Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.8 MEDIUM
CVE-2026-1563 — Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scrip…

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting (XSS) vulnerability in a user interface component. Requires a high privileged user with a developer role.

Remote | Cross-Site Scripting
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
4.6 MEDIUM
CVE-2026-1562 — Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scriptin…

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting (XSS) vulnerability in a user interface component. Requires a high privileged user with a developer role.

Remote | Cross-Site Scripting
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.5 MEDIUM
CVE-2025-32781 — Apollo: Apollo Portal release endpoint allows cross-application configuration disclosure …

Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.0, Apollo Portal does not verify application and namespace permissions …

apollo | Remote | Authorization
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
5.5 MEDIUM
CVE-2026-9007 — Reflected XSS in HCL Notes

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in HCL Notes from HCL Software allows reflected Cross-Site Scripting (XSS).  Successful exploitat…

Remote | Cross-Site Scripting
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.8 MEDIUM
CVE-2026-62843 — File Browser: Archive builder turns backslash filenames into path traversal (zip-slip)

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. From 2.63.6 to 2.63.16, File Browser's archive builder uses st…

Remote | Path Traversal
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
8.1 HIGH
CVE-2026-62685 — File Browser: Colliding username normalization gives two users the same home directory

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.17, File Browser builds new user scopes from use…

Remote | Authorization
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
3.1 LOW
CVE-2026-62683 — File Browser: Trailing-slash delete leaves a stale public share behind

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.17, File Browser can leave a public directory sh…

Remote | Path Traversal
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
8.5 HIGH
CVE-2026-61828 — nixos/mysql : `services.mysql` is configured with insecure authentication by default when…

Nixpkgs is a collection of software packages that can be installed with the Nix package manager. Prior to the 25.11 and 26.05 channel fixes, the NixOS module for MySQL services.mysql initializes the …

| Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-61371 — Microsoft AVML Arbitrary File Overwrite Vulnerability

Microsoft AVML before 0.17.0 could follow a symlink when opening a destination output path on Unix, allowing truncation/overwrite of the symlink target. The destructive effect is performed at open-ti…

| Path Traversal
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
8.2 HIGH
CVE-2026-60005 — NGINX ngx_http_slice_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_module module. When the slice directive and unnamed regex captures are configured or when a background cache update happens…

nginx_plus nginx_open_source | Remote | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
8.8 HIGH
CVE-2026-55242 — ERPNext: Server-Side Template Injection (SSTI) in Batch autonaming via Stock Settings.nam…

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.111.0 and 16.22.0, an authenticated user with a standard operational role can trigger server-side template injection t…

erpnext | Injection
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
10.0 CRITICAL
CVE-2026-50148 — Metabase: Remote Code Execution via Snowflake JDBC Driver Arbitrary File Write

Metabase is an open-source business intelligence and embedded analytics tool. From 1.54.0 until 1.54.24, 1.55.24, 1.56.25, 1.57.19, 1.58.14, 1.59.10, and 1.60.4, a Metabase user with permission to ad…

Remote | Misconfiguration
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
7.6 HIGH
CVE-2026-50147 — Metabase: Arbitrary File Read via MySQL Connection Property Injection

Metabase is an open-source business intelligence and embedded analytics tool. From 1.57.0 until 1.57.19.1, 1.58.14.1, 1.59.10, and 1.60.4, an attacker who can configure a Metabase database connection…

Remote | Misconfiguration
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
7.7 HIGH
CVE-2026-47164 — Vaultwarden: SSO Email Auto-Link Can Bind an Existing Local Account to an Attacker-Contro…

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO login flow checked the IdP email_verified claim only for new-user creation and not when SSO_SIGNUPS_MA…

vaultwarden | Remote | Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
5.8 MEDIUM
CVE-2026-47160 — Vaultwarden: Server-side request forgery (SSRF) via Icon Endpoint Decimal/Hex/Octal IP By…

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's /icons/{domain}/icon.png endpoint used src/http_client.rs checks including should_block_address() and post…

vaultwarden | Remote | Server-Side Request Forgery
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.9 MEDIUM
CVE-2026-47159 — Vaultwarden: Authentication Flow Information Disclosure in SSO Discovery Allows Organizat…

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO discovery and pre-validation flow returned organization-related SSO metadata including organizationIde…

vaultwarden | Remote | Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
8.3 HIGH
CVE-2026-47158 — Vaultwarden: CSRF in SSO Authorization Flow

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initia…

vaultwarden | Remote | Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
7.8 HIGH
CVE-2026-46709 — Tabby: Drag-and-drop path injection still allows RCE via shell command substitution (inco…

Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing…

| Injection
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
7.7 HIGH
CVE-2026-45806 — Penpot: Authenticated SSRF in remote image import via create-file-media-object-from-url

Penpot is an open-source design tool for design and code collaboration. Prior to 2.15.0, Penpot's remote image import passed the user-controlled url from frontend/src/app/main/data/workspace/media.cl…

Remote | Server-Side Request Forgery
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
8.8 HIGH
CVE-2026-45805 — Penpot: MCP REPL server binds to 0.0.0.0 with unauthenticated /execute endpoint — RCE

Penpot is an open-source design tool for design and code collaboration. Prior to 2.15.0, Penpot MCP's mcp/packages/server/src/ReplServer.ts bound the ReplServer to 0.0.0.0:4403 and exposed an unauthe…

penpot | Injection
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
Showing 20 of 8477 Results