Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.8 HIGH
CVE-2026-24251 — NVIDIA Megatron Bridge: Improper Control of Dynamically Managed Code Resources

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead t…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24250 — NVIDIA Megatron Bridge: Improper Input Validation Leading to Code Execution and Privilege…

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution,…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24249 — NVIDIA Megatron Bridge Deserialization Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24248 — NVIDIA Megatron Bridge Improper Control of Code Generation Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, e…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24247 — NVIDIA Megatron Bridge: Deserialization of Untrusted Data

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24246 — NVIDIA Megatron Bridge: Improper Control of Dynamically Managed Code Resources

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead t…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24245 — NVIDIA Megatron Bridge: Untrusted Deserialization

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24244 — NVIDIA Megatron Bridge: Deserialization of Untrusted Data

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24243 — NVIDIA Megatron Bridge: Untrusted Deserialization Leading to Code Execution

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24242 — NVIDIA Megatron Bridge: Server-Side Request Forgery

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure.

linux_kernel megatron-bridge nemo_megatron_bridge | Server-Side Request Forgery
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24240 — NVIDIA Megatron Bridge: Deserialization Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
0.0 NONE
CVE-2026-13707 — Session fixation attacks on improperly configured OAuth 1.0a tools

Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from * through 1.46.0, …

Remote | Authentication
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
0.0 NONE
CVE-2026-13706 — UrlShortener extension url validation can be bypassed due to difference between php url p…

Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php.

Remote | Injection
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.0 CRITICAL
CVE-2025-23351 — NVIDIA ConnectX/BlueField Arbitrary Code Execution via Out-of-Bounds Write

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful expl…

| Memory Corruption
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.0 CRITICAL
CVE-2025-23350 — NVIDIA ConnectX/BlueField VF Arbitrary Code Execution

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful expl…

| Memory Corruption
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
4.3 MEDIUM
CVE-2026-13211 — Genucenter Disclosure of SNMP Credentials

The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role.

Remote | Information Disclosure
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
7.7 HIGH
CVE-2026-58454 — JAIOTlink C492A-W6 4.8.30.57701411 RCE via /Anyka/config Endpoint

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to…

Remote | Injection
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.8 CRITICAL
CVE-2026-58453 — JAIOTlink C492A-W6 4.8.30.57701411 Hard-coded Credentials via anyka_ipc

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the def…

Remote | Authentication
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
8.8 HIGH
CVE-2026-58452 — JAIOTlink C492A-W6 4.8.30.57701411 OS Command Injection via SetMAC Endpoint

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a …

Remote | Injection
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
7.6 HIGH
CVE-2026-6688 — FatFs Buffer Overflow via Unbounded LFN Filename Copy

FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled, fno.fname can be up to 255 characters; many callers copy it …

fatfs | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
Showing 20 of 7989 Results