CVE search
361,789 resultsCVE-2026-49991HIGHRustFS Snowball Auto-Extract: Path Traversal allows cross-bucket object injectionEPSS 0.3%CVE-2026-55189HIGHRustFS: FTP frontend skips IAM authorization on object readsEPSS 0.2%CVE-2026-55838MEDIUMRustFS: Missing admin authorization on /rustfs/admin/v3/metrics allows any authenticated user to read server metricsEPSS 0.2%CVE-2026-32833HIGHCudy LT300 3.0 OS Command Injection via NTP ConfigurationEPSS 1.3%CVE-2026-44733MEDIUMOpenProject: Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirementsEPSS 0.2%CVE-2026-44731MEDIUMOpenProject: Improper Access Control on OpenProject through /projects/[projectName]/meetings via "invited_user_id" in GET parameter "filters" leads to user names disclosureEPSS 0.2%CVE-2026-53324—net: mana: Use pci_name() for debugfs directory namingEPSS 0.2%CVE-2026-53323—net: dsa: remove redundant netdev_lock_ops() from conduit ethtool opsEPSS 0.2%CVE-2026-53322HIGHvfio/pci: Clean up DMABUFs before disabling functionEPSS 0.1%CVE-2026-53321—io_uring/napi: cap busy_poll_to 10 msecEPSS 0.2%CVE-2026-53320—nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty()EPSS 0.2%CVE-2026-53319—blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default()EPSS 0.1%CVE-2026-53318—wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_tx_check_aggr()EPSS 0.2%CVE-2026-53317—wifi: mt76: mt7921: Place upper limit on station AIDEPSS 0.2%CVE-2026-53316—drm/amd/ras: Fix NULL deref in ras_core_ras_interrupt_detected()EPSS 0.1%CVE-2026-53315—drm/amd/ras: Fix NULL deref in ras_core_get_utc_second_timestamp()EPSS 0.1%CVE-2026-53314—padata: Put CPU offline callback in ONLINE section to allow failureEPSS 0.2%CVE-2026-53313—drm/amd/display: Avoid NULL dereference in dc_dmub_srv error pathsEPSS 0.1%CVE-2026-53312—iommu/riscv: Remove overflows on the invalidation pathEPSS 0.2%CVE-2026-53311—fuse: fix uninit-value in fuse_dentry_revalidate()EPSS 0.2%