Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.8 HIGH
CVE-2026-24251 — NVIDIA Megatron Bridge: Improper Control of Dynamically Managed Code Resources

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead t…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24250 — NVIDIA Megatron Bridge: Improper Input Validation Leading to Code Execution and Privilege…

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution,…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24249 — NVIDIA Megatron Bridge Deserialization Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24248 — NVIDIA Megatron Bridge Improper Control of Code Generation Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, e…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24247 — NVIDIA Megatron Bridge: Deserialization of Untrusted Data

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24246 — NVIDIA Megatron Bridge: Improper Control of Dynamically Managed Code Resources

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead t…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24245 — NVIDIA Megatron Bridge: Untrusted Deserialization

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24244 — NVIDIA Megatron Bridge: Deserialization of Untrusted Data

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24243 — NVIDIA Megatron Bridge: Untrusted Deserialization Leading to Code Execution

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24242 — NVIDIA Megatron Bridge: Server-Side Request Forgery

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure.

linux_kernel megatron-bridge nemo_megatron_bridge | Server-Side Request Forgery
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-24240 — NVIDIA Megatron Bridge: Deserialization Vulnerability

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, esc…

Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
0.0 NONE
CVE-2026-13707 — Session fixation attacks on improperly configured OAuth 1.0a tools

Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from * through 1.46.0, …

Remote | Authentication
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
0.0 NONE
CVE-2026-13706 — UrlShortener extension url validation can be bypassed due to difference between php url p…

Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php.

Remote | Injection
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.0 CRITICAL
CVE-2025-23351 — NVIDIA ConnectX/BlueField Arbitrary Code Execution via Out-of-Bounds Write

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful expl…

| Memory Corruption
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.0 CRITICAL
CVE-2025-23350 — NVIDIA ConnectX/BlueField VF Arbitrary Code Execution

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful expl…

| Memory Corruption
Jul 01, 2026 Jul 01, 2026
Jul 01, 2026
Jul 01, 2026
9.8 CRITICAL
CVE-2025-15646 — HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion

HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the <template> element was added to libgumbo 0.10.0 in 2015, but the walk_tree function in lib/HTML/Gum…

Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.6 HIGH
CVE-2026-6688 — FatFs Buffer Overflow via Unbounded LFN Filename Copy

FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled, fno.fname can be up to 255 characters; many callers copy it …

fatfs | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.6 HIGH
CVE-2026-6687 — FatFs Stack Buffer Overflow via Uncapped exFAT Label Length

FatFs R0.16 and earlier contains a stack overflow bug in f_getlabel() because exFAT label length (XDIR_NumLabel) is trusted without enforcing spec maximums. This maps to CWE-121 (Stack-based Buffer O…

fatfs | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
4.6 MEDIUM
CVE-2026-6686 — FatFs Use of Uninitialized Clusters After Seek Past EOF

FatFs R0.16 and earlier contains an uninitialized cluster exposure when f_lseek() extends files beyond EOF without zero-filling newly allocated clusters. This maps to CWE-908 (Use of Uninitialized Re…

fatfs | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
6.1 MEDIUM
CVE-2026-6685 — FatFs Integer Underflow in Dirty-Sector Cache Flush

FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during interleaved read/write on fragmented filesystems. This ma…

fatfs | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
Showing 20 of 7453 Results