Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-14617 — NousResearch hermes-agent Streaming Reasoning Tag Filter stream_consumer.py GatewayStream…

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer._filter_and_accumulate of the file gateway/stream_consumer.py o…

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.5 MEDIUM
CVE-2026-58523 — Microsoft Edge for Android Security Feature Bypass Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-14611 — DeepMyst Mysti Per-Project Auto-Memory MemoryManager.ts initProjectMemory exposure of res…

A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory…

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
5.6 MEDIUM
CVE-2026-14355 — ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. Th…

Remote
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58426 — Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact rea…

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58424 — Permanent Fork PR Workflow Approval Gate Bypass

Permanent Fork PR Workflow Approval Gate Bypass

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58423 — LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to p…

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58422 — Improper authorization on OAuth sign-in callback silently re-enables administrator-disabl…

Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58421 — Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service

Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58419 — Notification API leaks private issue metadata after access revocation

Notification API leaks private issue metadata after access revocation

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-58418 — SSRF via HTTP Redirect in Repository Migration

SSRF via HTTP Redirect in Repository Migration

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-14610 — Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile heap-based overflow

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM Fi…

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-12481 — Deserialization of Untrusted Data in keras-team/keras

A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the `Lambda` layer. Specifically, the `_raise_for_lambda_deserial…

| Injection
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.1 MEDIUM
CVE-2026-58291 — Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.5 MEDIUM
CVE-2026-45489 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
4.3 MEDIUM
CVE-2026-58597 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
5.4 MEDIUM
CVE-2026-58524 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
6.2 MEDIUM
CVE-2026-58300 — Microsoft Edge for Android Information Disclosure Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
7.2 HIGH
CVE-2026-58298 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
7.1 HIGH
CVE-2026-58297 — Microsoft Edge for Android Information Disclosure Vulnerability

None

Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
Showing 20 of 8020 Results