Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.3 MEDIUM
CVE-2026-49355 — OpenProject: Private work package data disclosure through single meeting agenda item API

OpenProject is open-source, web-based project management software. Prior to 17.4.0, `GET /api/v3/meetings/:meeting_id/agenda_items/:agenda_item_id` discloses private work package data from a linked w…

openproject | Remote | Information Disclosure
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
7.5 HIGH
CVE-2026-47193 — OpenProject: Journal diff endpoint bypasses object, journal, and field visibility checks

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the journal diff endpoint discloses hidden historical field values without enforcing object and field vi…

openproject | Remote | Information Disclosure
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
9.9 CRITICAL
CVE-2026-46386 — OpenProject: Pre-authentication RCE in openproject/openproject Docker image via default `…

OpenProject is open-source, web-based project management software. Prior to , the official openproject/openproject Docker image ships ENV SECRET_KEY_BASE=OVERWRITE_ME as the default Rails master key.…

openproject | Remote | Cryptography
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-44736 — OpenProject: Relations API Filter Bypasses Visibility Scope, Leaking Cross-Project Work P…

OpenProject is open-source, web-based project management software. Prior to 17.4.0, the GET /api/v3/relations endpoint allows any authenticated user to retrieve relations — and the subject (title) of…

openproject | Remote | Authorization
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
6.5 MEDIUM
CVE-2026-44735 — OpenProject: Shares API Information Disclosure

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the GET /api/v3/shares endpoint returns share details for ALL work packages in a project to any user wit…

openproject | Remote | Authorization
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-44734 — OpenProject: Improper Access Control on OpenProject through the POST request to /projects…

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, a Missing Authorization vulnerability exists in OpenProject's CostReportsController. The rename and upda…

openproject | Remote | Authorization
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
5.9 MEDIUM
CVE-2026-44733 — OpenProject: Business Logic Error on OpenProject through PATCH request to /api/v3/users/m…

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password…

openproject | Remote | Authentication
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
4.3 MEDIUM
CVE-2026-44732 — OpenProject: IDOR on OpenProject through /api/v3/documents/{id} via PATCH parameter "proj…

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, OpenProject exposes a document update endpoint used to modify existing documents. The target document is…

openproject | Remote | Authorization
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
4.3 MEDIUM
CVE-2026-44731 — OpenProject: Improper Access Control on OpenProject through /projects/[projectName]/meeti…

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the web application's meetings filter feature leaks whether a given user ID corresponds to a valid accou…

openproject | Remote | Information Disclosure
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
5.7 MEDIUM
CVE-2026-44696 — OpenProject: Stored CSS injection via Sanitize::Config::RELAXED[:css] enables phishing ov…

OpenProject is open-source, web-based project management software. Prior to 17.4.0, OpenProject's rich text (markdown) rendering pipeline uses Sanitize::Config::RELAXED[:css] for inline style sanitiz…

openproject | Remote | Cross-Site Scripting
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
8.8 HIGH
CVE-2026-32833 — Cudy LT300 3.0 OS Command Injection via NTP Configuration

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharact…

Remote | Injection
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
5.4 MEDIUM
CVE-2026-29509 — Patool < 4.0.5 Path Traversal via safe_extract() Function

Patool before 4.0.5 contains a path traversal vulnerability in the safe_extract() function in patoolib/programs/py_tarfile.py when running on Python before 3.12, where the is_within_directory() helpe…

Remote | Path Traversal
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
5.9 MEDIUM
CVE-2026-54753 — Nx: `nx graph` dev server permissive CORS policy

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: * on every res…

Remote | Information Disclosure
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
5.9 MEDIUM
CVE-2026-48090 — Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash …

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter (envoy.filters.http.oauth2) can leave an in-flight a…

envoy | Remote | Memory Corruption
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
7.5 HIGH
CVE-2026-47220 — Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SERVER_NAME(X:Y)% is used in log format and host relate…

envoy | Remote | Denial of Service
Jun 26, 2026 Jun 30, 2026
Jun 26, 2026
Jun 30, 2026
5.9 MEDIUM
CVE-2026-47205 — Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free (UAF) vulnerability leading to a sudden segmentat…

envoy | Remote | Memory Corruption
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
7.2 HIGH
CVE-2026-13372 — Devolutions Remote Desktop Manager PowerShell Script Execution via Display Name Collision

Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a …

remote_desktop_manager | Remote | Authorization
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
8.6 HIGH
CVE-2026-56876 — extract-zip unvalidated symlink path traversal

extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relative path like '../../../../etc/passwd', extract-zip w…

extract-zip | Remote | Path Traversal
Jun 26, 2026 Jun 30, 2026
Jun 26, 2026
Jun 30, 2026
6.3 MEDIUM
CVE-2026-55448 — mise: Local credential_command executes untrusted config

mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credential_command from local project config before any trust decision, then executes …

mise | Misconfiguration
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
8.6 HIGH
CVE-2026-55441 — mise: Arbitrary command execution via task-include files in an untrusted, config-less rep…

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files (mise.toml, .tool-versions) through trust_check, but task-include files are …

mise | Misconfiguration
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Showing 20 of 7990 Results