Common Vulnerabilities and Exposures (CVE)

CVE-2026-20191

Jul 1, 2026 17:25:09 UTC

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container.  This vulnerability is due to insufficient validation of user-supplied input. An attacker ...

CVE-2026-20214

Jul 1, 2026 17:25:09 UTC

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerabil...

CVE-2026-20213

Jul 1, 2026 17:25:08 UTC

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerabili...

CVE-2026-20216

Jul 1, 2026 17:25:08 UTC

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources durin...

CVE-2026-20217

Jul 1, 2026 17:25:08 UTC

A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnera...

CVE-2026-20215

Jul 1, 2026 17:25:08 UTC

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerabili...

CVE-2026-20244

Jul 1, 2026 17:25:08 UTC

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerabil...

CVE-2026-56151

Jul 1, 2026 17:25:08 UTC

Improper Input Validation (CWE-20) in Kibana can lead to a denial of service via Input Data Manipulation (CAPEC-153). An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can render ...

CVE-2026-20243

Jul 1, 2026 17:25:08 UTC

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerabil...

CVE-2026-56152

Jul 1, 2026 17:25:07 UTC

Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can ac...

CVE-2026-49087

Jul 1, 2026 17:25:07 UTC

Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can lead to a denial of service via Excessive Allocation (CAPEC-130). An authenticated user can submit a specially crafted bulk deletion request that causes excessive ...

CVE-2026-49088

Jul 1, 2026 17:25:07 UTC

Insertion of Sensitive Information into Log File (CWE-532) in Kibana can lead to information disclosure. When the optional application performance monitoring (APM) instrumentation is enabled, sensitive request header values could be recorde...

CVE-2025-45729

Jul 1, 2026 17:03:57 UTC

D-Link DIR-823-Pro 1.02 has improper permission control, allowing unauthorized users to turn on and access Telnet services.

CVE-2026-14084

Jul 1, 2026 16:50:42 UTC

Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Low)

CVE-2026-34100

Jul 1, 2026 16:48:41 UTC

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in media.php (line 17): SELECT id, filename, extension, type, duration, owner, private FROM files where id = '\".$_GET['id'].\"'. An authenticated a...