Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
9.6 CRITICAL
CVE-2026-10140 — Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem

IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache stat…

langflow langflow_oss | Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
10.0 CRITICAL
CVE-2026-10134 — Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows

IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to read every secret available to the Langflow process, read and modify every flow, conversation, message, file upload, and saved component in …

langflow langflow_oss | Remote | Server-Side Request Forgery
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.5 HIGH
CVE-2026-10129 — SSRF via HTTP Redirect Following in Langflow API Request Component

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery (SSRF) protection bypass vulnerability in the API Request component. An authenticated attacker with low-level privileges (f…

langflow langflow_oss | Remote | Server-Side Request Forgery
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.8 CRITICAL
CVE-2026-10109 — IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake …

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling.

db2 | Remote | Authentication
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2025-36372 — IBM® Db2® could disclose sensitive information to an authenticated user from the monitori…

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive information to an authenticated user from the monitoring an…

linux_kernel db2 windows unix | Remote | Information Disclosure
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.8 CRITICAL
CVE-2026-58138 — Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow defin…

Remote | Injection
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
7.2 HIGH
CVE-2026-10513 — Webmention <= 5.8.0 - Unauthenticated Stored Cross-Site Scripting via MF2 'photo'/'url' A…

The Webmention plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.8.0 via parser-derived 'avatar' and 'url' author metadata. This is due to insufficie…

Remote | Cross-Site Scripting
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-9263 — Out-of-bounds read in Bluetooth Controller ISOAL framed RX reassembly leaks adjacent memo…

The Zephyr Bluetooth controller ISO Adaptation Layer (subsys/bluetooth/controller/ll_sw/isoal.c) fails to validate the length field of a framed ISO PDU start segment. Per the Bluetooth specification …

zephyr zephyr | Memory Corruption
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
7.3 HIGH
CVE-2026-8864 — HP Fan Control App – Potential Escalation of Privilege

The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability.

hp_fan_control_app | Authorization
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.6 HIGH
CVE-2026-58377 — JeecgBoot 3.9.2 - Missing Authorization on OpenAPI Credential Management Endpoints Expose…

JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perform full create, read, update, and delete operations on OpenAPI credentials…

jeecgboot | Remote | Authorization
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
7.6 HIGH
CVE-2026-58376 — Dolibarr - SQL Injection via sqlfilters Parameter in Multiple REST API List Endpoints

Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authenticated API users to exfiltrate arbitrary database contents by supplying malicious values to…

dolibarr_erp\/crm | Remote | Injection
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.7 HIGH
CVE-2026-58375 — JimuReport 2.5.0 - Unauthenticated Report Export via /jmreport/auto/export

JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler is annotated @JimuNoLoginRequired, so JimuReportTokenInterceptor skips all authentication …

jimureport | Remote | Authentication
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
5.3 MEDIUM
CVE-2026-58373 — CVAT < 2.69.0 - Missing Authorization on Quality Reports parent_id Filter Leaks Cross-Org…

CVAT before 2.69.0 contains an improper authorization vulnerability in QualityReportViewSet.get_queryset that allows authenticated attackers to enumerate quality report identifiers belonging to other…

cvat | Remote | Authorization
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.1 HIGH
CVE-2026-58372 — SeaweedFS < 4.34 - Cross-Bucket Object Deletion via DeleteObjects Request-Body Keys

SeaweedFS before 4.34 contains a path traversal vulnerability in the S3 gateway DeleteMultipleObjectsHandler that allows authenticated S3 principals with write access to a single bucket to delete arb…

seaweedfs | Remote | Path Traversal
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
3.1 LOW
CVE-2026-58371 — SeaweedFS < 4.30 - Cross-Origin Information Disclosure via Unvalidated JSONP callback Par…

SeaweedFS before 4.30 reflects the callback query parameter verbatim into responses served with Content-Type application/javascript in the shared writeJson helper (weed/server/common.go), with no cal…

seaweedfs | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.2 CRITICAL
CVE-2026-58370 — Woodpecker < 3.15.0 - GitLab Approval Gate Bypass via Spoofable Commit Author Name

Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author. For the GitLab forge driver, pipeline.Author is populated from the git commit author name (commit.author…

woodpecker | Remote | Authorization
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.9 MEDIUM
CVE-2026-58369 — Woodpecker < 3.15.0 - Unauthenticated NULL Pointer Dereference in /api/orgs/lookup Enable…

Woodpecker before 3.15.0 registers the /api/orgs/lookup/*org_full_name endpoint without authentication middleware, and the LookupOrg handler unconditionally dereferences the session user (user.ForgeI…

woodpecker | Remote | Authentication
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
7.1 HIGH
CVE-2026-58176 — RuoYi-Vue-Plus - Missing Authorization on Workflow Task Management Endpoints

RuoYi-Vue-Plus through 5.6.2, fixed in commit 88d03d9, exposes workflow task management endpoints under /workflow/task (FlwTaskController) without any permission check: the controller declares no cla…

ruoyi-vue-plus | Remote | Authorization
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-58174 — Hermes WebUI < 0.51.521 - Cross-Profile Authorization Bypass via Unset Session Profile on…

Hermes WebUI before 0.51.521 validates the workspace of an imported session under the active named profile but constructs the Session object without setting its profile in the /api/session/import han…

hermes_web_ui | Remote | Authorization
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-58173 — Vibe-Trading < 0.1.10 - Path Traversal via Persistent Memory Type

Vibe-Trading before 0.1.10 contains a path traversal vulnerability that allows attackers to write files outside the intended memory root directory by supplying a malicious memory_type value containin…

Remote | Path Traversal
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
Showing 20 of 7901 Results