Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.5 HIGH

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Shared Folders). The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows lo…

Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
8.2 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vu…

Jun 17, 2026 Jun 24, 2026
Jun 17, 2026
Jun 24, 2026
8.4 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vu…

Jun 17, 2026 Jun 24, 2026
Jun 17, 2026
Jun 24, 2026
8.7 HIGH

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Weblogic). Supported versions that are affected are 8.61 and 8.62. Difficult to exploit vulnerabil…

Jun 17, 2026 Jun 24, 2026
Jun 17, 2026
Jun 24, 2026
9.1 CRITICAL

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable…

Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
7.5 HIGH

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulne…

identity_manager | Remote
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
9.9 CRITICAL

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability all…

identity_manager | Remote
Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
8.8 HIGH

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulne…

identity_manager | Remote
Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
8.8 HIGH

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Security). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability…

identity_manager | Remote
Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
9.9 CRITICAL

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allo…

weblogic_server | Remote
Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
8.3 HIGH

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware (component: Market Place). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vul…

data_integrator | Remote
Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
6.5 MEDIUM

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploit…

access_manager | Remote
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.8 HIGH

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability a…

weblogic_server | Remote
Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
8.7 HIGH

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability a…

weblogic_server | Remote
Jun 17, 2026 Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
7.4 HIGH
CVE-2026-12348 — Address Bar Spoofing in Arc Search for Android (window.open race condition)

Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, enabling phishing.

Remote | Information Disclosure
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
9.3 CRITICAL
CVE-2026-48777 — FileBrowser Quantum: Path Traversal in public share PATCH allows file ops outside shared …

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backen…

filebrowser_quantum | Remote | Path Traversal
Jun 16, 2026 Jun 17, 2026
Jun 16, 2026
Jun 17, 2026
7.8 HIGH
CVE-2026-47750 — stable-diffusion.cpp: Heap buffer overflow in GLOBAL opcode parsing for PyTorch checkpoin…

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, the pickle .…

stable-diffusion.cpp | Memory Corruption
Jun 16, 2026 Jun 25, 2026
Jun 16, 2026
Jun 25, 2026
7.8 HIGH
CVE-2026-47747 — stable-diffusion.cpp has a Heap-based Buffer Overflow

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, the pickle .c…

stable-diffusion.cpp | Memory Corruption
Jun 16, 2026 Jun 25, 2026
Jun 16, 2026
Jun 25, 2026
8.5 HIGH
CVE-2026-46448 — OpenStack Nova Server Create API Information Leak

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation.

nova | Remote | Misconfiguration
Jun 16, 2026 Jun 26, 2026
Jun 16, 2026
Jun 26, 2026
9.1 CRITICAL
CVE-2026-22313 — OS Commands Executed with Administrative Permissions in Radiflow iSAP Smart Collector

The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send arbitra…

Remote | Injection
Jun 16, 2026 Jun 17, 2026
Jun 16, 2026
Jun 17, 2026
Showing 20 of 7990 Results