Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
5.7 MEDIUM
CVE-2026-48066 — pam_usb: Thread-unsafe static pointer in log.c causes data race under concurrent PAM auth…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the ad…

| Race Condition
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.7 MEDIUM
CVE-2026-48065 — pam_usb: Unchecked integer multiplication before xmalloc() in conf.c allows heap-based bu…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to n_devices, a count derived from libxml2 XPath evalu…

| Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.1 HIGH
CVE-2026-48064 — pam_usb: PAM_RHOST check skipped when deny_remote=false allows XDMCP authentication bypass

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage…

Remote | Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.3 MEDIUM
CVE-2026-47274 — pam_usb: Uncontrolled search path in pam_usb tools allows privilege escalation via PATH m…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pam_usb helper tools resolved external binaries through the PATH environment variable rathe…

| Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.5 MEDIUM
CVE-2026-47273 — pam_usb: XPath injection via PAM-supplied identifiers in pam_usb configuration queries

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pam_usb builds XPath expressions from user-supplied identifiers (PAM username, service name) and dev…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.1 HIGH
CVE-2026-47272 — pam_usb: OTP pad authentication bypass via missing system pad check and uninitialized RNG…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusb_pad_compare() function in src/pad.c only verified that the user-side pad (~/.pamusb/device.…

| Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.1 MEDIUM
CVE-2026-47271 — pam_usb: OOM guards removed by -DNDEBUG cause NULL dereference and authentication process…

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, src/mem.c implemented out-of-memory guards for xmalloc(), xrealloc(), and xstrdup() using assert(dat…

| Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.7 HIGH
CVE-2026-47161 — RELATE Vulnerable to Remote Code Execution (RCE) via Insecure Celery Pickle Deserializati…

RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An atta…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.1 HIGH
CVE-2026-45134 — LangSmith Client SDK: Public prompt pull deserializes untrusted manifests without trust b…

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull methods (pull_prompt / pull_promp…

langchain | Remote | Supply Chain
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.4 HIGH
CVE-2026-45108 — Himmelblau: Authentication Bypass via Cross-User Local Session Impersonation in Device Au…

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Autho…

Remote | Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.5 HIGH
CVE-2026-45104 — MapServer: NULL pointer dereference in SLD `<ElseFilter>` rule parsing reachable via WMS …

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls _SLDApplyRuleValues(psRule, psLayer, 1); for any <Rule> carrying <ElseFil…

Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.9 CRITICAL
CVE-2026-45102 — OneUptime: RCE due to Node.js' vm module escape via error objects and infinite recursion

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be esc…

Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.8 CRITICAL
CVE-2026-44888 — Unauthenticated RCE via Python Config File Injection in SaveConfigFile() (Interger)

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values (e.g., SMTP_PORT) directly…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.8 CRITICAL
CVE-2026-44887 — Unauthenticated RCE via Python Config File Injection in SaveConfigFile() (Path)

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. S…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.7 HIGH
CVE-2026-44886 — Pi.Alert: Web Interface Vulnerable to Unauthenticated Blind SQL Injection

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devi…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.8 HIGH
CVE-2026-44724 — systeminformation: Linux command injection in networkInterfaces() via unsanitized Network…

systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces() when an active Netwo…

systeminformation | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.1 MEDIUM
CVE-2026-44681 — Authlib: Open Redirect in Authlib OIDC Implicit/Hybrid Authorization

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.12 and 1.7.1, an unauthenticated open redirect in Authlib's OpenIDImplicitGrant and OpenIDHybridGrant authoriza…

authlib | Remote | Misconfiguration
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.3 CRITICAL
CVE-2026-44590 — Sherlock: Command Injection via pull_request_target in validate_modified_targets.yml

Sherlock hunts down social media accounts by username across social networks. Prior to 0.16.1, the GitHub Actions workflow validate_modified_targets.yml is vulnerable to command injection via the pul…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.4 MEDIUM
CVE-2026-42877 — FacturaScripts: Stored XSS via product reference in sales/purchases

FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting (XSS) vulnerability exists in the product search modal of sales (Core/Lib/Aja…

facturascripts | Remote | Cross-Site Scripting
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.7 HIGH
CVE-2026-42197 — RELATE Vulnerable to Stored XSS via Unprivileged User Profile

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execut…

Remote | Cross-Site Scripting
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
Showing 20 of 6573 Results