Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.5 HIGH
CVE-2026-50151 — oras-go: credential forwarding via unvalidated Location header in blob upload

oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, registry/remote/repository.go in blobStore.completePushAfterInitialPost follows a registry-controlled Location header during monoli…

Remote | Server-Side Request Forgery
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
5.9 MEDIUM
CVE-2026-4942 — IBM i is Affected by Algorithm Downgrade in Transport Layer Security []

IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configu…

i i | Remote | Misconfiguration
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
6.5 MEDIUM
CVE-2026-4938 — Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security V…

IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 and IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Contain…

Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
8.7 HIGH
CVE-2026-49852 — joserfc: HS256/HS384/HS512 verify accepts empty/nil HMAC key (cross-language sibling of C…

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. Prior to 1.6.8, joserfc.jwt.decode accepts attacker-forged HMAC-signed toke…

joserfc | Remote | Authentication
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
5.9 MEDIUM
CVE-2026-49834 — sigstore-go: Multi-log threshold bypass via single compromised log

sigstore-go is a Go library for Sigstore signing and verification. Prior to 1.2.0, a verifier configured with WithTransparencyLog(N>1) or WithSignedCertificateTimestamps(N>1) counts verified witnesse…

sigstore-go | Remote | Misconfiguration
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
7.1 HIGH
CVE-2026-49284 — SimpleSAMLphp SP accepts a response from an unexpected IdP when unsigned `Response/InResp…

SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. Prior to 2.4.7 and 2.5.2, SimpleSAMLphp's SAML SP ACS path does not enforce the IdP selected for an SP-initiated …

simplesamlphp | Remote | Information Disclosure
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
2.1 LOW
CVE-2026-48978 — oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and r…

oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, auth.Client follows the realm URL from a registry's WWW-Authenticate: Bearer challenge without validating the scheme or host, allow…

Remote | Server-Side Request Forgery
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
4.8 MEDIUM
CVE-2026-48819 — Hey API: `buildClientParams` template: prototype chain substitution via unknown `$<slot>_…

Hey API is an ecosystem for turning API specifications into production-ready code. Prior to 0.97.3, dist/clients/core/params.ts ships a runtime template copied into generated SDKs as params.gen.ts, a…

Remote | Injection
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
5.3 MEDIUM
CVE-2026-48504 — OpenTelemetry Rust: Unbounded memory allocation in W3C Baggage propagation

OpenTelemetry Rust is the Rust OpenTelemetry implementation. In 0.32.0 and earlier, BaggagePropagator::extract_with_context in opentelemetry_sdk did not enforce W3C Baggage size limits before parsing…

Remote | Denial of Service
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
7.8 HIGH
CVE-2026-48373 — Acrobat Reader | Heap-based Buffer Overflow (CWE-122)

Acrobat Reader is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user int…

acrobat_reader | Memory Corruption
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
5.6 MEDIUM
CVE-2026-46420 — setup-php: Command Injection in Repository-Derived PHP Version Resolution

setup-php is a GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and tools. From 2.25.0 prior to 2.37.1, shivammathur/setup-php resolves the PHP version from repos…

Remote | Injection
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
7.5 HIGH
CVE-2026-45799 — Wire: skipGroup() missing negative-length check allows 10-byte payload to crash any Wire-…

Wire provides gRPC and protocol buffers for Android, Kotlin, Swift, and Java. Prior to 6.3.0 and 7.0.0-alpha03, ByteArrayProtoReader32.skipGroup() and ProtoReader.skipGroup() in wire-runtime do not v…

Remote | Misconfiguration
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
7.1 HIGH
CVE-2026-45704 — Pimcore: CustomReports Share Bypass

Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 (LTS) and 12.3.6, CustomReports uses inconsistent authorization between the report listing endpoint and the report de…

pimcore | Remote | Authorization
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
8.1 HIGH
CVE-2026-45260 — Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling

Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 (LTS) and 12.3.7, Pimcore's WebDAV asset endpoint exposes a MOVE operation through /asset/webdav{path} without an aut…

pimcore | Remote | Authorization
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
7.7 HIGH
CVE-2026-44974 — Parameter smuggling in @hapi/content header parser allows upload-filter bypass via duplic…

@hapi/content provided HTTP Content-* headers parsing. Prior to 6.0.2, Content.disposition() retained the last occurrence of each duplicate parameter while Content.type() retained the first occurrenc…

content | Remote | Misconfiguration
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
8.7 HIGH
CVE-2026-44739 — Pimcore: SQL Injection in Custom Reports Column Configuration

Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 (LTS) and 12.3.6, the columnConfigAction endpoint in bundles/CustomReportsBundle/src/Controller/Reports/CustomReportC…

pimcore | Remote | Injection
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
0.0 NA
CVE-2026-42168 — Django-pyas2 OS Command Injection Vulnerability

django-pyas2 through 1.2.3 is vulnerable to OS command injection via the cmd_receive and cmd_send fields on the Partner model. These fields are passed directly to os.system() in pyas2/utils.py withou…

| Injection
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
0.0 NA
CVE-2026-36669 — Feng Office Unauthenticated Arbitrary File Upload

An unauthenticated arbitrary file upload vulnerability in ck_upload_handler.php in Feng Office 3.11.13.11 allows remote attackers to upload malicious files (such as .html) to the web-accessible /tmp/…

| Authentication
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
7.1 HIGH
CVE-2026-16118 — Xdgmime: heap-based buffer overflow in _xdg_mime_magic_parse_magic_line() in xdgmimemagic…

A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in _xdg_mime_magic_parse_magic_line() in the xdgmimemagic.c file on little-endian systems when an attacker-controlled MIME m…

enterprise_linux enterprise_linux | Memory Corruption
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
5.4 MEDIUM
CVE-2026-15995 — IBM Cognos Analytics 12.1.3 general availability package contains a data integrity issue …

IBM Cognos Analytics 12.1.3 GA Version with build number through 12.1.3-2606251736 could allow an attacker to obtain incorrect report summary results or cause report-processing failures due to a race…

cognos_analytics | Remote | Race Condition
Jul 17, 2026 Jul 17, 2026
Jul 17, 2026
Jul 17, 2026
Showing 20 of 7847 Results