC

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbitrary code. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Up...

CVE-2026-13079

Jul 7, 2026 03:56:26 UTC

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affect...

CVE-2026-13054

Jul 7, 2026 03:56:23 UTC

A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem. This vulnerability affects Fireware OS 11.0 up to and includ...

CVE-2026-13050

Jul 7, 2026 03:56:20 UTC

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS networkd process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fire...

CVE-2026-25271

Jul 7, 2026 03:56:19 UTC

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use.

CVE-2026-21379

Jul 7, 2026 03:56:18 UTC

Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.

CVE-2026-13053

Jul 7, 2026 03:56:17 UTC

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command. This vulnerability affects Fireware OS 11.0 up to and includin...

CVE-2026-25268

Jul 7, 2026 03:56:16 UTC

Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.

CVE-2026-26355

Jul 7, 2026 03:56:14 UTC

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutral...

CVE-2026-53478

Jul 7, 2026 03:56:11 UTC

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutral...

CVE-2026-49815

Jul 7, 2026 03:56:10 UTC

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutral...

CVE-2026-49814

Jul 7, 2026 03:56:08 UTC

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutral...

CVE-2026-10054

Jul 7, 2026 03:56:07 UTC

In affected versions of Eclipse Theia (1.8.1 and later), the browser backend exposes privileged terminal RPC over WebSocket (/services/shell-terminal, /services/terminals/:id) without service-level authentication. WebSocket origin valid...

CVE-2026-14649

Jul 7, 2026 03:01:15 UTC

A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function test_input of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql i...