Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.8 MEDIUM
CVE-2026-53870 — Hermes Agent < 0.16.0 - Sensitive File Permission Vulnerability in Store Files

Hermes Agent before 0.16.0 creates response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644), exposing conversation history and HMAC secrets to local users. Attack…

Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.7 HIGH
CVE-2026-53869 — Hermes Agent < 0.16.0 - DNS Rebinding Bypass via WebSocket Endpoints

Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation. FastAPI HTTP middleware does not execute fo…

hermes-agent | Remote | Misconfiguration
Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
7.5 HIGH
CVE-2026-48818 — Starlette: SSRF and NTLM credential theft via UNC paths in StaticFiles on Windows

Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \\attacker.com\share can cause os.path.realpath to …

starlette | Remote | Server-Side Request Forgery
Jun 17, 2026 Jun 30, 2026
Jun 17, 2026
Jun 30, 2026
7.4 HIGH
CVE-2026-9697 — undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 P…

Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI (socks5:// or socks://). The target HTTPS connection through the SOCKS5 tunnel falls back to N…

undici | Misconfiguration
Jun 17, 2026 Jul 02, 2026
Jun 17, 2026
Jul 02, 2026
5.9 MEDIUM
CVE-2026-9679 — undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

Impact: undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §…

undici | Injection
Jun 17, 2026 Jun 25, 2026
Jun 17, 2026
Jun 25, 2026
5.9 MEDIUM
CVE-2026-9678 — undici vulnerable to cross-user information disclosure via shared cache whitespace bypass

Impact: Undici's cache interceptor incorrectly classifies some responses as cacheable when the upstream Cache-Control header uses whitespace-padded qualified private or no-cache field names such as p…

undici | Misconfiguration
Jun 17, 2026 Jun 25, 2026
Jun 17, 2026
Jun 25, 2026
8.8 HIGH
CVE-2026-7300 — Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in R…

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Web Integration Service) allows Filter Failure through Buffer Overflow.This issue aff…

connext_professional | Remote | Memory Corruption
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.8 HIGH
CVE-2026-6734 — undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse

Impact: When using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool's origin matches the requested origin. All requests are dispatched…

undici | Remote | Misconfiguration
Jun 17, 2026 Jul 02, 2026
Jun 17, 2026
Jul 02, 2026
3.7 LOW
CVE-2026-6733 — undici vulnerable to HTTP response queue poisoning via keep-alive socket reuse

Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idl…

undici | Misconfiguration
Jun 17, 2026 Jun 27, 2026
Jun 17, 2026
Jun 27, 2026
9.8 CRITICAL
CVE-2026-53805 — NVIDIA SIL GEN3C Unauthenticated RCE via Pickle Deserialization in Inference API

NVIDIA Spatial Intelligence Lab's (SIL) GEN3C contains an unauthenticated remote code execution vulnerability in the inference API server where the /request-inference and /seed-model endpoints deseri…

Remote | Injection
Jun 17, 2026 Jun 22, 2026
Jun 17, 2026
Jun 22, 2026
4.8 MEDIUM
CVE-2026-48591 — Stored XSS via unescaped HTML attribute values in earmark

Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':_ma…

earmark | Cross-Site Scripting
Jun 17, 2026 Jun 22, 2026
Jun 17, 2026
Jun 22, 2026
7.5 HIGH
CVE-2026-47774 — Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK ampl…

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request proc…

envoy | Remote | Denial of Service
Jun 17, 2026 Jun 30, 2026
Jun 17, 2026
Jun 30, 2026
9.2 CRITICAL
CVE-2026-3894 — Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Over…

Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from…

connext_professional | Remote | Memory Corruption
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
2.9 LOW
CVE-2026-39199 — snes9x Out-of-Bounds Write

snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file.

| Memory Corruption
Jun 17, 2026 Jun 22, 2026
Jun 17, 2026
Jun 22, 2026
8.8 HIGH
CVE-2026-30803 — Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries…

Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.

connext_micro | Remote | Memory Corruption
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.8 HIGH
CVE-2026-30802 — Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Bu…

Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0, from 2.4.5 before 2.4.*.

connext_micro | Remote | Memory Corruption
Jun 17, 2026 Jun 25, 2026
Jun 17, 2026
Jun 25, 2026
6.1 MEDIUM
CVE-2026-30799 — Missing Authentication for Critical Function vulnerability in RTI Connext Professional (S…

Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, fr…

connext_professional | Remote | Authentication
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
6.0 MEDIUM
CVE-2026-2675 — Missing Authentication for Critical Function vulnerability in RTI Connext Professional (S…

Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7…

connext_professional | Remote | Authentication
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
4.8 MEDIUM
CVE-2026-2674 — Out-of-bounds Write vulnerability in RTI Connext Professional (Queueing Service,Core Libr…

Out-of-bounds Write, Out-of-bounds Write, Out-of-bounds Write vulnerability in RTI Connext Professional (Queueing Service,Core Libraries,Persistence Service) allows Overflow Buffers, Overflow Buffers…

connext_professional | Memory Corruption
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
9.2 CRITICAL
CVE-2026-2467 — Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) all…

Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 b…

connext_professional | Remote | Memory Corruption
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Showing 20 of 7983 Results