Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
0.0 NA
CVE-2026-41155 — GPU DDK - SharedSecMem mapped into all GPU virtual address spaces

An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disr…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
0.0 NA
CVE-2026-34195 — GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page…

Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state w…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
6.5 MEDIUM
CVE-2026-12131 — CodeAstro Human Resource Management System Payroll Invoice Payroll.php sql injection

A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Pay…

human_resource_management_system | Remote | Injection
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.5 MEDIUM
CVE-2025-7019 — Avast antivirus stack overflow when scanning a malformed Office Open XML file

Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.5 MEDIUM
CVE-2025-7018 — Avira antivirus engine null pointer dereference when scanning a malformed PE file

Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antiv…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.8 HIGH
CVE-2025-7017 — Avira antivirus engine heap buffer OOB read when scanning a malformed Windows MSI file

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows MSI file may allow Local Execution of Code or Denial-of-Service of the antivirus engine proces…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.8 HIGH
CVE-2025-7011 — Avast antivirus heap OOB when scanning a malformed zip file

Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.5 MEDIUM
CVE-2025-7010 — Avast antivirus stack overflow when scanning a malformed PDF file

Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivi…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.8 HIGH
CVE-2025-7009 — Avast antivirus heap buffer OOB read when scanning a malformed PE file

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue …

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.8 HIGH
CVE-2025-7008 — Avast antivirus heap buffer OOB read when scanning a malformed PE file

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus pr…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.5 MEDIUM
CVE-2025-7006 — Avast antivirus use of stack memory after free when scanning a malformed PE file

Use of stack memory after free vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AV…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.5 MEDIUM
CVE-2025-7005 — Avast antivirus infinite recursion when scanning a malformed PE file

Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivi…

| Denial of Service
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.8 HIGH
CVE-2025-7004 — Avast antivirus heap buffer OOB write when scanning a malformed PE file

Heap buffer out-of-bounds write vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.8 HIGH
CVE-2025-7003 — Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 1)

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.8 HIGH
CVE-2025-7002 — Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 2)

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This…

| Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
6.1 MEDIUM
CVE-2026-54397 — MISP event editing allows unauthorized assignment to undisclosed sharing groups

A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharing_group_id to a sharing …

Remote | Authorization
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.3 MEDIUM
CVE-2026-54396 — MISP AuthKey edit endpoint allows authenticated user email enumeration

An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacke…

Remote | Information Disclosure
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.3 MEDIUM
CVE-2026-54395 — MISP UiBeta event index reflected XSS in advanced filter popup

MISP contains a reflected cross-site scripting vulnerability in the UiBeta event index view. The urlparams value is inserted into an inline JavaScript handler using HTML escaping inside a single-quot…

Remote | Cross-Site Scripting
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.3 MEDIUM
CVE-2026-54394 — MISP organisation logo path traversal allows retrieval of arbitrary PNG/SVG files

MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and…

Remote | Path Traversal
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.1 MEDIUM
CVE-2026-54393 — MISP Overmind theme stored XSS via unvalidated homepage setting

A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previously saved the user-controlled path value through setSettingInternal(), bypa…

Remote | Cross-Site Scripting
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
Showing 20 of 6993 Results