Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.8 MEDIUM
CVE-2026-44707 — Chatwoot: Pre-Account Takeover via OAuth on Unconfirmed Accounts

Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover (Pre-ATO) vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enf…

chatwoot | Remote | Authentication
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
8.5 HIGH
CVE-2026-44706 — Chatwoot: SQL Injection in Conversation/Contact Filter API via Custom Attribute Values

Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type da…

chatwoot | Remote | Injection
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
8.7 HIGH
CVE-2026-44669 — Faction: Stored XSS in Assessment Attachment Filename Preview Rendering

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in assessment file preview f…

faction | Remote | Cross-Site Scripting
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
9.8 CRITICAL
CVE-2026-44668 — Faction: Unauthenticated Read, Modify, and Delete of Boilerplate Templates

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invo…

faction | Remote | Authentication
May 26, 2026 May 27, 2026
May 26, 2026
May 27, 2026
8.7 HIGH
CVE-2026-44667 — Faction: Stored XSS in Remediation Verification Attachment Filename Preview Rendering

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in remediation verification …

faction | Remote | Cross-Site Scripting
May 26, 2026 May 27, 2026
May 26, 2026
May 27, 2026
3.5 LOW
CVE-2026-42448 — wormhole receive, with --output pointing at an existing directory can be path-traversed

Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. Prior to 0.24.0, there is a path traversal when a receiver who specifies "--output <dir>" w…

magic_wormhole | Remote | Path Traversal
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
4.4 MEDIUM
CVE-2026-41164 — nuts-node: JWT type confusion in v1 access token introspection allows VP replay as access…

nuts-node is the reference implementation of the Nuts specification. Prior to 6.2.3 and 5.4.31, the v1 access token introspection endpoint (/auth/v1/introspect_access_token) accepts any JWT signed by…

Remote | Authentication
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
5.8 MEDIUM
CVE-2026-24201 — NVIDIA vGPU Out-of-Bound Access Vulnerability

NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause an out-of-bound access. A successful exploit of this vulnerability might lead to data tampering…

geforce tesla | Memory Corruption
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
7.0 HIGH
CVE-2026-24200 — NVIDIA vGPU Use-After-Free Vulnerability

NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause a use-after-free for stack memory. A successful exploit of this vulnerability might lead to den…

geforce tesla | Memory Corruption
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
4.7 MEDIUM
CVE-2026-24199 — NVIDIA Display Driver for Linux Kernel Module Race Condition Vulnerability

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of…

gpu_display_driver geforce nvs quadro rtx tesla | Race Condition
May 26, 2026 May 27, 2026
May 26, 2026
May 27, 2026
5.6 MEDIUM
CVE-2026-24198 — NVIDIA GPU Display Driver for Linux Memory Leak and Denial of Service

NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive informati…

geforce tesla | Race Condition
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
6.5 MEDIUM
CVE-2026-24197 — NVIDIA Display Driver for Linux MIG Partition Management Memory Corruption Denial of Serv…

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lea…

geforce tesla | Misconfiguration
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
7.1 HIGH
CVE-2026-24196 — NVIDIA Display Driver for Linux Out-of-Bounds Read Information Disclosure and Denial of S…

NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information dis…

geforce tesla | Information Disclosure
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
7.1 HIGH
CVE-2026-24195 — NVIDIA UVM Denial of Service Vulnerability

NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service.

geforce tesla | Denial of Service
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
7.8 HIGH
CVE-2026-24194 — NVIDIA Display Driver for Linux Kernel Mode Layer Handler Privilege Escalation

NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead t…

geforce tesla | Memory Corruption
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
7.8 HIGH
CVE-2026-24193 — NVIDIA Display Driver Denial of Service and Code Execution Vulnerability

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, …

geforce tesla | Memory Corruption
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
7.8 HIGH
CVE-2026-24192 — NVIDIA Display Driver for Linux Heap Buffer Overflow

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this v…

geforce tesla | Memory Corruption
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
7.8 HIGH
CVE-2026-24191 — NVIDIA Display Driver for Windows TOCTOU Vulnerability

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service,…

geforce tesla | Misconfiguration
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
7.8 HIGH
CVE-2026-24190 — NVIDIA Display Driver Kernel Mode Layer Information Disclosure and Elevation of Privilege…

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability mi…

geforce tesla | Memory Corruption
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
8.8 HIGH
CVE-2026-24187 — NVIDIA Display Driver for Linux Use-After-Free RCE

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of priv…

geforce tesla | Memory Corruption
May 26, 2026 May 26, 2026
May 26, 2026
May 26, 2026
Showing 20 of 7032 Results