Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.5 HIGH
CVE-2026-42895 — Microsoft Copilot Tampering Vulnerability

Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.

365_copilot | Remote
Jun 19, 2026 Jun 26, 2026
Jun 19, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-32208 — Microsoft Entra ID Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Entra ID allows an authorized attacker to perform spoofing over a network.

Jun 19, 2026 Jul 01, 2026
Jun 19, 2026
Jul 01, 2026
5.3 MEDIUM
CVE-2026-49345 — Mercator CVE Configuration Vulnerable to Server-Side Request Forgery (SSRF)

Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, a Server-Side Request Forgery (SSRF) vulnerability exists in Mercator's CVE con…

mercator | Remote | Server-Side Request Forgery
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
7.1 HIGH
CVE-2026-49344 — Mercator has a Personal Identifiable Information Leak from Query Executor feature

Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, Mercator's Query Engine (`/admin/queries/execute`) accepts a JSON DSL (`from` /…

mercator | Remote | Authorization
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
5.3 MEDIUM
CVE-2026-49342 — YARD static cache reads raw traversal paths before router sanitization

YARD is a documentation generation tool for the Ruby programming language. Prior to version 0.9.44, YARD's static cache lookup reads a request path before the router's path cleanup runs. When a serve…

yard | Remote | Path Traversal
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
7.4 HIGH
CVE-2026-48787 — gin-vue-admin vulnerable to RCE

gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulner…

gin-vue-admin | Remote | Injection
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
7.5 HIGH
CVE-2026-48774 — ProxySQL MCP run_sql_readonly executes side-effecting MySQL multi-statements despite read…

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 3.0.0 through 3.0.8, ProxySQL's GenAI/MCP `run_sql_readonly` tool violates its documented read-only contract for MySQL …

Remote | Authorization
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
9.8 CRITICAL
CVE-2026-48773 — ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption vulnerability in the MySQL and PostgreSQL protocol f…

Remote | Memory Corruption
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
10.0 CRITICAL
CVE-2026-48772 — ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules…

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the `PROXY UNKNOWN <addr> <addr> <port> <port>\r\n` PP1 frame …

Remote | Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.8 HIGH
CVE-2026-48715 — radvdump's Route Information Option Parser has a Stack Buffer Overflow

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the `radvdump` utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When process…

radvd | Memory Corruption
Jun 19, 2026 Jun 26, 2026
Jun 19, 2026
Jun 26, 2026
7.1 HIGH
CVE-2026-48089 — DevGuard has improper authorization on public assets

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from…

Remote | Authorization
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
7.5 HIGH
CVE-2026-9375 — Decompression Bomb Bypass via Negative max_length in Streaming API in urllib3

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API (`preload_content=False`) when using Brotli support. The issue arises due to three independent code paths in `r…

Remote | Denial of Service
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.1 HIGH
CVE-2026-49340 — gonic has arbitrary file write in createPlaylist: any authenticated user can write playli…

gonic is a music streaming server / free-software subsonic server API implementation. Prior to version 0.21.0, a logic error in `ServeCreateOrUpdatePlaylist` allows any authenticated Subsonic user (i…

Remote | Path Traversal
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
7.1 HIGH
CVE-2026-49339 — Path traversal in getPlaylist/deletePlaylist bypasses ownership check: any authenticated …

gonic is a music streaming server / free-software subsonic server API implementation. The maintainer's fix in commit `6dd71e6a3c966867ef8c900d359a7df75789f410` added an ownership check based on `pla…

Remote | Path Traversal
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
7.1 HIGH
CVE-2026-49338 — Subsonic API: any authenticated user can delete or read any other user's playlist (IDOR)

gonic is a music streaming server / free-software subsonic server API implementation. Prior to version 0.21.0, the Subsonic API endpoints `/rest/deletePlaylist.view` and `/rest/getPlaylist.view` perf…

Remote | Authorization
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
5.5 MEDIUM
CVE-2026-49336 — @microsoft/kiota-http-fetchlibrary: Bearer token and Cookie leak across origin on redirec…

@microsoft/kiota-http-fetchlibrary provides TypeScript libraries for Kiota-generated API clients. In versions 1.0.0-preview.97 through 1.0.0-preview.101, `@microsoft/kiota-http-fetchlibrary`'s `Redir…

Remote | Authentication
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
7.5 HIGH
CVE-2026-49293 — CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written `parseBigI…

js-toml | Remote | Denial of Service
Jun 19, 2026 Jun 26, 2026
Jun 19, 2026
Jun 26, 2026
8.1 HIGH
CVE-2026-49291 — mcp-memory-service: OAuth read-only clients can write and delete memories through MCP too…

mcp-memory-service is a semantic memory layer for AI applications. Prior to version 10.65.3, the HTTP MCP JSON-RPC endpoint at `/mcp` requires only OAuth `read` scope for all requests, then dispatche…

mcp-memory-service | Remote | Authorization
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
4.3 MEDIUM
CVE-2026-49288 — Statamic CMS missing authorization on Control Panel fieldtype endpoints allows disclosure…

Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.23 and 6.20.0, an authenticated Control Panel user could view metadata and content for resources they don't have p…

statamic | Remote | Authorization
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
6.5 MEDIUM
CVE-2026-27878 — Tempo TraceQL query with exemplar hint could result in unbounded memory usage

A TraceQL query in Grafana Tempo with a large exemplars hint value can cause the Tempo instance to allocate an excessive amount of memory, resulting in an out-of-memory crash. This could allow an aut…

tempo | Remote | Denial of Service
Jun 19, 2026 Jun 29, 2026
Jun 19, 2026
Jun 29, 2026
Showing 20 of 7988 Results