Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.4 MEDIUM
CVE-2026-54325 — Pi loads project-local extensions without approval

Pi is a minimal terminal coding harness. Pi before 0.79.0 loaded project-local configuration and resources from a repository's .pi directory without first asking the user to trust that repository. Th…

| Supply Chain
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
10.0 CRITICAL
CVE-2026-53622 — Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case h…

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QUIC) TLS configuration selection that allows unauthenticated clients to byp…

traefik | Remote | Authentication
Jun 23, 2026 Jun 30, 2026
Jun 23, 2026
Jun 30, 2026
10.0 CRITICAL
CVE-2026-48491 — Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypa…

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection (SNICheck) that allows an unauthenticated cl…

traefik | Remote | Misconfiguration
Jun 23, 2026 Jun 30, 2026
Jun 23, 2026
Jun 30, 2026
10.0 CRITICAL
CVE-2026-48020 — Traefik StripPrefix Route-Level Auth Bypass via Path Normalization

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated atta…

traefik | Remote | Authorization
Jun 23, 2026 Jun 30, 2026
Jun 23, 2026
Jun 30, 2026
6.9 MEDIUM
CVE-2026-45792 — RTK improperly trusts project-local filter configuration, allowing silent tampering of co…

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK (Rust Token Killer) improperly trusts project-local configuration files. RTK automatically loads .r…

rtk-rewrite rtk | Misconfiguration
Jun 23, 2026 Jul 01, 2026
Jun 23, 2026
Jul 01, 2026
8.1 HIGH
CVE-2026-39253 — Pivotal CRM Remote Code Execution

An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components.

Remote | Memory Corruption
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
5.9 MEDIUM
CVE-2026-55736 — Private action arguments can be set by user input in Ash

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in ash-project ash allows a user to set the value of a private action argument that is intended to be cont…

ash | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
8.8 HIGH
CVE-2026-55249 — @rtk-ai/rtk-rewrite: OpenClaw Rewrite Plugin Command Injection via execSync Template Stri…

@rtk-ai/rtk-rewrite transparently rewrites shell commands executed via OpenClaw's exec tool to their RTK equivalents. In 1.0.0, the @rtk-ai/rtk-rewrite OpenClaw plugin passes attacker-controlled inpu…

rtk-rewrite | Remote | Injection
Jun 23, 2026 Jul 01, 2026
Jun 23, 2026
Jul 01, 2026
7.7 HIGH
CVE-2026-54322 — Daytona: Cross-org IDOR in organization role update/delete — any org owner can rewrite or…

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, Daytona's organization role update and delete endpoints authorized the ca…

Remote | Authorization
Jun 23, 2026 Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
7.0 HIGH
CVE-2026-54321 — Daytona: Public sandbox previews remain accessible for up to one hour after being made pr…

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox previews that were switched from public to private coul…

Remote | Authentication
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
8.4 HIGH
CVE-2026-54320 — Daytona: Cross-tenant organization takeover via invitation acceptance with an unverified …

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.184.0, organization invitations could be accepted (and declined) by a user whose…

Remote | Authentication
Jun 23, 2026 Jun 24, 2026
Jun 23, 2026
Jun 24, 2026
4.2 MEDIUM
CVE-2026-54319 — Daytona: Path traversal in sandbox volume id mounts arbitrary host paths into the sandbox…

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.186, a sandbox volume reference (volumeId, which may also be a volume name) was …

Remote | Path Traversal
Jun 23, 2026 Jun 24, 2026
Jun 23, 2026
Jun 24, 2026
8.6 HIGH
CVE-2026-53755 — Crawl4AI: SSRF via proxy settings in the Docker server bypasses the crawl-URL SSRF check

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the crawl target URL only, not to the proxy address. An unau…

crawl4ai | Remote | Server-Side Request Forgery
Jun 23, 2026 Jun 29, 2026
Jun 23, 2026
Jun 29, 2026
7.5 HIGH
CVE-2026-53754 — Crawl4AI: SSRF filter bypass in Docker server via IPv6 transition forms (NAT64 / 6to4 / u…

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server's SSRF protection (validate_webhook_url / validate_url_destination in deploy/docker/utils.py) used…

crawl4ai | Remote | Server-Side Request Forgery
Jun 23, 2026 Jun 29, 2026
Jun 23, 2026
Jun 29, 2026
10.0 CRITICAL
CVE-2026-53753 — Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes st…

crawl4ai | Remote | Injection
Jun 23, 2026 Jun 29, 2026
Jun 23, 2026
Jun 29, 2026
2.9 LOW
CVE-2026-57062 — GnuPG gpgsm AES-GCM ICV Length Validation Bypass

CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is …

gnupg | Cryptography
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
4.0 MEDIUM
CVE-2026-57053 — GNU libidn Out-of-Bounds Read Vulnerability

GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_internal. The affected code is not present in libidn2.

libidn | Memory Corruption
Jun 23, 2026 Jun 29, 2026
Jun 23, 2026
Jun 29, 2026
4.3 MEDIUM
CVE-2026-55517 — Deno: Denial of service via non-ASCII bytes in WebSocket response headers

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket …

deno | Remote | Denial of Service
Jun 23, 2026 Jun 29, 2026
Jun 23, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-54324 — Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organiza…

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gat…

Remote | Authorization
Jun 23, 2026 Jun 25, 2026
Jun 23, 2026
Jun 25, 2026
5.9 MEDIUM
CVE-2026-54323 — Daytona: Git credential leak via git clone with TLS verification disabled

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, the daemon's git clone implementation disabled TLS certificate verificati…

Remote | Misconfiguration
Jun 23, 2026 Jun 24, 2026
Jun 23, 2026
Jun 24, 2026
Showing 20 of 7941 Results