CVE search

363,959 results
CVE-2026-54696LOWRuby JSON: JSON generator heap buffer overflow when streaming to an IOEPSS 0.3%CVE-2026-57204MEDIUMpypdf: Missing stream length values ignore defined limitsEPSS 0.2%CVE-2026-10585MEDIUMStored cross-site scripting vulnerability in GitHub Enterprise Server allowed arbitrary JavaScript execution via crafted Discussion titles in the Q&A categoryEPSS 0.2%CVE-2026-57585HIGHMessagePack: Out-of-bounds read/crash on Unpacker reuse after caught errorEPSS 0.3%CVE-2026-50003CRITICALOFFIS DCMTK Toolkit Path TraversalEPSS 0.4%CVE-2026-50254HIGHOFFIS DCMTK Toolkit Missing Release of Memory after Effective LifetimeEPSS 0.4%CVE-2026-35505HIGHOFFIS DCMTK Toolkit Missing Release of Memory after Effective LifetimeEPSS 0.4%CVE-2026-58450MEDIUMInvoice Ninja 5.13.26 - Open Redirect in Client Portal Login via intended ParameterEPSS 0.2%CVE-2026-58449CRITICALtxtai - Unauthenticated Remote Code Execution via Unsafe Reflection in API /reindex function ParameterEPSS 0.7%CVE-2026-52868HIGHOFFIS DCMTK Toolkit Path TraversalEPSS 0.4%CVE-2026-58448HIGHyudao-cloud < 2026.06 - BPM Module Broken Access Control via process-instance APIEPSS 0.2%CVE-2026-58447HIGHInvidious - Cross-User Playlist Video Deletion via Missing Ownership CheckEPSS 0.2%CVE-2026-58446MEDIUMPresenton < 0.8.8-beta - Authentication Bypass of Session Auth via Unprotected MCP EndpointEPSS 0.4%CVE-2026-11541HIGHIBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smugglingEPSS 0.4%CVE-2026-44628HIGHOFFIS DCMTK Toolkit Type ConfusionEPSS 0.4%CVE-2026-11594HIGHIBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilitiesEPSS 0.3%CVE-2026-10562MEDIUMUnauthenticated Open Redirect Vulnerability on TP-Link Archer AX20 Web InterfaceEPSS 0.3%CVE-2025-12530MEDIUMVulnerabilities found in Watson Data IntelligenceEPSS 0.2%CVE-2026-13207HIGHFrangoteam FUXA SCADA/HMI Authentication Bypass by SpoofingEPSS 0.4%CVE-2026-9132MEDIUMMissing authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository contents via the Copilot pull request diff summary endpointEPSS 0.3%