Skip to main content

Suse

9341 CVEs vendor

Monthly

CVE-2026-33257 MEDIUM PATCH This Month

Unlimited memory allocation in PowerDNS internal web server allows remote denial of service via crafted web requests. The vulnerability affects multiple PowerDNS products (dnsdist, Authoritative, and Recursor) across multiple versions, though the internal web server is disabled by default, significantly limiting real-world exposure. CVSS 5.3 reflects low attack complexity and no authentication requirements, but the default-disabled state and requirement to enable the internal web server substantially reduce practical risk.

Denial Of Service Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33256 MEDIUM PATCH This Month

Denial of service via unlimited memory allocation in PowerDNS Recursor's internal web server affects versions 5.2.0-5.2.8, 5.3.0-5.3.5, and 5.4.0. An unauthenticated remote attacker can send a crafted web request to exhaust server memory when the internal web server is enabled, causing service unavailability. No public exploit code or active exploitation has been identified, but patch versions are available from the vendor.

Denial Of Service Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33600 MEDIUM PATCH This Month

Denial of service in PowerDNS Recursor occurs when processing a malicious Response Policy Zone (RPZ) from an authoritative server, triggering a null pointer dereference due to missing validation logic. Versions 5.2.0-5.2.8, 5.3.0-5.3.5, and 5.4.0 are affected. An authenticated remote attacker controlling an authoritative nameserver can crash the Recursor service by sending a specially crafted RPZ response, requiring high privilege level (PR:H) and complex attack conditions (AC:H) as mitigating factors.

Denial Of Service Null Pointer Dereference Suse
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-31433 HIGH PATCH This Week

Out-of-bounds write in Linux kernel ksmbd allows authenticated remote attackers to cause memory corruption via crafted SMB2 compound requests combining QUERY_DIRECTORY and QUERY_INFO commands. The vulnerability arises when get_file_all_info() fails to validate OutputBufferLength against available buffer space before converting filenames to UTF-16, enabling buffer overflow beyond response buffer boundaries. With CVSS 8.8 (High) and network attack vector requiring only low privileges, this presents significant risk to systems running ksmbd SMB server. Vendor patches available across multiple kernel versions (5.15.203, 6.1.168, 6.6.131, 6.12.80, 6.18.21, 6.19.11, 7.0). EPSS exploitation probability remains low at 0.01% (2nd percentile), and no public exploit or CISA KEV listing identified at time of analysis.

Buffer Overflow Linux Red Hat Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-40923 Go MEDIUM PATCH GHSA This Month

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal paths by using .. path traversal components. The restriction check uses strings.HasPrefix without filepath.Clean, so a path like /tekton/home/../results passes validation but resolves to /tekton/results at runtime. This vulnerability is fixed in 1.11.1.

Kubernetes Path Traversal Red Hat Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-40924 Go MEDIUM PATCH GHSA This Month

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, the HTTP resolver's FetchHttpResource function calls io.ReadAll(resp.Body) with no response body size limit. Any tenant with permission to create TaskRuns or PipelineRuns that reference the HTTP resolver can point it at an attacker-controlled HTTP server that returns a very large response body within the 1-minute timeout window, causing the tekton-pipelines-resolvers pod to be OOM-killed by Kubernetes. Because all resolver types (Git, Hub, Bundle, Cluster, HTTP) run in the same pod, crashing this pod denies resolution service to the entire cluster. Repeated exploitation causes a sustained crash loop. The same vulnerable code path is reached by both the deprecated pkg/resolution/resolver/http and the current pkg/remoteresolution/resolver/http implementations. This vulnerability is fixed in 1.11.1.

Denial Of Service Kubernetes Suse Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-41066 PyPI HIGH PATCH GHSA This Week

### Impact Using either of the two parsers in the default configuration (with `resolve_entities=True`) allows untrusted XML input to read local files. ### Patches lxml 6.1.0 changes the default to `resolve_entities='internal'`, thus disallowing local file access by default. ### Workarounds Setting the `resolve_entities` option explicitly to `resolve_entities='internal'` or `resolve_entities=False` disables the local file access. ### Resources Original report: https://bugs.launchpad.net/lxml/+bug/2146291 The default option was changed to `resolve_entities='internal'` for the normal XML and HTML parsers in lxml 5.0. The default was not changed for `iterparse()` and `ETCompatXMLParser()` at the time. lxml 6.1 makes the safe option the default for all parsers.

XXE Suse Red Hat
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-35240 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-35239 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-35238 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-35237 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-35236 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-34308 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34304 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-34303 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34293 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-34278 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-34276 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34271 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34270 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34267 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-22021 MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Denial Of Service Oracle Java Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22017 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-22015 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Oracle Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-22013 MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).

Authentication Bypass Oracle Java Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22009 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-22005 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-22004 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-22003 MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).

Denial Of Service Oracle Java Suse
NVD VulDB
CVSS 3.1
6.0
EPSS
0.0%
CVE-2026-22002 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-21998 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-40606 PyPI MEDIUM PATCH This Month

Authentication bypass in mitmproxy 12.2.1 and below allows remote attackers to bypass LDAP-based proxy authentication through unsanitized username injection. The vulnerability affects only instances explicitly configured with the proxyauth option using LDAP authentication, which is disabled by default. Attackers can exploit this over the network without authentication or user interaction to gain unauthorized access to proxied connections.

Authentication Bypass LDAP Code Injection Suse
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-15638 CRITICAL PATCH Act Now

Remote code execution with complete system compromise affects Net::Dropbear Perl module versions before 0.14 due to bundled vulnerable libtomcrypt library. The module ships with Dropbear 2019.78 or earlier containing libtomcrypt v1.18.1, inheriting CVE-2016-6129 (RSA signature forgery) and CVE-2018-12437 (RSA key recovery via side-channel). CVSS 10.0 reflects network-accessible attack with no authentication or user interaction required and complete confidentiality, integrity, and availability impact with scope change. CISA SSVC framework confirms automatable exploitation with total technical impact, though no active exploitation reported. Patch available in Net::Dropbear 0.14 with updated cryptographic dependencies.

Information Disclosure Suse
NVD
CVSS 3.1
10.0
EPSS
0.0%
CVE-2017-20230 CRITICAL PATCH Act Now

Storable versions before 3.05 for Perl has a stack overflow. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Stack Overflow Buffer Overflow Red Hat Suse
NVD GitHub
CVSS 3.1
10.0
EPSS
0.0%
CVE-2026-5789 HIGH PATCH This Week

Local privilege escalation in CivetWeb v1.16 service allows authenticated users to execute arbitrary code with SYSTEM privileges via unquoted service path exploitation. The Windows service configuration lacks quotes around 'C:\Program Files\CivetWeb\CivetWeb.exe', enabling attackers to place malicious executables in directories scanned before the intended path (e.g., 'C:\Program.exe' or 'C:\Program Files\CivetWeb.exe'). No public exploit identified at time of analysis, though EPSS data not available. Patch available per vendor advisory from INCIBE.

RCE Suse
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-6783 MEDIUM PATCH This Month

Integer overflow in Firefox's Audio/Video Playback component allows remote unauthenticated attackers to cause integrity violations through specially crafted multimedia content. The vulnerability stems from incorrect boundary condition handling in numeric calculations, potentially enabling attackers to modify playback state or corrupt audio/video streams without user interaction. Firefox 150 and later contain the fix.

Integer Overflow Mozilla Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6782 HIGH PATCH This Week

Unauthenticated remote attackers can obtain sensitive information from Firefox's IP Protection component prior to version 150 via network-accessible requests with low attack complexity. The vulnerability leaks confidential data (CVSS:C=High) without requiring user interaction or special privileges, affecting all Firefox installations below version 150. Mozilla has released a vendor-confirmed patch in Firefox 150. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, though CVSS vector indicates trivial exploitation conditions (AV:N/AC:L/PR:N/UI:N).

Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6781 HIGH PATCH This Week

Denial-of-service in Firefox versions prior to 150 allows remote attackers to crash the browser via malformed audio/video content during playback. The vulnerability requires no authentication and minimal attack complexity (CVSS 7.5, AV:N/AC:L/PR:N/UI:N), enabling attackers to render the browser unresponsive or terminated through crafted media files. Mozilla has released Firefox 150 to address this issue. EPSS data not available; no evidence of active exploitation (not in CISA KEV), though SSVC assessment notes the vulnerability is not currently being exploited and is classified as non-automatable with partial technical impact.

Denial Of Service Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6780 HIGH PATCH This Week

Denial-of-service in Firefox's Audio/Video playback component allows remote attackers to crash the browser via network-based exploitation requiring no authentication or user interaction. Mozilla patched the vulnerability in Firefox 150. CVSS 7.5 (High) reflects high availability impact, but SSVC assessment marks it as partial technical impact with no confirmed exploitation, indicating lower real-world priority than critical RCE vulnerabilities. No public exploit code or CISA KEV listing identified.

Denial Of Service Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6779 MEDIUM PATCH This Month

Mozilla Firefox JavaScript Engine contains an improper input validation flaw that permits remote, unauthenticated information disclosure to attackers without user interaction. The vulnerability (CWE-20: Improper Input Validation) affects all versions prior to Firefox 150 and allows attackers to access sensitive data via a network-based attack with low complexity. A vendor-released patch is available in Firefox 150.

Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6778 MEDIUM PATCH This Month

Denial of service via null pointer dereference in Firefox's Audio/Video Playback component allows remote attackers to crash the browser without user interaction. The vulnerability affects Firefox versions prior to 150 and requires only a network connection to trigger, resulting in availability loss but not code execution or data compromise. No active exploitation has been confirmed at time of analysis.

Null Pointer Dereference Denial Of Service Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6777 MEDIUM PATCH This Month

Denial of service in Firefox DNS networking component allows unauthenticated remote attackers to cause partial availability impact through crafted network requests. The vulnerability, classified as a cross-site request forgery (CSRF) issue within DNS handling, affects Firefox versions prior to 150 and has been patched by Mozilla.

CSRF Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6776 HIGH PATCH This Week

Buffer overflow in Firefox WebRTC networking component allows local attackers to execute arbitrary code with high impact to confidentiality, integrity, and availability. Affects Firefox versions prior to 150 and Firefox ESR prior to 140.10. No public exploit identified at time of analysis. CVSS 7.8 reflects high severity but requires local access and user interaction, limiting remote attack surface. Mozilla has released patches in Firefox 150 and Firefox ESR 140.10.

Mozilla Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-6775 MEDIUM PATCH This Month

Incorrect boundary conditions in Firefox's WebRTC component allow remote attackers to read limited memory contents without authentication. Firefox versions prior to 150 are affected by this low-confidentiality vulnerability, which CVSS rates at 5.3 due to network exploitability without user interaction, though CISA's SSVC framework indicates no current exploitation activity and limited technical impact.

Mozilla Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6774 MEDIUM PATCH This Month

Mitigation bypass in Firefox's DOM Security component allows authenticated remote attackers with user interaction to circumvent security controls and gain limited read/write access to sensitive data across security boundaries. Firefox 150 and later versions contain the fix; versions prior to 150 are vulnerable. SSVC assessment indicates no current public exploitation, though the vulnerability requires user interaction and authentication to trigger.

Authentication Bypass Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-6773 HIGH PATCH This Week

Integer overflow in Firefox's WebGPU graphics component enables remote denial-of-service attacks against default browser configurations. Attackers can trigger high availability impact via network-accessible exploitation without authentication or user interaction. Mozilla patched this in Firefox 150, with SSVC framework rating it automatable with partial technical impact despite CVSS 7.5 severity. No active exploitation confirmed and EPSS data not provided for risk quantification.

Integer Overflow Mozilla Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6772 HIGH PATCH This Week

Information disclosure in Mozilla Firefox NSS Library component allows remote unauthenticated attackers to extract high-value confidential data via network-accessible boundary condition errors. Affects Firefox versions prior to 150, ESR 115.x prior to 115.35, and ESR 140.x prior to 140.10. SSVC framework classifies as automatable with partial technical impact. No public exploit identified at time of analysis, though SSVC automation rating and CVSS:3.1/AV:N/AC:L/PR:N/UI:N vector indicate straightforward exploitation potential once vulnerability details are published.

Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6771 CRITICAL PATCH Act Now

DOM security mitigation bypass in Mozilla Firefox allows remote unauthenticated attackers to completely compromise browser security, achieving high confidentiality, integrity, and availability impact. Affects Firefox versions prior to 150 and Firefox ESR versions prior to 140.10. The vulnerability bypasses critical browser security controls designed to protect the Document Object Model. SSVC assessment indicates the flaw is automatable with total technical impact, though no active exploitation has been confirmed at time of analysis. CVSS 9.8 critical rating reflects network-based attack with no complexity barriers.

Authentication Bypass Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-6770 MEDIUM PATCH This Month

Information disclosure in Firefox's IndexedDB storage component allows remote unauthenticated attackers to leak sensitive data through a network-accessible vulnerability with no user interaction required. Affected versions include Firefox prior to 150 and Firefox ESR prior to 140.10. The vulnerability has a CVSS score of 6.5 reflecting moderate severity with confidentiality impact and limited availability risk.

Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-6769 HIGH PATCH This Week

Privilege escalation in Firefox's Debugger component allows remote attackers to gain elevated system privileges after user interaction with a malicious site. Affects Firefox versions prior to 150 and Firefox ESR versions prior to 140.10. CVSS 8.8 severity with network attack vector and no authentication required. SSVC framework indicates no active exploitation detected and non-automatable attack pattern. Vendor-released patches available in Firefox 150 and Firefox ESR 140.10 per Mozilla security advisories MFSA2026-30 through MFSA2026-34.

Privilege Escalation Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-6768 CRITICAL PATCH Act Now

Authentication bypass in Firefox's cookie-handling mechanism allows remote unauthenticated attackers to bypass security controls via network requests, achieving full confidentiality, integrity, and availability compromise. Affects Firefox versions prior to 150. Mozilla has released patches in security advisories MFSA2026-30 and MFSA2026-33. CISA SSVC framework classifies this as fully automatable with total technical impact, though no active exploitation is confirmed at time of analysis. CVSS 9.8 critical severity reflects the network attack vector with no authentication or user interaction required.

Authentication Bypass Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-6767 MEDIUM PATCH This Month

Confidentiality compromise in Firefox NSS Libraries allows remote unauthenticated attackers to leak sensitive information over the network without user interaction. The vulnerability affects Firefox 150 and earlier, Firefox ESR 115.34 and earlier, and Firefox ESR 140.9 and earlier, and has been patched in Firefox 150, Firefox ESR 115.35, and Firefox ESR 140.10. No public exploit code or active exploitation has been identified at the time of analysis.

Mozilla Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6766 HIGH PATCH This Week

Remote information disclosure in Mozilla Network Security Services (NSS) library allows unauthenticated attackers to extract high-sensitivity data via network requests with no user interaction. Affects Firefox versions prior to 150 and Firefox ESR prior to 140.10. The vulnerability stems from incorrect boundary condition handling (CWE-754) in NSS cryptographic libraries. Vendor-released patches available in Firefox 150 and Firefox ESR 140.10. SSVC framework classifies as automatable with partial technical impact, though no public exploit identified at time of analysis.

Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6765 MEDIUM PATCH This Month

Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6764 MEDIUM PATCH This Month

Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Mozilla Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-6763 MEDIUM PATCH This Month

Mitigation bypass in the File Handling component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Authentication Bypass Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-6762 MEDIUM PATCH This Month

DOM spoofing in Firefox allows remote attackers to deceive users about webpage origin and integrity through rendering manipulation, requiring user interaction. Affects Firefox 149 and earlier, Firefox ESR 115.34 and earlier, and Firefox ESR 140.9 and earlier. Fixed in Firefox 150, Firefox ESR 115.35, and Firefox ESR 140.10. EPSS score of 0.02% indicates low exploitation probability despite CVSS 6.3 rating, suggesting practical exploitation constraints despite network accessibility.

Authentication Bypass Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-6761 HIGH PATCH This Week

Remote attackers can escalate privileges in Firefox and Firefox ESR through a flaw in the Networking component when a user interacts with malicious content. The vulnerability affects Firefox versions prior to 150 and Firefox ESR versions prior to 140.10, allowing attackers with no initial privileges to achieve high impact on confidentiality, integrity, and availability. Mozilla has released patches for both product lines. EPSS data not available; no confirmed active exploitation (not listed in CISA KEV); public exploit code status unknown.

Privilege Escalation Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-6760 CRITICAL PATCH Act Now

Authentication bypass in Firefox's cookie handling mechanism allows remote unauthenticated attackers to circumvent security controls and potentially execute arbitrary code or access protected resources. The vulnerability affects Firefox versions prior to 150 and has a critical CVSS score of 9.8 (network-exploitable, no authentication required, low complexity). Despite the severe CVSS rating, EPSS probability indicates only 0.02% likelihood of exploitation (4th percentile), suggesting limited real-world targeting. Mozilla has patched this in Firefox 150 per security advisories MFSA2026-30 and MFSA2026-33. No evidence of active exploitation (not in CISA KEV) or public proof-of-concept code at time of analysis.

Authentication Bypass Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-6759 HIGH PATCH This Week

Memory corruption in Firefox's Widget: Cocoa component on macOS enables remote denial of service through use-after-free exploitation. Mozilla patched this in Firefox 150 and Firefox ESR 140.10 after internal discovery. The CVSS vector indicates network-accessible exploitation requiring no authentication or user interaction, though SSVC assessment classifies technical impact as partial and exploitation as non-automatable. No public exploit identified at time of analysis, with SSVC indicating no evidence of active exploitation.

Information Disclosure Memory Corruption Use After Free Mozilla Red Hat +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6758 HIGH PATCH This Week

Use-after-free in Firefox's WebAssembly JavaScript engine enables remote denial-of-service attacks against users running unpatched versions below Firefox 150. The vulnerability allows network-based attackers to crash the browser without authentication or user interaction by triggering memory corruption in WebAssembly processing. Mozilla patched this in Firefox 150 (MFSA2026-30). EPSS data not available, not listed in CISA KEV, and SSVC framework rates exploitation as 'none' with non-automatable, partial technical impact-suggesting lower real-world risk despite CVSS 7.5 severity.

Information Disclosure Memory Corruption Use After Free Mozilla Red Hat +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6757 MEDIUM PATCH This Month

Invalid pointer handling in Firefox's JavaScript-WebAssembly component allows remote attackers to disclose information or cause limited memory corruption via a malicious webpage, requiring user interaction. The vulnerability affects Firefox versions prior to 150 and Firefox ESR prior to 140.10, with an EPSS score of 0.02% indicating minimal real-world exploitation probability despite moderate CVSS severity. Vendor-released patches are available in Firefox 150 and Firefox ESR 140.10.

Memory Corruption Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-6756 HIGH PATCH This Week

A mitigation bypass in Firefox for Android allows remote attackers to achieve high-impact integrity violations without authentication or user interaction. Fixed in Firefox 150, this CWE-200 information disclosure flaw enables attackers to circumvent existing security controls via network-based vectors. Despite a CVSS base score of 7.5 (High), real-world exploitation risk appears limited: EPSS probability is only 0.02% (5th percentile), no public exploit code has been identified, and CISA SSVC framework rates it as non-exploited with partial technical impact, though automatable.

Google Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-6755 MEDIUM PATCH This Month

A cross-site request forgery (CSRF) mitigation bypass in the DOM postMessage component of Firefox allows authenticated attackers to trigger denial of service against affected systems. The vulnerability bypasses existing CSRF protections through improper validation of postMessage origin checks, affecting Firefox versions prior to 150. No public exploit code has been identified, and exploitation requires authenticated network access without user interaction.

CSRF Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-40250 HIGH PATCH This Week

Integer overflow in OpenEXR's DWA compressor (versions 3.2.0-3.2.7, 3.3.0-3.3.9, 3.4.0-3.4.9) enables local attackers to trigger memory corruption when processing maliciously crafted EXR image files requiring user interaction. This vulnerability represents a missed instance of the same integer overflow pattern addressed in related CVEs 2026-34589, 34588, and 34544, occurring in `internal_dwa_compressor.h:1040` where width multiplication lacks proper size_t casting. Given the local attack vector requiring user interaction (CVSS AV:L/UI:A), real-world exploitation requires social engineering to trick users into opening weaponized EXR files, making this primarily a workstation-targeted threat in media production environments. No active exploitation or public POC identified at time of analysis.

Integer Overflow Buffer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-39886 MEDIUM PATCH This Month

Signed integer overflow in OpenEXR 3.4.0-3.4.9 HTJ2K decompression allows remote attackers to cause denial of service via crafted EXR files with excessive FLOAT channels. The `ht_undo_impl()` function accumulates a bytes-per-line value in a 32-bit signed integer without overflow protection; on memory-permissive systems, the wrapped negative value enables heap out-of-bounds writes. OpenEXR 3.4.10 contains the fix. This is a distinct overflow from CVE-2026-34545 in the same function and mirrors the pattern of CVE-2026-34588.

Integer Overflow Buffer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-39946 Go MEDIUM PATCH GHSA This Month

OpenBao 2.5.2 and earlier fails to properly quote PostgreSQL schema names during role revocation in the PostgreSQL database secrets engine, allowing authenticated high-privilege administrators to execute arbitrary SQL injection as the database management user. The vulnerability affects the credentials management workflow when revoking database roles, potentially compromising database integrity. A vendor-released patch (version 2.5.3) is available.

PostgreSQL SQLi Hashicorp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-39378 PyPI MEDIUM PATCH GHSA This Month

Jupyter nbconvert 6.5 through 7.17.0 allows unauthenticated remote attackers to read arbitrary files from the conversion host when HTMLExporter.embed_images is enabled, by embedding malicious image references with path traversal sequences in a crafted notebook. A malicious actor can exfiltrate sensitive files as base64-encoded data URIs in the output HTML, achieving confidentiality breach with no integrity or availability impact. Vendor-released patch: version 7.17.1.

Path Traversal Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-35588 PyPI MEDIUM PATCH GHSA This Month

Cassandra export module in Glances prior to version 4.5.4 allows local privilege-escalated users to redirect monitoring data to attacker-controlled databases by injecting CQL statements through unvalidated configuration parameters. An authenticated local attacker with write access to the Glances configuration file can modify keyspace, table, and replication_factor settings to execute arbitrary CQL, enabling data exfiltration or denial of service against the monitoring infrastructure. This vulnerability requires elevated local access but carries high confidentiality and integrity impact.

SQLi Suse
NVD GitHub
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-35587 PyPI HIGH PATCH GHSA This Week

Server-Side Request Forgery in Glances IP plugin allows authenticated attackers to force the monitoring application to send HTTP requests to arbitrary internal or external endpoints, with automatic credential leakage when public_username and public_password are configured. The vulnerability affects all versions prior to 4.5.4 and arises from insufficient validation of the public_api configuration parameter. EPSS exploitation probability is low (0.04%, 12th percentile), but SSVC framework confirms proof-of-concept availability and automatable exploitation with partial technical impact. Vendor patch released in version 4.5.4.

SSRF Information Disclosure Suse
NVD GitHub
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-34839 PyPI HIGH PATCH GHSA This Week

Cross-origin data exfiltration in Glances web server allows remote unauthenticated attackers to read sensitive system information (CPU, memory, processes, network stats) through the REST API endpoint /api/4/* via malicious websites exploiting permissive CORS policy. Affects all versions prior to 4.5.4. EPSS score of 0.06% (18th percentile) suggests low widespread exploitation probability despite proof-of-concept availability, though the network-accessible, unauthenticated attack vector (AV:N/PR:N) combined with high confidentiality impact (VC:H) makes this a priority for internet-exposed instances.

Information Disclosure Suse
NVD GitHub
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-39377 PyPI MEDIUM PATCH GHSA This Month

Arbitrary file write in Jupyter nbconvert 6.5 through 7.17.0 allows unauthenticated attackers to write files to arbitrary filesystem locations outside the intended output directory by crafting malicious cell attachment filenames in notebooks. The ExtractAttachmentsPreprocessor fails to sanitize attachment filenames, enabling path traversal that provides full control over destination paths and file extensions. Requires user interaction (opening a malicious notebook) and is patched in version 7.17.1.

Path Traversal Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-40706 HIGH PATCH This Week

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path (stat, readdir, open) when processing a security descriptor with multiple ACCESS_DENIED ACEs containing WRITE_OWNER from distinct group SIDs.

Heap Overflow Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-5358 CRITICAL PATCH Act Now

Buffer overflow in glibc's obsolete NIS authentication function allows remote attackers to compromise integrity and availability via spoofed UDP responses. Affects all glibc versions through 2.43, but exploitation requires the target application to actively use the deprecated nis_local_principal function (obsolete since glibc 2.26). EPSS score of 0.02% (5th percentile) indicates low real-world exploitation probability, consistent with the narrow attack surface of legacy NIS deployments. No active exploitation or public exploit code identified at time of analysis.

Buffer Overflow Glibc Red Hat Suse
NVD VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-6060 MEDIUM This Month

Uncontrolled resource consumption in OTRS admin interface SQL Box causes denial of service against the webserver, affecting OTRS 7.0.x, 8.0.x, 2023.x, 2024.x, 2025.x, and 2026.x before 2026.3. The vulnerability requires high-privilege admin access and user interaction, limiting real-world impact to authenticated administrators performing deliberate actions. No public exploit code or active exploitation has been identified.

Denial Of Service Suse
NVD VulDB
CVSS 3.1
4.5
EPSS
0.0%
CVE-2026-28684 PyPI MEDIUM PATCH GHSA This Month

Local privilege escalation in python-dotenv before version 1.2.2 allows authenticated users to overwrite arbitrary files via symlink following in the set_key() and unset_key() functions when a cross-device rename fallback is triggered. An attacker with local access and the ability to write to the filesystem can create malicious symlinks that python-dotenv will follow during .env file rewriting, leading to unintended file modification or deletion. The vulnerability requires user interaction (the application must call set_key() or unset_key()) but affects any system using vulnerable versions of the library. No public exploit code or active exploitation has been reported at time of analysis.

Information Disclosure Python Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.6
EPSS
0.0%
CVE-2026-3219 PyPI MEDIUM PATCH This Month

pip before version 26.1 incorrectly treats concatenated tar and ZIP archives as ZIP files regardless of filename, potentially installing unintended package contents when ambiguous archive formats are processed. Local attackers with user interaction can exploit this during package installation to cause integrity confusion, where an archive's actual contents diverge from its declared format. The vulnerability requires local access and user interaction (downloading/installing a crafted archive), limiting real-world impact to supply-chain scenarios or direct social engineering of pip users.

File Upload Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-33558 Maven MEDIUM PATCH This Month

Apache Kafka's NetworkClient component logs entire request and response payloads at DEBUG level, exposing sensitive authentication credentials, delegation tokens, and configuration data in plaintext logs. This affects Kafka versions 0.11.0 through 3.9.1 and 4.0.0 across the broker and client libraries. While DEBUG logging is not enabled by default (INFO is the standard), organizations that enable DEBUG logging for troubleshooting inadvertently create persistent records of authentication material and secrets that can be harvested by local log readers or accessed via log aggregation systems. CVSS 5.3 reflects low network attack surface (requires prior DEBUG enablement), but SSVC rates this as automatable with partial technical impact, suitable for prioritization in environments using centralized logging.

Apache Information Disclosure Suse
NVD VulDB HeroDevs
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-31430 HIGH PATCH This Week

Out-of-bounds read in the Linux kernel's X.509 certificate parser allows local unprivileged users to trigger memory corruption or denial of service by submitting a specially crafted certificate via the keyrings(7) API. The flaw exists in the handling of empty Basic Constraints or Key Usage extensions, where the first byte is dereferenced before the length check. A proof-of-concept was responsibly disclosed by the reporter, though no public exploit is identified at time of analysis and EPSS rates the exploitation probability as very low (0.01%).

Information Disclosure Linux Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-31429 MEDIUM PATCH This Month

Cross-cache slab free in the Linux kernel's socket buffer (SKB) subsystem allows a local authenticated attacker to trigger a kernel panic and denial of service on systems where KFENCE is enabled. When KFENCE intercepts a kzalloc() call whose requested size exactly matches SKB_SMALL_HEAD_CACHE_SIZE, the computed skb_end_offset misleads skb_kfree_head() into freeing the object to skb_small_head_cache instead of the originating kmalloc cache, corrupting slab allocator state. No public exploit is identified at time of analysis and EPSS is 0.02% (4th percentile), placing this firmly in the low-urgency tier absent a KFENCE-enabled production environment.

Information Disclosure Linux Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-41254 MEDIUM PATCH This Month

Integer overflow in Little CMS (lcms2) version 2.18 and earlier allows local attackers to trigger a buffer overflow via CubeSize calculation in cmslut.c, where the overflow check occurs after rather than before multiplication. This can result in memory corruption leading to information disclosure or denial of service with low complexity requirements. No active exploitation in CISA KEV confirmed at time of analysis, but proof-of-concept technical details are publicly available.

Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-40340 MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 allows local attackers with physical access to a USB-connected camera to trigger information disclosure or denial of service via malformed PTP protocol data during Samsung Galaxy device enumeration. The vulnerability exists in `ptp_unpack_OI()` which validates buffer boundaries at 48 bytes but subsequently reads up to 56 bytes, exceeding the boundary by 9 bytes. A fix is available in commit 7c7f515bc88c3d0c4098ac965d313518e0ccbe33.

Samsung Information Disclosure Buffer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-40339 MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 allows local attackers with physical access to a connected camera to read sensitive memory and potentially cause denial of service via a specially crafted Sony camera device. The vulnerability exists in the Sony-specific PTP packet unpacking function which omits bounds validation present in the standard variant, enabling attackers with direct camera access to trigger information disclosure and minor availability impact.

Information Disclosure Buffer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.2
EPSS
0.0%
CVE-2026-40338 MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 allows physical attackers to disclose sensitive memory and cause denial of service via a malicious PTP (Picture Transfer Protocol) device. The vulnerability exists in the Sony-specific DPD unpacking function, which fails to validate buffer boundaries before reading an enumeration count, enabling attackers with direct device access to craft responses that trigger the out-of-bounds read. Patch is available via upstream commit 3b9f9696be76ae51dca983d9dd8ce586a2561845.

Information Disclosure Buffer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.2
EPSS
0.0%
CVE-2026-40335 MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 in the PTP protocol parser allows information disclosure and potential denial of service when processing specially crafted camera responses. The vulnerability exists in ptp_unpack_DPV() where UINT128 and INT128 cases advance the buffer offset by 16 bytes without verifying sufficient buffer remains available, potentially exposing adjacent memory. Exploitation requires physical access to connect a malicious camera device (AV:P), but no special authentication or user interaction is needed once connected. No public exploit code identified at time of analysis.

Information Disclosure Buffer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.2
EPSS
0.0%
CVE-2026-40333 MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 allows local attackers with physical access to a connected camera to read sensitive information from process memory or cause denial of service via malformed EOS event data. Two functions in ptp-pack.c lack length validation, enabling unbounded buffer reads when processing camera events. The vulnerability requires physical device access and is not remotely exploitable, with no public exploit code identified at time of analysis.

Information Disclosure Buffer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-35512 HIGH PATCH This Week

Heap-based buffer overflow in xrdp 0.10.5 and earlier allows remote code execution after authentication via malicious EGFX graphics channel PDUs. Authenticated attackers can exploit insufficient validation of client-controlled size parameters to write beyond allocated heap buffers. Unauthenticated attackers can only trigger denial-of-service crashes. Vendor-released patch available in version 0.10.6. No active exploitation confirmed (not in CISA KEV), but heap overflows in remote services are high-value targets. Default non-privileged execution since 0.10.2 limits post-compromise impact.

Heap Overflow Buffer Overflow RCE Suse
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2026-33689 HIGH PATCH This Week

Out-of-bounds read in xrdp 0.10.5 and earlier allows unauthenticated remote attackers to crash the RDP service or disclose memory contents during pre-authentication message parsing. The vulnerability (CWE-125) exploits insufficient buffer length validation in dynamic channel communication handling, affecting default installations exposed to network access. Fixed in version 0.10.6 per vendor advisory GHSA-92mr-6wpp-27jj. CVSS 8.7 reflects high availability impact; no active exploitation confirmed in CISA KEV at time of analysis, though public disclosure increases risk for internet-facing xrdp deployments.

Information Disclosure Buffer Overflow Suse
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-33145 MEDIUM PATCH This Month

Authenticated remote command execution in xrdp through version 0.10.5 allows users to execute arbitrary shell commands on the RDP server via an unsanitized AlternateShell parameter during session initialization. When AllowAlternateShell is enabled (the default configuration), xrdp passes client-supplied shell commands directly to /bin/sh -c without sanitization, bypassing normal session constraints. An authenticated RDP user can exploit this to run arbitrary commands in the context of their login session before the window manager starts, with no public exploit code identified at time of analysis.

Command Injection Suse
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2026-32624 MEDIUM PATCH This Month

Heap-based buffer overflow in xrdp 0.10.5 and earlier allows unauthenticated remote attackers to cause denial of service or memory corruption when the domain_user_separator configuration directive is explicitly enabled in xrdp.ini. An attacker sends a crafted RDP logon request with an excessively long username and domain name combination that overflows an internal buffer, corrupting adjacent memory regions. The vulnerability requires non-default configuration (domain_user_separator must be uncommented) and affects only systems with this setting enabled. Vendor-released patch: version 0.10.6.

Heap Overflow Denial Of Service Buffer Overflow Suse
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.1%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Unlimited memory allocation in PowerDNS internal web server allows remote denial of service via crafted web requests. The vulnerability affects multiple PowerDNS products (dnsdist, Authoritative, and Recursor) across multiple versions, though the internal web server is disabled by default, significantly limiting real-world exposure. CVSS 5.3 reflects low attack complexity and no authentication requirements, but the default-disabled state and requirement to enable the internal web server substantially reduce practical risk.

Denial Of Service Suse
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Denial of service via unlimited memory allocation in PowerDNS Recursor's internal web server affects versions 5.2.0-5.2.8, 5.3.0-5.3.5, and 5.4.0. An unauthenticated remote attacker can send a crafted web request to exhaust server memory when the internal web server is enabled, causing service unavailability. No public exploit code or active exploitation has been identified, but patch versions are available from the vendor.

Denial Of Service Suse
NVD VulDB
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Denial of service in PowerDNS Recursor occurs when processing a malicious Response Policy Zone (RPZ) from an authoritative server, triggering a null pointer dereference due to missing validation logic. Versions 5.2.0-5.2.8, 5.3.0-5.3.5, and 5.4.0 are affected. An authenticated remote attacker controlling an authoritative nameserver can crash the Recursor service by sending a specially crafted RPZ response, requiring high privilege level (PR:H) and complex attack conditions (AC:H) as mitigating factors.

Denial Of Service Null Pointer Dereference Suse
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out-of-bounds write in Linux kernel ksmbd allows authenticated remote attackers to cause memory corruption via crafted SMB2 compound requests combining QUERY_DIRECTORY and QUERY_INFO commands. The vulnerability arises when get_file_all_info() fails to validate OutputBufferLength against available buffer space before converting filenames to UTF-16, enabling buffer overflow beyond response buffer boundaries. With CVSS 8.8 (High) and network attack vector requiring only low privileges, this presents significant risk to systems running ksmbd SMB server. Vendor patches available across multiple kernel versions (5.15.203, 6.1.168, 6.6.131, 6.12.80, 6.18.21, 6.19.11, 7.0). EPSS exploitation probability remains low at 0.01% (2nd percentile), and no public exploit or CISA KEV listing identified at time of analysis.

Buffer Overflow Linux Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal paths by using .. path traversal components. The restriction check uses strings.HasPrefix without filepath.Clean, so a path like /tekton/home/../results passes validation but resolves to /tekton/results at runtime. This vulnerability is fixed in 1.11.1.

Kubernetes Path Traversal Red Hat +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, the HTTP resolver's FetchHttpResource function calls io.ReadAll(resp.Body) with no response body size limit. Any tenant with permission to create TaskRuns or PipelineRuns that reference the HTTP resolver can point it at an attacker-controlled HTTP server that returns a very large response body within the 1-minute timeout window, causing the tekton-pipelines-resolvers pod to be OOM-killed by Kubernetes. Because all resolver types (Git, Hub, Bundle, Cluster, HTTP) run in the same pod, crashing this pod denies resolution service to the entire cluster. Repeated exploitation causes a sustained crash loop. The same vulnerable code path is reached by both the deprecated pkg/resolution/resolver/http and the current pkg/remoteresolution/resolver/http implementations. This vulnerability is fixed in 1.11.1.

Denial Of Service Kubernetes Suse +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

### Impact Using either of the two parsers in the default configuration (with `resolve_entities=True`) allows untrusted XML input to read local files. ### Patches lxml 6.1.0 changes the default to `resolve_entities='internal'`, thus disallowing local file access by default. ### Workarounds Setting the `resolve_entities` option explicitly to `resolve_entities='internal'` or `resolve_entities=False` disables the local file access. ### Resources Original report: https://bugs.launchpad.net/lxml/+bug/2146291 The default option was changed to `resolve_entities='internal'` for the normal XML and HTML parsers in lxml 5.0. The default was not changed for `iterparse()` and `ETCompatXMLParser()` at the time. lxml 6.1 makes the safe option the default for all parsers.

XXE Suse Red Hat
NVD GitHub VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle Authentication Bypass Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Denial Of Service Oracle Java +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Oracle Information Disclosure Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).

Authentication Bypass Oracle Java +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 6.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H).

Denial Of Service Oracle Java +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Authentication bypass in mitmproxy 12.2.1 and below allows remote attackers to bypass LDAP-based proxy authentication through unsanitized username injection. The vulnerability affects only instances explicitly configured with the proxyauth option using LDAP authentication, which is disabled by default. Attackers can exploit this over the network without authentication or user interaction to gain unauthorized access to proxied connections.

Authentication Bypass LDAP Code Injection +1
NVD GitHub VulDB
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Remote code execution with complete system compromise affects Net::Dropbear Perl module versions before 0.14 due to bundled vulnerable libtomcrypt library. The module ships with Dropbear 2019.78 or earlier containing libtomcrypt v1.18.1, inheriting CVE-2016-6129 (RSA signature forgery) and CVE-2018-12437 (RSA key recovery via side-channel). CVSS 10.0 reflects network-accessible attack with no authentication or user interaction required and complete confidentiality, integrity, and availability impact with scope change. CISA SSVC framework confirms automatable exploitation with total technical impact, though no active exploitation reported. Patch available in Net::Dropbear 0.14 with updated cryptographic dependencies.

Information Disclosure Suse
NVD
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Storable versions before 3.05 for Perl has a stack overflow. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Stack Overflow Buffer Overflow Red Hat +1
NVD GitHub
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Local privilege escalation in CivetWeb v1.16 service allows authenticated users to execute arbitrary code with SYSTEM privileges via unquoted service path exploitation. The Windows service configuration lacks quotes around 'C:\Program Files\CivetWeb\CivetWeb.exe', enabling attackers to place malicious executables in directories scanned before the intended path (e.g., 'C:\Program.exe' or 'C:\Program Files\CivetWeb.exe'). No public exploit identified at time of analysis, though EPSS data not available. Patch available per vendor advisory from INCIBE.

RCE Suse
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Integer overflow in Firefox's Audio/Video Playback component allows remote unauthenticated attackers to cause integrity violations through specially crafted multimedia content. The vulnerability stems from incorrect boundary condition handling in numeric calculations, potentially enabling attackers to modify playback state or corrupt audio/video streams without user interaction. Firefox 150 and later contain the fix.

Integer Overflow Mozilla Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Unauthenticated remote attackers can obtain sensitive information from Firefox's IP Protection component prior to version 150 via network-accessible requests with low attack complexity. The vulnerability leaks confidential data (CVSS:C=High) without requiring user interaction or special privileges, affecting all Firefox installations below version 150. Mozilla has released a vendor-confirmed patch in Firefox 150. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, though CVSS vector indicates trivial exploitation conditions (AV:N/AC:L/PR:N/UI:N).

Information Disclosure Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial-of-service in Firefox versions prior to 150 allows remote attackers to crash the browser via malformed audio/video content during playback. The vulnerability requires no authentication and minimal attack complexity (CVSS 7.5, AV:N/AC:L/PR:N/UI:N), enabling attackers to render the browser unresponsive or terminated through crafted media files. Mozilla has released Firefox 150 to address this issue. EPSS data not available; no evidence of active exploitation (not in CISA KEV), though SSVC assessment notes the vulnerability is not currently being exploited and is classified as non-automatable with partial technical impact.

Denial Of Service Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial-of-service in Firefox's Audio/Video playback component allows remote attackers to crash the browser via network-based exploitation requiring no authentication or user interaction. Mozilla patched the vulnerability in Firefox 150. CVSS 7.5 (High) reflects high availability impact, but SSVC assessment marks it as partial technical impact with no confirmed exploitation, indicating lower real-world priority than critical RCE vulnerabilities. No public exploit code or CISA KEV listing identified.

Denial Of Service Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Mozilla Firefox JavaScript Engine contains an improper input validation flaw that permits remote, unauthenticated information disclosure to attackers without user interaction. The vulnerability (CWE-20: Improper Input Validation) affects all versions prior to Firefox 150 and allows attackers to access sensitive data via a network-based attack with low complexity. A vendor-released patch is available in Firefox 150.

Information Disclosure Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Denial of service via null pointer dereference in Firefox's Audio/Video Playback component allows remote attackers to crash the browser without user interaction. The vulnerability affects Firefox versions prior to 150 and requires only a network connection to trigger, resulting in availability loss but not code execution or data compromise. No active exploitation has been confirmed at time of analysis.

Null Pointer Dereference Denial Of Service Mozilla +2
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Denial of service in Firefox DNS networking component allows unauthenticated remote attackers to cause partial availability impact through crafted network requests. The vulnerability, classified as a cross-site request forgery (CSRF) issue within DNS handling, affects Firefox versions prior to 150 and has been patched by Mozilla.

CSRF Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overflow in Firefox WebRTC networking component allows local attackers to execute arbitrary code with high impact to confidentiality, integrity, and availability. Affects Firefox versions prior to 150 and Firefox ESR prior to 140.10. No public exploit identified at time of analysis. CVSS 7.8 reflects high severity but requires local access and user interaction, limiting remote attack surface. Mozilla has released patches in Firefox 150 and Firefox ESR 140.10.

Mozilla Buffer Overflow Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Incorrect boundary conditions in Firefox's WebRTC component allow remote attackers to read limited memory contents without authentication. Firefox versions prior to 150 are affected by this low-confidentiality vulnerability, which CVSS rates at 5.3 due to network exploitability without user interaction, though CISA's SSVC framework indicates no current exploitation activity and limited technical impact.

Mozilla Buffer Overflow Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Mitigation bypass in Firefox's DOM Security component allows authenticated remote attackers with user interaction to circumvent security controls and gain limited read/write access to sensitive data across security boundaries. Firefox 150 and later versions contain the fix; versions prior to 150 are vulnerable. SSVC assessment indicates no current public exploitation, though the vulnerability requires user interaction and authentication to trigger.

Authentication Bypass Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Integer overflow in Firefox's WebGPU graphics component enables remote denial-of-service attacks against default browser configurations. Attackers can trigger high availability impact via network-accessible exploitation without authentication or user interaction. Mozilla patched this in Firefox 150, with SSVC framework rating it automatable with partial technical impact despite CVSS 7.5 severity. No active exploitation confirmed and EPSS data not provided for risk quantification.

Integer Overflow Mozilla Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Information disclosure in Mozilla Firefox NSS Library component allows remote unauthenticated attackers to extract high-value confidential data via network-accessible boundary condition errors. Affects Firefox versions prior to 150, ESR 115.x prior to 115.35, and ESR 140.x prior to 140.10. SSVC framework classifies as automatable with partial technical impact. No public exploit identified at time of analysis, though SSVC automation rating and CVSS:3.1/AV:N/AC:L/PR:N/UI:N vector indicate straightforward exploitation potential once vulnerability details are published.

Information Disclosure Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

DOM security mitigation bypass in Mozilla Firefox allows remote unauthenticated attackers to completely compromise browser security, achieving high confidentiality, integrity, and availability impact. Affects Firefox versions prior to 150 and Firefox ESR versions prior to 140.10. The vulnerability bypasses critical browser security controls designed to protect the Document Object Model. SSVC assessment indicates the flaw is automatable with total technical impact, though no active exploitation has been confirmed at time of analysis. CVSS 9.8 critical rating reflects network-based attack with no complexity barriers.

Authentication Bypass Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Information disclosure in Firefox's IndexedDB storage component allows remote unauthenticated attackers to leak sensitive data through a network-accessible vulnerability with no user interaction required. Affected versions include Firefox prior to 150 and Firefox ESR prior to 140.10. The vulnerability has a CVSS score of 6.5 reflecting moderate severity with confidentiality impact and limited availability risk.

Information Disclosure Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Firefox's Debugger component allows remote attackers to gain elevated system privileges after user interaction with a malicious site. Affects Firefox versions prior to 150 and Firefox ESR versions prior to 140.10. CVSS 8.8 severity with network attack vector and no authentication required. SSVC framework indicates no active exploitation detected and non-automatable attack pattern. Vendor-released patches available in Firefox 150 and Firefox ESR 140.10 per Mozilla security advisories MFSA2026-30 through MFSA2026-34.

Privilege Escalation Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Authentication bypass in Firefox's cookie-handling mechanism allows remote unauthenticated attackers to bypass security controls via network requests, achieving full confidentiality, integrity, and availability compromise. Affects Firefox versions prior to 150. Mozilla has released patches in security advisories MFSA2026-30 and MFSA2026-33. CISA SSVC framework classifies this as fully automatable with total technical impact, though no active exploitation is confirmed at time of analysis. CVSS 9.8 critical severity reflects the network attack vector with no authentication or user interaction required.

Authentication Bypass Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Confidentiality compromise in Firefox NSS Libraries allows remote unauthenticated attackers to leak sensitive information over the network without user interaction. The vulnerability affects Firefox 150 and earlier, Firefox ESR 115.34 and earlier, and Firefox ESR 140.9 and earlier, and has been patched in Firefox 150, Firefox ESR 115.35, and Firefox ESR 140.10. No public exploit code or active exploitation has been identified at the time of analysis.

Mozilla Buffer Overflow Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote information disclosure in Mozilla Network Security Services (NSS) library allows unauthenticated attackers to extract high-sensitivity data via network requests with no user interaction. Affects Firefox versions prior to 150 and Firefox ESR prior to 140.10. The vulnerability stems from incorrect boundary condition handling (CWE-754) in NSS cryptographic libraries. Vendor-released patches available in Firefox 150 and Firefox ESR 140.10. SSVC framework classifies as automatable with partial technical impact, though no public exploit identified at time of analysis.

Information Disclosure Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Information Disclosure Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Mozilla Buffer Overflow Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Mitigation bypass in the File Handling component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Authentication Bypass Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

DOM spoofing in Firefox allows remote attackers to deceive users about webpage origin and integrity through rendering manipulation, requiring user interaction. Affects Firefox 149 and earlier, Firefox ESR 115.34 and earlier, and Firefox ESR 140.9 and earlier. Fixed in Firefox 150, Firefox ESR 115.35, and Firefox ESR 140.10. EPSS score of 0.02% indicates low exploitation probability despite CVSS 6.3 rating, suggesting practical exploitation constraints despite network accessibility.

Authentication Bypass Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote attackers can escalate privileges in Firefox and Firefox ESR through a flaw in the Networking component when a user interacts with malicious content. The vulnerability affects Firefox versions prior to 150 and Firefox ESR versions prior to 140.10, allowing attackers with no initial privileges to achieve high impact on confidentiality, integrity, and availability. Mozilla has released patches for both product lines. EPSS data not available; no confirmed active exploitation (not listed in CISA KEV); public exploit code status unknown.

Privilege Escalation Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Authentication bypass in Firefox's cookie handling mechanism allows remote unauthenticated attackers to circumvent security controls and potentially execute arbitrary code or access protected resources. The vulnerability affects Firefox versions prior to 150 and has a critical CVSS score of 9.8 (network-exploitable, no authentication required, low complexity). Despite the severe CVSS rating, EPSS probability indicates only 0.02% likelihood of exploitation (4th percentile), suggesting limited real-world targeting. Mozilla has patched this in Firefox 150 per security advisories MFSA2026-30 and MFSA2026-33. No evidence of active exploitation (not in CISA KEV) or public proof-of-concept code at time of analysis.

Authentication Bypass Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Memory corruption in Firefox's Widget: Cocoa component on macOS enables remote denial of service through use-after-free exploitation. Mozilla patched this in Firefox 150 and Firefox ESR 140.10 after internal discovery. The CVSS vector indicates network-accessible exploitation requiring no authentication or user interaction, though SSVC assessment classifies technical impact as partial and exploitation as non-automatable. No public exploit identified at time of analysis, with SSVC indicating no evidence of active exploitation.

Information Disclosure Memory Corruption Use After Free +3
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use-after-free in Firefox's WebAssembly JavaScript engine enables remote denial-of-service attacks against users running unpatched versions below Firefox 150. The vulnerability allows network-based attackers to crash the browser without authentication or user interaction by triggering memory corruption in WebAssembly processing. Mozilla patched this in Firefox 150 (MFSA2026-30). EPSS data not available, not listed in CISA KEV, and SSVC framework rates exploitation as 'none' with non-automatable, partial technical impact-suggesting lower real-world risk despite CVSS 7.5 severity.

Information Disclosure Memory Corruption Use After Free +3
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Invalid pointer handling in Firefox's JavaScript-WebAssembly component allows remote attackers to disclose information or cause limited memory corruption via a malicious webpage, requiring user interaction. The vulnerability affects Firefox versions prior to 150 and Firefox ESR prior to 140.10, with an EPSS score of 0.02% indicating minimal real-world exploitation probability despite moderate CVSS severity. Vendor-released patches are available in Firefox 150 and Firefox ESR 140.10.

Memory Corruption Information Disclosure Mozilla +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A mitigation bypass in Firefox for Android allows remote attackers to achieve high-impact integrity violations without authentication or user interaction. Fixed in Firefox 150, this CWE-200 information disclosure flaw enables attackers to circumvent existing security controls via network-based vectors. Despite a CVSS base score of 7.5 (High), real-world exploitation risk appears limited: EPSS probability is only 0.02% (5th percentile), no public exploit code has been identified, and CISA SSVC framework rates it as non-exploited with partial technical impact, though automatable.

Google Information Disclosure Mozilla +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

A cross-site request forgery (CSRF) mitigation bypass in the DOM postMessage component of Firefox allows authenticated attackers to trigger denial of service against affected systems. The vulnerability bypasses existing CSRF protections through improper validation of postMessage origin checks, affecting Firefox versions prior to 150. No public exploit code has been identified, and exploitation requires authenticated network access without user interaction.

CSRF Mozilla Red Hat +1
NVD VulDB
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Integer overflow in OpenEXR's DWA compressor (versions 3.2.0-3.2.7, 3.3.0-3.3.9, 3.4.0-3.4.9) enables local attackers to trigger memory corruption when processing maliciously crafted EXR image files requiring user interaction. This vulnerability represents a missed instance of the same integer overflow pattern addressed in related CVEs 2026-34589, 34588, and 34544, occurring in `internal_dwa_compressor.h:1040` where width multiplication lacks proper size_t casting. Given the local attack vector requiring user interaction (CVSS AV:L/UI:A), real-world exploitation requires social engineering to trick users into opening weaponized EXR files, making this primarily a workstation-targeted threat in media production environments. No active exploitation or public POC identified at time of analysis.

Integer Overflow Buffer Overflow Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Signed integer overflow in OpenEXR 3.4.0-3.4.9 HTJ2K decompression allows remote attackers to cause denial of service via crafted EXR files with excessive FLOAT channels. The `ht_undo_impl()` function accumulates a bytes-per-line value in a 32-bit signed integer without overflow protection; on memory-permissive systems, the wrapped negative value enables heap out-of-bounds writes. OpenEXR 3.4.10 contains the fix. This is a distinct overflow from CVE-2026-34545 in the same function and mirrors the pattern of CVE-2026-34588.

Integer Overflow Buffer Overflow Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

OpenBao 2.5.2 and earlier fails to properly quote PostgreSQL schema names during role revocation in the PostgreSQL database secrets engine, allowing authenticated high-privilege administrators to execute arbitrary SQL injection as the database management user. The vulnerability affects the credentials management workflow when revoking database roles, potentially compromising database integrity. A vendor-released patch (version 2.5.3) is available.

PostgreSQL SQLi Hashicorp +2
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Jupyter nbconvert 6.5 through 7.17.0 allows unauthenticated remote attackers to read arbitrary files from the conversion host when HTMLExporter.embed_images is enabled, by embedding malicious image references with path traversal sequences in a crafted notebook. A malicious actor can exfiltrate sensitive files as base64-encoded data URIs in the output HTML, achieving confidentiality breach with no integrity or availability impact. Vendor-released patch: version 7.17.1.

Path Traversal Red Hat Suse
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Cassandra export module in Glances prior to version 4.5.4 allows local privilege-escalated users to redirect monitoring data to attacker-controlled databases by injecting CQL statements through unvalidated configuration parameters. An authenticated local attacker with write access to the Glances configuration file can modify keyspace, table, and replication_factor settings to execute arbitrary CQL, enabling data exfiltration or denial of service against the monitoring infrastructure. This vulnerability requires elevated local access but carries high confidentiality and integrity impact.

SQLi Suse
NVD GitHub
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Server-Side Request Forgery in Glances IP plugin allows authenticated attackers to force the monitoring application to send HTTP requests to arbitrary internal or external endpoints, with automatic credential leakage when public_username and public_password are configured. The vulnerability affects all versions prior to 4.5.4 and arises from insufficient validation of the public_api configuration parameter. EPSS exploitation probability is low (0.04%, 12th percentile), but SSVC framework confirms proof-of-concept availability and automatable exploitation with partial technical impact. Vendor patch released in version 4.5.4.

SSRF Information Disclosure Suse
NVD GitHub
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Cross-origin data exfiltration in Glances web server allows remote unauthenticated attackers to read sensitive system information (CPU, memory, processes, network stats) through the REST API endpoint /api/4/* via malicious websites exploiting permissive CORS policy. Affects all versions prior to 4.5.4. EPSS score of 0.06% (18th percentile) suggests low widespread exploitation probability despite proof-of-concept availability, though the network-accessible, unauthenticated attack vector (AV:N/PR:N) combined with high confidentiality impact (VC:H) makes this a priority for internet-exposed instances.

Information Disclosure Suse
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Arbitrary file write in Jupyter nbconvert 6.5 through 7.17.0 allows unauthenticated attackers to write files to arbitrary filesystem locations outside the intended output directory by crafting malicious cell attachment filenames in notebooks. The ExtractAttachmentsPreprocessor fails to sanitize attachment filenames, enabling path traversal that provides full control over destination paths and file extensions. Requires user interaction (opening a malicious notebook) and is patched in version 7.17.1.

Path Traversal Red Hat Suse
NVD GitHub VulDB
EPSS 0% CVSS 8.4
HIGH PATCH This Week

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path (stat, readdir, open) when processing a security descriptor with multiple ACCESS_DENIED ACEs containing WRITE_OWNER from distinct group SIDs.

Heap Overflow Buffer Overflow Suse
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Buffer overflow in glibc's obsolete NIS authentication function allows remote attackers to compromise integrity and availability via spoofed UDP responses. Affects all glibc versions through 2.43, but exploitation requires the target application to actively use the deprecated nis_local_principal function (obsolete since glibc 2.26). EPSS score of 0.02% (5th percentile) indicates low real-world exploitation probability, consistent with the narrow attack surface of legacy NIS deployments. No active exploitation or public exploit code identified at time of analysis.

Buffer Overflow Glibc Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.5
MEDIUM This Month

Uncontrolled resource consumption in OTRS admin interface SQL Box causes denial of service against the webserver, affecting OTRS 7.0.x, 8.0.x, 2023.x, 2024.x, 2025.x, and 2026.x before 2026.3. The vulnerability requires high-privilege admin access and user interaction, limiting real-world impact to authenticated administrators performing deliberate actions. No public exploit code or active exploitation has been identified.

Denial Of Service Suse
NVD VulDB
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Local privilege escalation in python-dotenv before version 1.2.2 allows authenticated users to overwrite arbitrary files via symlink following in the set_key() and unset_key() functions when a cross-device rename fallback is triggered. An attacker with local access and the ability to write to the filesystem can create malicious symlinks that python-dotenv will follow during .env file rewriting, leading to unintended file modification or deletion. The vulnerability requires user interaction (the application must call set_key() or unset_key()) but affects any system using vulnerable versions of the library. No public exploit code or active exploitation has been reported at time of analysis.

Information Disclosure Python Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

pip before version 26.1 incorrectly treats concatenated tar and ZIP archives as ZIP files regardless of filename, potentially installing unintended package contents when ambiguous archive formats are processed. Local attackers with user interaction can exploit this during package installation to cause integrity confusion, where an archive's actual contents diverge from its declared format. The vulnerability requires local access and user interaction (downloading/installing a crafted archive), limiting real-world impact to supply-chain scenarios or direct social engineering of pip users.

File Upload Red Hat Suse
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Apache Kafka's NetworkClient component logs entire request and response payloads at DEBUG level, exposing sensitive authentication credentials, delegation tokens, and configuration data in plaintext logs. This affects Kafka versions 0.11.0 through 3.9.1 and 4.0.0 across the broker and client libraries. While DEBUG logging is not enabled by default (INFO is the standard), organizations that enable DEBUG logging for troubleshooting inadvertently create persistent records of authentication material and secrets that can be harvested by local log readers or accessed via log aggregation systems. CVSS 5.3 reflects low network attack surface (requires prior DEBUG enablement), but SSVC rates this as automatable with partial technical impact, suitable for prioritization in environments using centralized logging.

Apache Information Disclosure Suse
NVD VulDB HeroDevs
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Out-of-bounds read in the Linux kernel's X.509 certificate parser allows local unprivileged users to trigger memory corruption or denial of service by submitting a specially crafted certificate via the keyrings(7) API. The flaw exists in the handling of empty Basic Constraints or Key Usage extensions, where the first byte is dereferenced before the length check. A proof-of-concept was responsibly disclosed by the reporter, though no public exploit is identified at time of analysis and EPSS rates the exploitation probability as very low (0.01%).

Information Disclosure Linux Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Cross-cache slab free in the Linux kernel's socket buffer (SKB) subsystem allows a local authenticated attacker to trigger a kernel panic and denial of service on systems where KFENCE is enabled. When KFENCE intercepts a kzalloc() call whose requested size exactly matches SKB_SMALL_HEAD_CACHE_SIZE, the computed skb_end_offset misleads skb_kfree_head() into freeing the object to skb_small_head_cache instead of the originating kmalloc cache, corrupting slab allocator state. No public exploit is identified at time of analysis and EPSS is 0.02% (4th percentile), placing this firmly in the low-urgency tier absent a KFENCE-enabled production environment.

Information Disclosure Linux Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Integer overflow in Little CMS (lcms2) version 2.18 and earlier allows local attackers to trigger a buffer overflow via CubeSize calculation in cmslut.c, where the overflow check occurs after rather than before multiplication. This can result in memory corruption leading to information disclosure or denial of service with low complexity requirements. No active exploitation in CISA KEV confirmed at time of analysis, but proof-of-concept technical details are publicly available.

Buffer Overflow Suse
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 allows local attackers with physical access to a USB-connected camera to trigger information disclosure or denial of service via malformed PTP protocol data during Samsung Galaxy device enumeration. The vulnerability exists in `ptp_unpack_OI()` which validates buffer boundaries at 48 bytes but subsequently reads up to 56 bytes, exceeding the boundary by 9 bytes. A fix is available in commit 7c7f515bc88c3d0c4098ac965d313518e0ccbe33.

Samsung Information Disclosure Buffer Overflow +2
NVD GitHub VulDB
EPSS 0% CVSS 5.2
MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 allows local attackers with physical access to a connected camera to read sensitive memory and potentially cause denial of service via a specially crafted Sony camera device. The vulnerability exists in the Sony-specific PTP packet unpacking function which omits bounds validation present in the standard variant, enabling attackers with direct camera access to trigger information disclosure and minor availability impact.

Information Disclosure Buffer Overflow Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.2
MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 allows physical attackers to disclose sensitive memory and cause denial of service via a malicious PTP (Picture Transfer Protocol) device. The vulnerability exists in the Sony-specific DPD unpacking function, which fails to validate buffer boundaries before reading an enumeration count, enabling attackers with direct device access to craft responses that trigger the out-of-bounds read. Patch is available via upstream commit 3b9f9696be76ae51dca983d9dd8ce586a2561845.

Information Disclosure Buffer Overflow Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.2
MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 in the PTP protocol parser allows information disclosure and potential denial of service when processing specially crafted camera responses. The vulnerability exists in ptp_unpack_DPV() where UINT128 and INT128 cases advance the buffer offset by 16 bytes without verifying sufficient buffer remains available, potentially exposing adjacent memory. Exploitation requires physical access to connect a malicious camera device (AV:P), but no special authentication or user interaction is needed once connected. No public exploit code identified at time of analysis.

Information Disclosure Buffer Overflow Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Out-of-bounds read in libgphoto2 versions up to 2.5.33 allows local attackers with physical access to a connected camera to read sensitive information from process memory or cause denial of service via malformed EOS event data. Two functions in ptp-pack.c lack length validation, enabling unbounded buffer reads when processing camera events. The vulnerability requires physical device access and is not remotely exploitable, with no public exploit code identified at time of analysis.

Information Disclosure Buffer Overflow Red Hat +1
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH PATCH This Week

Heap-based buffer overflow in xrdp 0.10.5 and earlier allows remote code execution after authentication via malicious EGFX graphics channel PDUs. Authenticated attackers can exploit insufficient validation of client-controlled size parameters to write beyond allocated heap buffers. Unauthenticated attackers can only trigger denial-of-service crashes. Vendor-released patch available in version 0.10.6. No active exploitation confirmed (not in CISA KEV), but heap overflows in remote services are high-value targets. Default non-privileged execution since 0.10.2 limits post-compromise impact.

Heap Overflow Buffer Overflow RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Out-of-bounds read in xrdp 0.10.5 and earlier allows unauthenticated remote attackers to crash the RDP service or disclose memory contents during pre-authentication message parsing. The vulnerability (CWE-125) exploits insufficient buffer length validation in dynamic channel communication handling, affecting default installations exposed to network access. Fixed in version 0.10.6 per vendor advisory GHSA-92mr-6wpp-27jj. CVSS 8.7 reflects high availability impact; no active exploitation confirmed in CISA KEV at time of analysis, though public disclosure increases risk for internet-facing xrdp deployments.

Information Disclosure Buffer Overflow Suse
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Authenticated remote command execution in xrdp through version 0.10.5 allows users to execute arbitrary shell commands on the RDP server via an unsanitized AlternateShell parameter during session initialization. When AllowAlternateShell is enabled (the default configuration), xrdp passes client-supplied shell commands directly to /bin/sh -c without sanitization, bypassing normal session constraints. An authenticated RDP user can exploit this to run arbitrary commands in the context of their login session before the window manager starts, with no public exploit code identified at time of analysis.

Command Injection Suse
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Heap-based buffer overflow in xrdp 0.10.5 and earlier allows unauthenticated remote attackers to cause denial of service or memory corruption when the domain_user_separator configuration directive is explicitly enabled in xrdp.ini. An attacker sends a crafted RDP logon request with an excessively long username and domain name combination that overflows an internal buffer, corrupting adjacent memory regions. The vulnerability requires non-default configuration (domain_user_separator must be uncommented) and affects only systems with this setting enabled. Vendor-released patch: version 0.10.6.

Heap Overflow Denial Of Service Buffer Overflow +1
NVD GitHub VulDB
Prev Page 29 of 104 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy