Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
5.1 MEDIUM
CVE-2026-58024 — API identification of users on private wikis

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiUserrights.Php. Th…

mediawiki | Remote | Information Disclosure
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.8 CRITICAL
CVE-2026-24270 — NVIDIA AIStore Authentication Bypass

NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, …

Remote | Authentication
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
5.9 MEDIUM
CVE-2026-24266 — NVIDIA Triton Inference Server Use-After-Free

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service.

triton_inference_server | Remote | Memory Corruption
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
7.5 HIGH
CVE-2026-24264 — NVIDIA Triton Inference Server Denial of Service

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to den…

triton_inference_server | Remote | Denial of Service
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
8.5 HIGH
CVE-2026-24260 — NVIDIA Container Toolkit TOCTOU Race Condition Vulnerability

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code exe…

Remote | Race Condition
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24251 — NVIDIA Megatron Bridge: Improper Control of Dynamically Managed Code Resources

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead t…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24250 — NVIDIA Megatron Bridge: Improper Input Validation Leading to Code Execution and Privilege…

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution,…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24249 — NVIDIA Megatron Bridge Deserialization Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24248 — NVIDIA Megatron Bridge Improper Control of Code Generation Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, e…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24247 — NVIDIA Megatron Bridge: Deserialization of Untrusted Data

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24246 — NVIDIA Megatron Bridge: Improper Control of Dynamically Managed Code Resources

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead t…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24245 — NVIDIA Megatron Bridge: Untrusted Deserialization

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24244 — NVIDIA Megatron Bridge: Deserialization of Untrusted Data

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24243 — NVIDIA Megatron Bridge: Untrusted Deserialization Leading to Code Execution

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24242 — NVIDIA Megatron Bridge: Server-Side Request Forgery

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure.

linux_kernel megatron-bridge nemo_megatron_bridge | Server-Side Request Forgery
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24240 — NVIDIA Megatron Bridge: Deserialization Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
0.0 NONE
CVE-2026-13707 — Session fixation attacks on improperly configured OAuth 1.0a tools

Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from * through 1.46.0, …

Remote | Authentication
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
0.0 NONE
CVE-2026-13706 — UrlShortener extension url validation can be bypassed due to difference between php url p…

Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php.

Remote | Injection
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.0 CRITICAL
CVE-2025-23351 — NVIDIA ConnectX/BlueField Arbitrary Code Execution via Out-of-Bounds Write

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful expl…

| Memory Corruption
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.0 CRITICAL
CVE-2025-23350 — NVIDIA ConnectX/BlueField VF Arbitrary Code Execution

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful expl…

| Memory Corruption
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
Showing 20 of 7989 Results