Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.0 MEDIUM
CVE-2026-47375 — NocoDB: Postgres SQL Injection in Formula `ARRAYSORT`

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, an authenticated user with columnAdd permission on a Postgres-backed base can inject arbitrary SQL into the formula engi…

nocodb | Remote | Injection
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
6.9 MEDIUM
CVE-2026-47279 — NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the public shared-view relation endpoints accepted a caller-supplied column ID without verifying that the column was vis…

nocodb | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
2.3 LOW
CVE-2026-46554 — NocoDB: Stale Auth Cache After API Token Deletion

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not in…

nocodb | Remote | Authentication
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
2.1 LOW
CVE-2026-46553 — NocoDB: Attachment Size Limit Bypass via Upload-by-URL

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NC_ATTACHMENT_FIELD_SIZE against either the remote file's advertised Content-Leng…

nocodb | Remote | Misconfiguration
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
5.8 MEDIUM
CVE-2026-46552 — NocoDB: Shared-base link access can invite arbitrary users as persistent base members

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base…

nocodb | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
6.5 MEDIUM
CVE-2026-46551 — NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk …

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, the uploadViaURL path in the v1/v2 attachment API did not enforce NC_ATTACHMENT_FIELD_SIZE against the remote content-le…

nocodb | Remote | Denial of Service
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
5.4 MEDIUM
CVE-2026-46550 — NocoDB: Refresh Token Cookie Set Without `Secure` and `SameSite` Flags

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over p…

nocodb | Remote | Cross-Site Request Forgery
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
2.0 LOW
CVE-2026-46549 — NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the OAuth token strategy attached oauth_scope and oauth_granted_resources to the request user, but the ACL middleware ne…

nocodb | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
4.3 MEDIUM
CVE-2026-46548 — NocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermos…

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the request-filtering-agent SSRF protection was non-functional in the four notification webhook plugins (Slack, Discord,…

nocodb | Remote | Server-Side Request Forgery
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
6.1 MEDIUM
CVE-2026-46547 — NocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URL

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, a reflected XSS vulnerability exists in the Page Leaving Warning page. The ncRedirectUrl and ncBackUrl query parameters …

nocodb | Remote | Cross-Site Scripting
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
8.8 HIGH
CVE-2026-41862 — Spring Statemachine Deserialisation Vulnerability

Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a class allowlist (CWE-502, deserialisation of…

Remote | Injection
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
7.1 HIGH
CVE-2026-23513 — FOSSBilling: Broken Authorization in Client Transaction and Order Listings

FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, a query-construction flaw in client list endpoints allowed authenticated clients to bypass tenant…

fossbilling | Remote | Injection
Jun 23, 2026 Jun 26, 2026
Jun 23, 2026
Jun 26, 2026
4.4 MEDIUM
CVE-2026-12892 — Gstreamer1-plugins-bad: gstreamer1-plugins-bad: 1-byte heap out-of-bounds read in h.264 n…

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds re…

enterprise_linux enterprise_linux | Memory Corruption
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
4.3 MEDIUM
CVE-2026-12891 — Gstreamer1-plugins-bad: gstreamer1-plugins-bad: global buffer overflow (oob read) in h.26…

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds r…

enterprise_linux enterprise_linux gstreamer | Remote | Memory Corruption
Jun 23, 2026 Jul 01, 2026
Jun 23, 2026
Jul 01, 2026
7.8 HIGH
CVE-2026-12112 — Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of …

satellite foreman satellite | Authentication
Jun 23, 2026 Jul 01, 2026
Jun 23, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-11820 — Community.general: community.general nexmo — api credentials exposed in get url query str…

A flaw was found in the community.general Ansible collection's nexmo module. The module constructs HTTP requests to the Vonage/Nexmo SMS API by encoding API credentials (api_key and api_secret) into …

enterprise_linux enterprise_linux | Remote | Information Disclosure
Jun 23, 2026 Jul 01, 2026
Jun 23, 2026
Jul 01, 2026
5.5 MEDIUM
CVE-2026-11819 — Community.general: community.general keyring_info — os keyring passphrase returned in pla…

Module: plugins/modules/keyring_info.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keycha…

enterprise_linux enterprise_linux | Information Disclosure
Jun 23, 2026 Jul 01, 2026
Jun 23, 2026
Jul 01, 2026
9.6 CRITICAL
CVE-2026-11807 — Eda-server: websocket missing authorization allows credential theft via activation_id spo…

A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker mess…

ansible_automation_platform | Remote | Authorization
Jun 23, 2026 Jun 27, 2026
Jun 23, 2026
Jun 27, 2026
5.1 MEDIUM
CVE-2025-64105 — FOSSBilling: IDOR Vulnerability in Support Ticket Creation

FOSSBilling is a billing and client management system that automates invoicing, payments, and communication for online service businesses. Versions 0.6.21 through 0.7.2 are vulnerable to IDOR through…

fossbilling | Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
8.6 HIGH
CVE-2026-54762 — Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to…

traefik | Remote | Authentication
Jun 23, 2026 Jun 26, 2026
Jun 23, 2026
Jun 26, 2026
Showing 20 of 7989 Results