Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-43709 — Safari Use-After-Free

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web conten…

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
4.3 MEDIUM
CVE-2026-43708 — Safari Cross-Origin Data Exfiltration

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin.

macos iphone_os safari ipados safari macos | Remote | Information Disclosure
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
7.5 HIGH
CVE-2026-43707 — Safari Memory Corruption

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web conte…

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-43706 — Apple WebKit Double Free

A double free issue was addressed with improved memory management. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an u…

macos iphone_os ipados macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
8.8 HIGH
CVE-2026-43705 — Apple Safari Type Confusion Vulnerability

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead …

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
5.3 MEDIUM
CVE-2026-43704 — Safari Use-After-Free

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious web extension may be able to …

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-43703 — Apple WebKit Remote Code Execution

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected pr…

macos iphone_os ipados macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
8.3 HIGH
CVE-2026-43701 — Apple Safari Sandbox Escape

The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content…

macos iphone_os safari ipados safari macos | Remote | Misconfiguration
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-43700 — Safari Cross-Origin Information Disclosure

A cross-origin issue was addressed with improved tracking of security origins. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted w…

macos iphone_os safari ipados safari macos | Remote | Information Disclosure
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-43699 — Apple Safari Use-After-Free

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web conten…

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-43676 — Apple Safari Out-of-Bounds Access

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web c…

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-43663 — Safari Out-of-Bounds Read

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to a…

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-39872 — Apple Safari Use-After-Free

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to a…

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
9.1 CRITICAL
CVE-2026-39868 — Apple Kernel Memory Corruption

This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or corrupt …

macos iphone_os ipados macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
9.1 CRITICAL
CVE-2026-37637 — Alexantr Filemanager Arbitrary Code Execution

An issue in Alexantr filemanager v.1.0 allows a remote attacker to execute arbitrary code via the filemanager.php component

Remote | Injection
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-31016 — Squidex.io Squidex CMS: Cross-Site Request Forgery (CSRF) leading to Privilege Escalation

Cross Site Request Forgery vulnerability in Squidex.io Squidex CMS v.7.21.0 and before allows a remote attacker to escalate privileges via the IdentityServer account profile endpoint

Remote | Cross-Site Request Forgery
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
6.5 MEDIUM
CVE-2026-28979 — Apple Safari Out-of-Bounds Read

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web c…

macos iphone_os safari ipados safari macos | Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
9.8 CRITICAL
CVE-2026-13763 — HTTP/2 Stream Parser Confusion Body-Inspection Bypass in AWS Application Load Balancer wi…

Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 reques…

application_load_balancer | Remote | Misconfiguration
Jun 29, 2026 Jul 01, 2026
Jun 29, 2026
Jul 01, 2026
9.8 CRITICAL
CVE-2026-13762 — HTTP/2 Stream Parser Confusion Body-Inspection Bypass in Amazon CloudFront with AWS WAF

Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that frag…

cloudfront | Remote | Misconfiguration
Jun 29, 2026 Jul 01, 2026
Jun 29, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-13593 — CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire docume…

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only charact…

Remote | Memory Corruption
Jun 29, 2026 Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
Showing 20 of 7992 Results