Common Vulnerabilities and Exposures (CVE)

CVE-2026-7876

May 27, 2026 13:56:16 UTC

IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19

CVE-2022-24102

May 27, 2026 13:55:07 UTC

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user...

CVE-2022-3775

May 27, 2026 13:54:16 UTC

When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds...

CVE-2022-22709

May 27, 2026 13:53:33 UTC

VP9 Video Extensions Remote Code Execution Vulnerability

CVE-2026-44775

May 27, 2026 13:53:07 UTC

Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with [AllowAnonymous], allowing completely unauthenticated access to page images from any chapter in any library. While the endpo...

CVE-2022-22576

May 27, 2026 13:52:50 UTC

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as ...

CVE-2026-49014

May 27, 2026 13:52:05 UTC

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The ...

CVE-2022-29117

May 27, 2026 13:51:43 UTC

.NET and Visual Studio Denial of Service Vulnerability

CVE-2024-28765

May 27, 2026 13:51:19 UTC

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This informa...

CVE-2026-9156

May 27, 2026 13:50:44 UTC

Tanium addressed a denial of service vulnerability in Tanium Server.

CVE-2022-29145

May 27, 2026 13:50:41 UTC

.NET and Visual Studio Denial of Service Vulnerability

CVE-2026-44729

May 27, 2026 13:50:28 UTC

Twenty is an open source CRM. In 1.18.0 and earlier, the file serving endpoints in Twenty CRM at /files/* and /file/:fileFolder/:id serve uploaded files using fileStream.pipe(res) without setting any Content-Type, Content-Disposition, or X-...

CVE-2026-36045

May 27, 2026 13:50:13 UTC

picoclaw <=v0.1.2 and earlier is vulnerable to OS command injection via the ExecTool component (pkg/tools/shell.go). The guardCommand() function attempts to restrict shell command execution using a denylist of 8 regular expressions, but the...

CVE-2026-8606

May 27, 2026 13:50:10 UTC

A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security advisories package lookup feature. By di...

CVE-2022-38013

May 27, 2026 13:49:37 UTC

.NET Core and Visual Studio Denial of Service Vulnerability