Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.3 MEDIUM
CVE-2026-14615 — Keycloak-services: keycloak: fgap v2 parent group children endpoint bypasses per-child vi…

A flaw was found in the Fine-Grained Admin Permissions (FGAP) v2 implementation within Keycloak's administrative services. When FGAP v2 is enabled, the system fails to properly filter child groups ba…

build_of_keycloak | Remote | Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
5.4 MEDIUM
CVE-2026-14614 — Keycloak-services: keycloak-services: fgap v2 client scope assignment bypass via clientre…

A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admin Permissions (FGAP) v2 is enabled. This issue allows a delegated administrator, who should only ha…

single_sign-on data_grid build_of_keycloak | Remote | Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
4.3 MEDIUM
CVE-2026-14613 — Keycloak-services: keycloak-services: keycloak: fgap v2 role groups endpoint discloses hi…

A vulnerability was discovered in Keycloak's administrative interface that allows certain administrators to see information about groups they shouldn't have access to. When the new Fine-Grained Admin…

single_sign-on data_grid build_of_keycloak | Remote | Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
4.2 MEDIUM
CVE-2026-14612 — Freeipa: ipa: idm: freeipa: off-by-one buffer overflows in ipa-otpd oauth2.c during oauth…

Two off-by-one errors in the FreeIPA ipa-otpd daemon's OAuth2 device authorization handler can cause out-of-bounds memory access when processing an oversized response from a configured external OAuth…

enterprise_linux enterprise_linux | Remote | Memory Corruption
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.7 MEDIUM
CVE-2026-49813 — Dell PowerProtect Data Domain OS Command Injection

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
8.8 HIGH
CVE-2026-14460 — Missing Authorization in TUBITAK BILGEM's pardus-software

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0…

| Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
7.2 HIGH
CVE-2026-49814 — Dell PowerProtect Data Domain OS Command Injection

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Remote | Injection
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
8.8 HIGH
CVE-2026-14459 — Argument Injection in TUBITAK BILGEM's pardus-software

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. …

| Injection
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
7.2 HIGH
CVE-2026-49815 — Dell PowerProtect Data Domain OS Command Injection

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Remote | Injection
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
7.2 HIGH
CVE-2026-53478 — Dell PowerProtect Data Domain OS Command Injection

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Remote | Injection
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.5 MEDIUM
CVE-2026-46463 — Dell PowerProtect Data Domain Integer Overflow Denial of Service

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Remote | Denial of Service
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
4.9 MEDIUM
CVE-2026-46464 — Dell PowerProtect Data Domain Improper Link Resolution Vulnerability

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Remote | Path Traversal
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
5.5 MEDIUM
CVE-2026-46465 — Dell PowerProtect Data Domain Use of Externally-Controlled Format String Vulnerability

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Remote | Information Disclosure
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
2.7 LOW
CVE-2026-46466 — Dell PowerProtect Data Domain Use of Less Trusted Source Information Tampering

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Remote | Supply Chain
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
5.8 MEDIUM
CVE-2026-46467 — Dell PowerProtect Data Domain Log Information Exposure

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Information Disclosure
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
4.4 MEDIUM
CVE-2026-46468 — Dell PowerProtect Data Domain Information Exposure via Improper Link Resolution

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Information Disclosure
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-56015 — Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unboun…

Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add() passes the prefix string to the trie builder addPrefixToTrie() without checking it a…

| Memory Corruption
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
4.2 MEDIUM

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.9 MEDIUM
CVE-2026-59234 — Authorization Bypass Through User-Controlled Key in Prospero Flow CRM calendar event dele…

Authorization Bypass Through User-Controlled Key (CWE-639) in CalendarDeleteEventController (app/Http/Controllers/Calendar/CalendarDeleteEventController.php), exposed at GET /calendar/event/delete/{i…

Remote | Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
3.3 LOW
CVE-2026-56085 — Dell PowerProtect Data Domain Use of Uninitialized Resource Information Exposure

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 thro…

powerprotect_data_domain | Information Disclosure
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
Showing 20 of 8005 Results