Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
2.9 LOW
CVE-2026-57062 — GnuPG gpgsm AES-GCM ICV Length Validation Bypass

CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is …

gnupg | Cryptography
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
4.0 MEDIUM
CVE-2026-57053 — GNU libidn Out-of-Bounds Read Vulnerability

GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_internal. The affected code is not present in libidn2.

libidn | Memory Corruption
Jun 23, 2026 Jun 29, 2026
Jun 23, 2026
Jun 29, 2026
4.3 MEDIUM
CVE-2026-55517 — Deno: Denial of service via non-ASCII bytes in WebSocket response headers

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket …

deno | Remote | Denial of Service
Jun 23, 2026 Jun 29, 2026
Jun 23, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-54324 — Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organiza…

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gat…

Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
5.9 MEDIUM
CVE-2026-54323 — Daytona: Git credential leak via git clone with TLS verification disabled

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, the daemon's git clone implementation disabled TLS certificate verificati…

Remote | Misconfiguration
Jun 23, 2026 Jun 24, 2026
Jun 23, 2026
Jun 24, 2026
7.1 HIGH
CVE-2026-54318 — Home Assistant: Exported BroadcastReceiver allows local apps to spoof device location

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any in…

Jun 23, 2026 Jun 26, 2026
Jun 23, 2026
Jun 26, 2026
7.6 HIGH
CVE-2026-54317 — Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthe…

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView (homeassistant…

Jun 23, 2026 Jun 26, 2026
Jun 23, 2026
Jun 26, 2026
9.1 CRITICAL
CVE-2026-54316 — Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including att…

claude_code claude_desktop | Remote | Server-Side Request Forgery
Jun 23, 2026 Jun 29, 2026
Jun 23, 2026
Jun 29, 2026
9.3 CRITICAL
CVE-2026-54257 — Electron: Buffer performs incorrect byte length calculations resulting in heap buffer und…

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 42.3.1 until 42.3.3, Buffer performs incorrect byte length calculations resulting in heap …

electron | Remote | Memory Corruption
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
9.0 CRITICAL
CVE-2026-54157 — LobeHub: Unauthenticated SSRF in `/webapi/proxy`

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.57, the /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST…

lobehub | Remote | Server-Side Request Forgery
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
5.3 MEDIUM
CVE-2026-54022 — Open WebUI: Any authenticated user can read other users' private notes via Socket.IO

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the ydoc:document:join Socket.IO handler checks note ownership only when the docume…

open_webui | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
6.3 MEDIUM
CVE-2026-54021 — Open WebUI: Authenticated users can target arbitrary configured Ollama backends via ungua…

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied url_idx…

open_webui | Remote | Authorization
Jun 23, 2026 Jun 26, 2026
Jun 23, 2026
Jun 26, 2026
6.5 MEDIUM
CVE-2026-54019 — Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI added collection-level ACL checks, but the patch can still be bypassed wh…

open_webui | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
7.7 HIGH
CVE-2026-54018 — Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the SafePlaywrightURLLoader implements a validate_url function to prevent SSRF attac…

open_webui | Remote | Server-Side Request Forgery
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
4.3 MEDIUM
CVE-2026-54016 — Open WebUI: Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base …

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization (BOLA) vulnerability in the built…

open_webui | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
6.4 MEDIUM
CVE-2026-54015 — Open WebUI: Prompt history IDOR: unbound history_id allows cross-prompt read and deletion

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI's prompt version-history endpoints authorize the prompt_id in the URL but…

open_webui | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
4.3 MEDIUM
CVE-2026-54014 — Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webui

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint th…

open_webui | Remote | Path Traversal
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
7.6 HIGH
CVE-2026-54013 — Open WebUI: Stored XSS to Account Takeover via Model Profile Images in Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but for…

open_webui | Remote | Cross-Site Scripting
Jun 23, 2026 Jun 26, 2026
Jun 23, 2026
Jun 26, 2026
7.1 HIGH
CVE-2026-54012 — Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user who can create, update, or import workspace models store arbi…

open_webui | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
8.7 HIGH
CVE-2026-54011 — Open WebUI: Stored XSS in Mermaid Markdown Preview

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and i…

open_webui | Remote | Cross-Site Scripting
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
Showing 20 of 7989 Results