Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-1462 — Safe Mode Bypass in keras-team/keras

A vulnerability in the `TFSMLayer` class of the `keras` package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of `.keras` models, even when `s…

| Supply Chain
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-6183 — code-projects Simple Content Management System index.php sql injection

A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected by this issue is some unknown functionality of the file /web/index.php. Performing a manipulation o…

| Injection
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-33858 — Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypas…

Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly tr…

| Injection
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-6182 — code-projects Simple Content Management System login.php sql injection

A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of…

| Injection
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2025-66236 — Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. So…

| Authentication
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-36947 — Sourcecodester Computer and Mobile Repair Shop Management System SQL Injection Vulnerabil…

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/view_service.php.

| Injection
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-36946 — Sourcecodester Computer and Mobile Repair Shop Management System SQL Injection Vulnerabil…

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view_details.php.

| Injection
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31428 — netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD __build_packet_message() manually constructs the NFULA_…

| Information Disclosure
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31427 — netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp process_sdp() declares union nf_inet_addr rtp_addr …

| Misconfiguration
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31426 — ACPI: EC: clean up handlers on probe failure in acpi_ec_setup()

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() When ec_install_handlers() returns -EPROBE_DEFER on reduced-hardw…

| Memory Corruption
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31425 — rds: ib: reject FRMR registration before IB connection is established

In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registration before IB connection is established rds_ib_get_mr() extracts the rds_ib_connection from conn->c…

| Memory Corruption
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31424 — netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP

In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Weiming Shi says: xt_match and xt_target…

| Misconfiguration
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31423 — net/sched: sch_hfsc: fix divide-by-zero in rtsc_min()

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() m2sm() converts a u32 slope to a u64 scaled value. For large inputs (e.g. …

| Memory Corruption
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31422 — net/sched: cls_flow: fix NULL pointer dereference on shared blocks

In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_flow: fix NULL pointer dereference on shared blocks flow_change() calls tcf_block_q() and dereferences q->handle t…

| Memory Corruption
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31421 — net/sched: cls_fw: fix NULL pointer dereference on shared blocks

In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The old-method path in fw_classify() calls tcf_block_q() and der…

| Memory Corruption
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31420 — bridge: mrp: reject zero test interval to avoid OOM panic

In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic br_mrp_start_test() and br_mrp_start_in_test() accept the user-supplied…

| Denial of Service
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31419 — net: bonding: fix use-after-free in bond_xmit_broadcast()

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast() reuses the original skb for the last slave (deter…

| Race Condition
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31418 — netfilter: ipset: drop logically empty buckets in mtype_del

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in k, but it only drops t…

| Memory Corruption
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31417 — net/x25: Fix overflow when accumulating packets

In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` a…

| Memory Corruption
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
0.0 NA
CVE-2026-31416 — netfilter: nfnetlink_log: account for netlink header size

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: account for netlink header size This is a followup to an old bug fix: NLMSG_DONE needs to account for t…

| Misconfiguration
Apr 13, 2026 Apr 13, 2026
Apr 13, 2026
Apr 13, 2026
Showing 20 of 6149 Results