Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
9.1 CRITICAL
CVE-2026-48324 — ColdFusion | Improper Neutralization of Special Elements used in an SQL Command ('SQL Inj…

ColdFusion is affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could result in arbitrary code execution in the context of the cur…

Remote | Injection
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
9.6 CRITICAL
CVE-2026-48322 — ColdFusion | Improper Control of Generation of Code ('Code Injection') (CWE-94)

ColdFusion is affected by an Improper Control of Generation of Code ('Code Injection') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …

Remote | Injection
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
9.3 CRITICAL
CVE-2026-48321 — ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion is affected by an Incorrect Authorization vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized read and write access.…

| Authorization
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
8.5 HIGH
CVE-2026-48320 — ColdFusion | Cross-site Scripting (Reflected XSS) (CWE-79)

ColdFusion is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated …

| Cross-Site Scripting
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
9.1 CRITICAL
CVE-2026-48319 — ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal…

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in arbitrary code execution in the context of the current u…

Remote | Path Traversal
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
9.9 CRITICAL
CVE-2026-48318 — ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal…

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this…

Remote | Path Traversal
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-48311 — Bridge | Out-of-bounds Write (CWE-787)

Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in th…

bridge | Memory Corruption
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
5.9 MEDIUM
CVE-2026-48308 — Premiere Pro | Improper Input Validation (CWE-20)

Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and ga…

premiere | Authorization
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
9.6 CRITICAL
CVE-2026-48284 — ColdFusion | Improper Input Validation (CWE-20)

ColdFusion is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user…

| Injection
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-48274 — After Effects | Out-of-bounds Write (CWE-787)

After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio…

after_effects | Memory Corruption
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-48272 — Creative Cloud Desktop | Uncontrolled Search Path Element (CWE-427)

Creative Cloud Desktop is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions…

| Path Traversal
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-48270 — Premiere Pro | Out-of-bounds Write (CWE-787)

Premiere Pro is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction…

premiere | Memory Corruption
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-48269 — Premiere Pro | Heap-based Buffer Overflow (CWE-122)

Premiere Pro is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inter…

premiere | Memory Corruption
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
5.3 MEDIUM
CVE-2026-48125 — UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()`

UAParser.js is a JavaScript library to detect browsers, operating systems, CPUs, and devices from user-agent data. From 2.0.1 until 2.0.10, a regular expression denial-of-service vulnerability exists…

ua-parser-js | Remote | Denial of Service
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
5.5 MEDIUM
CVE-2026-47979 — Media Encoder | Out-of-bounds Read (CWE-125)

Media Encoder is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Ex…

media_encoder | Information Disclosure
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-47976 — Media Encoder | Out-of-bounds Write (CWE-787)

Media Encoder is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio…

media_encoder | Memory Corruption
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-47971 — Media Encoder | Stack-based Buffer Overflow (CWE-121)

Media Encoder is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user int…

media_encoder | Memory Corruption
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
6.2 MEDIUM
CVE-2026-47475 — NVIDIA TensorRT-LLM Denial of Service Vulnerability

NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API where an attacker could trigger a reachable assertion in the sampler thread. A successful exploit of this vulnerabi…

| Denial of Service
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.4 HIGH
CVE-2026-47473 — NVIDIA TensorRT-LLM Write-What-Where Vulnerability

NVIDIA TensorRT-LLM contains a vulnerability where an attacker could cause a write-what-where condition. A successful exploit of this vulnerability might lead to data tampering, denial of service, an…

| Memory Corruption
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-47472 — NVIDIA TensorRT-LLM Insecure Deserialization Vulnerability

NVIDIA TensorRT-LLM contains a vulnerability in its inter-process communication layer where an attacker with local same-user access could cause deserialization. A successful exploit of this vulnerabi…

| Injection
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
Showing 20 of 8373 Results