Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-14617 — NousResearch hermes-agent Streaming Reasoning Tag Filter stream_consumer.py GatewayStream…

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer._filter_and_accumulate of the file gateway/stream_consumer.py o…

hermes-agent | Misconfiguration
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.5 MEDIUM
CVE-2026-58523 — Microsoft Edge for Android Security Feature Bypass Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-14611 — DeepMyst Mysti Per-Project Auto-Memory MemoryManager.ts initProjectMemory exposure of res…

A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory…

mysti | Information Disclosure
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
5.6 MEDIUM
CVE-2026-14355 — ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. Th…

Remote | Memory Corruption
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58426 — Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact rea…

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write

| Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58424 — Permanent Fork PR Workflow Approval Gate Bypass

Permanent Fork PR Workflow Approval Gate Bypass

| Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58423 — LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to p…

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

| Authentication
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58422 — Improper authorization on OAuth sign-in callback silently re-enables administrator-disabl…

Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts

| Authorization
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58421 — Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service

Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service

| Denial of Service
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58419 — Notification API leaks private issue metadata after access revocation

Notification API leaks private issue metadata after access revocation

| Information Disclosure
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58418 — SSRF via HTTP Redirect in Repository Migration

SSRF via HTTP Redirect in Repository Migration

| Server-Side Request Forgery
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-14610 — Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile heap-based overflow

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM Fi…

| Memory Corruption
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-12481 — Deserialization of Untrusted Data in keras-team/keras

A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the `Lambda` layer. Specifically, the `_raise_for_lambda_deserial…

| Injection
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.1 MEDIUM
CVE-2026-58291 — Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.5 MEDIUM
CVE-2026-45489 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
4.3 MEDIUM
CVE-2026-58597 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
5.4 MEDIUM
CVE-2026-58524 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.2 MEDIUM
CVE-2026-58300 — Microsoft Edge for Android Information Disclosure Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
7.2 HIGH
CVE-2026-58298 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
7.1 HIGH
CVE-2026-58297 — Microsoft Edge for Android Information Disclosure Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
Showing 20 of 8017 Results