CVE search

363,097 results
CVE-2025-71352HIGHpicklescan - Remote Code Execution via Undetected trace.Trace.runctx in Pickle FilesEPSS 0.6%CVE-2025-71350HIGHpicklescan - Undetected Remote Code Execution via torch.utils.collect_env.runEPSS 0.4%CVE-2025-71349HIGHpicklescan - Arbitrary Code Execution via Undetected trace.Trace.run in Pickle FilesEPSS 0.6%CVE-2026-54696LOWRuby JSON: JSON generator heap buffer overflow when streaming to an IOEPSS 0.3%CVE-2026-57204MEDIUMpypdf: Missing stream length values ignore defined limitsEPSS 0.3%CVE-2026-10585MEDIUMStored cross-site scripting vulnerability in GitHub Enterprise Server allowed arbitrary JavaScript execution via crafted Discussion titles in the Q&A categoryEPSS 0.3%CVE-2026-57585HIGHMessagePack: Out-of-bounds read/crash on Unpacker reuse after caught errorEPSS 0.3%CVE-2026-50003CRITICALOFFIS DCMTK Toolkit Path TraversalEPSS 0.4%CVE-2026-50254HIGHOFFIS DCMTK Toolkit Missing Release of Memory after Effective LifetimeEPSS 0.4%CVE-2026-35505HIGHOFFIS DCMTK Toolkit Missing Release of Memory after Effective LifetimeEPSS 0.4%CVE-2026-58450MEDIUMInvoice Ninja 5.13.26 - Open Redirect in Client Portal Login via intended ParameterEPSS 0.2%CVE-2026-58449CRITICALtxtai - Unauthenticated Remote Code Execution via Unsafe Reflection in API /reindex function ParameterEPSS 0.7%CVE-2026-52868HIGHOFFIS DCMTK Toolkit Path TraversalEPSS 0.4%CVE-2026-58448HIGHyudao-cloud < 2026.06 - BPM Module Broken Access Control via process-instance APIEPSS 0.2%CVE-2026-58447HIGHInvidious - Cross-User Playlist Video Deletion via Missing Ownership CheckEPSS 0.2%CVE-2026-58446MEDIUMPresenton < 0.8.8-beta - Authentication Bypass of Session Auth via Unprotected MCP EndpointEPSS 0.4%CVE-2026-11541HIGHIBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smugglingEPSS 0.3%CVE-2026-44628HIGHOFFIS DCMTK Toolkit Type ConfusionEPSS 0.4%CVE-2026-11594HIGHIBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilitiesEPSS 0.3%CVE-2026-10562MEDIUMUnauthenticated Open Redirect Vulnerability on TP-Link Archer AX20 Web InterfaceEPSS 0.3%