Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.9 MEDIUM
CVE-2026-56311 — Capgo - Unauthenticated Cross-Tenant Disclosure via get_current_plan_max_org RPC

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.get_current_plan_max_org RPC function that allows unauthenticated attackers to retrieve arbitrary organization plan …

Remote | Authorization
Jun 22, 2026 Jun 23, 2026
Jun 22, 2026
Jun 23, 2026
6.4 MEDIUM
CVE-2026-56306 — Capgo - Subkey Enforcement Bypass via x-limited-key-id Header Parsing

Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypass subkey enforcement by submitting malformed values, zero, or duplicate header…

Remote | Misconfiguration
Jun 22, 2026 Jun 23, 2026
Jun 22, 2026
Jun 23, 2026
7.1 HIGH
CVE-2026-56280 — Cap-go - Privilege Inversion in Build Log Stream via SSE Disconnect

Cap-go before 12.128.2 contains a privilege inversion vulnerability in GET /build/logs/:jobId that allows read-only API key holders to cancel running native builds. The endpoint registers an abort li…

Remote | Authorization
Jun 22, 2026 Jun 24, 2026
Jun 22, 2026
Jun 24, 2026
7.7 HIGH
CVE-2026-56268 — Flowise - Cross-Workspace Information Disclosure via chatflows/apikey Endpoint

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted (the default), the endpoint returns…

flowise | Remote | Information Disclosure
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
9.2 CRITICAL
CVE-2026-56266 — Crawl4AI - Server-Side Request Forgery via Direct Crawl Endpoints

Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary user-supplied URLs without validation. Unauthenti…

crawl4ai | Remote | Server-Side Request Forgery
Jun 22, 2026 Jun 30, 2026
Jun 22, 2026
Jun 30, 2026
5.3 MEDIUM
CVE-2026-56255 — Capgo - Denial of Service via Unlimited Demo App Creation

Capgo before 12.128.2 contains a denial of service vulnerability in the POST /app/demo endpoint that allows authenticated users with org write permissions to create unlimited demo applications withou…

Remote | Denial of Service
Jun 22, 2026 Jun 23, 2026
Jun 22, 2026
Jun 23, 2026
7.1 HIGH
CVE-2026-56221 — Cap-go - SQL Injection in Cloudflare Analytics Engine Queries via cloudflare.ts

Cap-go before 12.128.2 contains multiple SQL injection vulnerabilities in cloudflare.ts where user-controlled values from API request bodies are interpolated directly into SQL query strings without s…

Remote | Injection
Jun 22, 2026 Jun 23, 2026
Jun 22, 2026
Jun 23, 2026
7.6 HIGH
CVE-2026-55409 — Filament: Disabled RichEditor field state can be used for XSS

Filament is a collection of full-stack components for accelerated Laravel development. From 3.0.0 until 3.3.53, a disabled RichEditor field rendered its raw state without sanitizing HTML. Where the d…

filament | Remote | Cross-Site Scripting
Jun 22, 2026 Jun 23, 2026
Jun 22, 2026
Jun 23, 2026
6.5 MEDIUM
CVE-2026-54911 — UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.13.0, ujson.dumps() (or ujson.dump() or ujson.encode()) have a reject_bytes=False option. When…

ultrajson | Remote | Misconfiguration
Jun 22, 2026 Jun 26, 2026
Jun 22, 2026
Jun 26, 2026
8.7 HIGH
CVE-2026-54281 — Nest: Middleware Bypass on Fastify via Trailing Slash

Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.24, an authentication bypass vulnerability exists in @nestjs/platform-fastify. When middleware is registered …

nest | Remote | Authentication
Jun 22, 2026 Jun 24, 2026
Jun 22, 2026
Jun 24, 2026
7.5 HIGH
CVE-2026-48517 — MessagePack-CSharp: Typeless deserialization type restrictions do not recurse into arrays…

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's typeless deserialization includes MessagePackSerializerOptions.ThrowIfDeserializingTypeIsDisall…

messagepack | Remote | Misconfiguration
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
7.5 HIGH
CVE-2026-48516 — MessagePack-CSharp: InterfaceLookupFormatter bypasses collision-resistant comparer settin…

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, InterfaceLookupFormatter<TKey,TElement> constructs an internal Dictionary<TKey, IGrouping<TKey,TElement>> with the d…

messagepack | Remote | Denial of Service
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
7.5 HIGH
CVE-2026-48515 — MessagePack-CSharp: Multi-dimensional array formatters allocate from unchecked dimensions

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's multi-dimensional array formatters read dimension lengths directly from the payload and allocat…

messagepack | Remote | Memory Corruption
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
7.5 HIGH
CVE-2026-48514 — MessagePack-CSharp: Unity unsafe blit formatter allocates from unbounded byte length

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase<T>.Deserialize reads an attacker-controlled byteLength from an extension payload and allocat…

messagepack | Remote | Memory Corruption
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
7.5 HIGH
CVE-2026-48513 — MessagePack-CSharp: DynamicUnionResolver generated deserializers miss depth enforcement

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, runtime-generated union deserializers emitted by DynamicUnionResolver do not call MessagePackSecurity.DepthStep(ref …

messagepack | Remote | Information Disclosure
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
7.5 HIGH
CVE-2026-48512 — MessagePack-CSharp: JSON conversion APIs can recurse without consistent depth enforcement

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's JSON conversion helpers contain multiple recursion paths that do not consistently enforce a dep…

messagepack | Remote | Denial of Service
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
7.5 HIGH
CVE-2026-48511 — MessagePack-CSharp: ExpandoObject formatter can perform quadratic insertion work on untru…

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, ExpandoObjectFormatter.Deserialize populates System.Dynamic.ExpandoObject by calling IDictionary<string, object>.Add…

messagepack | Remote | Denial of Service
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
7.5 HIGH
CVE-2026-48510 — MessagePack-CSharp: LZ4 decompression allocates from unbounded declared output lengths

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from…

messagepack | Remote | Denial of Service
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
9.1 CRITICAL
CVE-2026-48509 — MessagePack-CSharp: ASP.NET Core MessagePackInputFormatter defaults to TrustedData for HT…

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, the parameterless MessagePackInputFormatter() constructor uses default serializer options, which resolve to MessageP…

messagepack | Remote | Misconfiguration
Jun 22, 2026 Jun 25, 2026
Jun 22, 2026
Jun 25, 2026
7.5 HIGH
CVE-2026-48506 — MessagePack-CSharp: MessagePackReader.Skip can recurse without enforcing maximum object g…

MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip() recursively descends into nested arrays and maps without incrementing the reader depth o…

messagepack | Remote | Denial of Service
Jun 22, 2026 Jun 23, 2026
Jun 22, 2026
Jun 23, 2026
Showing 20 of 7983 Results