Latest CVE Vulnerabilities

5.4 MEDIUM

CVE-2025-13213 — Multiple vulnerabilities in IBM Aspera Orchestrator

IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks…

Remote | Injection

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

0.0 NA

CVE-2026-30946 — Parse Server affected by denial-of-service via unbounded query complexity in REST and Gra…

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior 9.5.2-alpha.2 and 8.6.15, an unauthenticated attacker can exhaust Parse Server resources …

| Denial of Service

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

0.0 NA

CVE-2026-30837 — Elysia has a string URL format redos

Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Prior to 1.4.26 , t.String({ format: 'url' }) is vulnerable to ReDoS. R…

| Denial of Service

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

9.8 CRITICAL

CVE-2026-28292 — simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow con…

`simple-git`, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes (CVE-2022-25860 an…

Remote | Supply Chain

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

8.2 HIGH

CVE-2026-27826 — MCP Atlassian has SSRF via unvalidated X-Atlassian-Jira-Url / X-Atlassian-Confluence-Url …

MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0, an unauthenticated attacker who can reach the mcp-atlassian HTTP endpoint…

| Server-Side Request Forgery

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

5.5 MEDIUM

CVE-2026-27281 — DNG SDK | Integer Overflow or Wraparound (CWE-190)

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability …

| Denial of Service

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

7.8 HIGH

CVE-2026-27280 — DNG SDK | Out-of-bounds Write (CWE-787)

DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this iss…

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

7.8 HIGH

CVE-2026-27279 — Substance3D - Stager | Out-of-bounds Write (CWE-787)

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

7.8 HIGH

CVE-2026-27277 — Substance3D - Stager | Use After Free (CWE-416)

Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i…

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

7.8 HIGH

CVE-2026-27276 — Substance3D - Stager | Use After Free (CWE-416)

Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i…

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

7.8 HIGH

CVE-2026-27275 — Substance3D - Stager | Out-of-bounds Write (CWE-787)

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

7.8 HIGH

CVE-2026-27274 — Substance3D - Stager | Out-of-bounds Write (CWE-787)

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

7.8 HIGH

CVE-2026-27273 — Substance3D - Stager | Out-of-bounds Write (CWE-787)

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

7.8 HIGH

CVE-2026-27269 — Premiere Pro | Out-of-bounds Read (CWE-125)

Premiere Pro versions 25.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An …

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

5.5 MEDIUM

CVE-2026-27219 — Substance3D - Painter | Out-of-bounds Read (CWE-125)

Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensi…

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

5.5 MEDIUM

CVE-2026-27218 — Substance3D - Painter | NULL Pointer Dereference (CWE-476)

Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili…

| Denial of Service

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

5.5 MEDIUM

CVE-2026-27217 — Substance3D - Painter | NULL Pointer Dereference (CWE-476)

Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili…

| Denial of Service

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

5.5 MEDIUM

CVE-2026-27216 — Substance3D - Painter | Out-of-bounds Read (CWE-125)

Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensi…

| Memory Corruption

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

5.5 MEDIUM

CVE-2026-27215 — Substance3D - Painter | NULL Pointer Dereference (CWE-476)

Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili…

| Denial of Service

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

5.5 MEDIUM

CVE-2026-27214 — Substance3D - Painter | NULL Pointer Dereference (CWE-476)

Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili…

| Denial of Service

Mar 10, 2026 Mar 10, 2026

Mar 10, 2026

Latest CVE Feed

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable

Browse by Apps

Latest CVE Feed

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable

Cookie Preferences