CVE search

363,227 results
CVE-2026-58036LOWUsers API leaks whether privileged users have their user groups disabled for lack of 2FAEPSS 0.2%CVE-2026-24240HIGHNVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful explEPSS 0.2%CVE-2026-58127CRITICALPACSgear MediaWriter 5.2.1 Unauthenticated RCE via .NET Remoting TCP ServiceEPSS 0.8%CVE-2025-23351CRITICALNVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may causEPSS 0.3%CVE-2026-58126CRITICALPACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP ServiceEPSS 0.8%CVE-2025-15646CRITICALHTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusionEPSS 0.7%CVE-2025-23350CRITICALNVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may causEPSS 0.3%CVE-2026-24260HIGHNVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A succEPSS 0.5%CVE-2026-58024MEDIUMAPI identification of users on private wikisEPSS 0.4%CVE-2026-13707NONESession fixation attacks on improperly configured OAuth 1.0a toolsEPSS 0.3%CVE-2026-13706NONEUrlShortener extension url validation can be bypassed due to difference between php url parsing and WHATWGEPSS 0.3%CVE-2026-58399HIGH@acastellon/auth has an authentication bypass via spoofable headers in validateToken()EPSS 0.5%CVE-2026-58031NONEStored i18n XSS in Special:ApiSandbox when a deprecated module is selectedEPSS 0.2%CVE-2026-58034NONEStored XSS through a system message when blocking a temporary account that's related to other temporary accountsEPSS 0.2%CVE-2026-6283MEDIUMStored XSS in DivvyDrive Information Technologies' DivvyDriveEPSS 0.1%CVE-2026-58035NONEStored XSS through a system message in the codex version of Special:BlockEPSS 0.2%CVE-2026-5220MEDIUMStored XSS in DivvyDrive Information Technologies' DivvyDriveEPSS 0.1%CVE-2026-14330MEDIUMPipewire: pulse server alloca stack overflowEPSS 0.1%CVE-2026-14324MEDIUMPipewire: raop rtsp null derefEPSS 0.2%CVE-2026-2891HIGHPoly Voice Devices (CCX, Trio, Edge E) – Potential Denial of ServiceEPSS 0.3%