Common Vulnerabilities and Exposures (CVE)

CVE-2026-14906

Jul 13, 2026 19:32:16 UTC

Pages with malicious titles could potentially allow saved PDF content to overwrite PDF files or bundled content within the Firefox for iOS application sandbox. This vulnerability was fixed in Firefox for iOS 152.4.

CVE-2025-45869

Jul 13, 2026 19:29:41 UTC

LogicalDOC Enterprise Version up to and before v9.1.1 is vulnerable to Server-Side Request Forgery (SSRF). An unauthenticated attacker can exploit the ShareFileCallback servlet by manipulating input parameters to trigger a server-side reque...

CVE-2026-15527

Jul 13, 2026 19:26:34 UTC

A vulnerability has been found in better-auth better-icons up to 1.0.5. This vulnerability affects unknown code of the component scan_project_icons/sync_icon. Such manipulation of the argument icons_file leads to path traversal. An attack h...

CVE-2026-15533

Jul 13, 2026 19:22:17 UTC

A security flaw has been discovered in DedeCMS 5.7.118. Impacted is an unknown function of the file /plus/search.php of the component Column Management. Performing a manipulation of the argument Column Name results in code injection. The at...

CVE-2026-15471

Jul 13, 2026 19:19:11 UTC

A vulnerability was found in Eleveo Call Recording Software 9.7.0. This affects an unknown part of the file /callrec/pci_dss_status.jsp. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possi...

CVE-2026-15477

Jul 13, 2026 19:11:58 UTC

A vulnerability was detected in Bahmni bahmnicore up to 0.93. This affects the function additionalParams of the file /openmrs/ws/rest/v1/bahmnicore/sql of the component Search Endpoint. Performing a manipulation of the argument test results...

CVE-2026-15086

Jul 13, 2026 19:09:51 UTC

vulnerability in Drupal Raw Formatter [Meta Tag Formatter] allows . This issue affects Raw Formatter [Meta Tag Formatter] versions: *.*.

CVE-2026-15087

Jul 13, 2026 19:07:49 UTC

vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions: *.*.

CVE-2026-11915

Jul 13, 2026 19:06:23 UTC

vulnerability in Drupal Brute force attack protection allows . This issue affects Brute force attack protection versions: *.*.

CVE-2026-11914

Jul 13, 2026 19:05:09 UTC

vulnerability in Drupal Composer allows . This issue affects Composer versions: *.*.

CVE-2026-57212

Jul 13, 2026 18:55:35 UTC

RabbitMQ is a messaging and streaming broker. Prior to 3.13.14, 4.0.19, 4.1.10, and 4.2.5, the rabbitmq_management HTTP API accepts oversized valid JSON bodies on with_decode and direct_request paths because read_complete_body checks the ac...

CVE-2026-57218

Jul 13, 2026 18:55:32 UTC

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.update_secret refresh to reduced scopes because existing consume...

CVE-2026-34196

Jul 13, 2026 18:55:28 UTC

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the...

CVE-2026-41154

Jul 13, 2026 18:55:25 UTC

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer in...

CVE-2026-7639

Jul 13, 2026 18:55:22 UTC

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU...