Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
8.7 HIGH
CVE-2026-47266 — Formie: Unauthenticated front-end submission editing can overwrite existing submissions

Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/…

formie | Remote | Authorization
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
7.5 HIGH
CVE-2026-47123 — FreeScout: Agent Impersonation via Missing HMAC Verification on Notification Reply Messag…

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processing pipeline in FreeScout's FetchEmails command has two code paths for identifyin…

freescout | Remote | Authentication
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
0.0 NA
CVE-2026-46599 — Excessive resource consumption in PackBits decompression in golang.org/x/image/tiff

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height and encoded s…

tiff | Denial of Service
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
8.7 HIGH
CVE-2026-46527 — cpp-httplib: Malicious `X-Forwarded-For` Under Trusted-Proxy Configuration Triggers Empty…

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::set_trusted_proxies() with a non-empty trusted-proxy list, an att…

cpp-httplib | Remote | Denial of Service
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
8.7 HIGH
CVE-2026-46385 — iskorotkov/avro: CPU Exhaustion in Avro Decoder

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state ins…

Remote | Denial of Service
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
8.7 HIGH
CVE-2026-46384 — iskorotkov/avro: Integer Overflow in Avro Decoder

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before …

Remote | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
7.7 HIGH
CVE-2026-45700 — Heap-buffer-overflow write in planar bitmap decoder

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/pl…

freerdp | Remote | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
9.8 CRITICAL
CVE-2026-45697 — Formie: Pre-authenticated server-side template injection in Hidden fields

Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields (with Default value → Custom) that were evaluated as …

formie | Remote | Injection
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
3.3 LOW
CVE-2026-45613 — Rizin: Heap-buffer-overflow in OMF parser

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76c…

rizin | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
9.9 CRITICAL
CVE-2026-45372 — cpp-httplib: HTTP header value percent-decoding in server-side `parse_header` enables CRL…

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header va…

cpp-httplib | Remote | Injection
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
5.3 MEDIUM
CVE-2026-45352 — cpp-httplib DoS: Negative chunk-size in chunked Transfer-Encoding

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process cras…

cpp-httplib | Remote | Denial of Service
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
3.3 LOW
CVE-2026-45324 — Rizin: Double free in cmd_search.c

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vul…

rizin | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
5.3 MEDIUM
CVE-2026-45294 — FreeScout: User Account Enumeration via Password Reset Response Differentiation

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted…

freescout | Remote | Information Disclosure
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
2.9 LOW
CVE-2026-45151 — NanoMQ: NULL Pointer Dereference

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can dereference a null substream pointer when a substream is in reopen state. The code fi…

nanomq | Remote | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
6.5 MEDIUM
CVE-2026-45149 — brace-expansion: Large numeric range defeats documented `max` DoS protection

The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large num…

brace-expansion | Remote | Denial of Service
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
4.5 MEDIUM
CVE-2026-44640 — NanoMQ: QUIC Dialer Close Type Confusion

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to 0.24.14, aio->prov_data is stored as nni_quic_conn* during dialing, but read as ex_quic_conn* during dialer close. This …

nanomq | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
7.5 HIGH
CVE-2026-44422 — FreeRDP RDPEAR NDR ref-id aliasing causes client-side UAF/double-free and type confusion

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without track…

freerdp | Remote | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
8.8 HIGH
CVE-2026-44421 — FreeRDP RDPGFX CacheToSurface heap-buffer-overflow via clamped-rectangle validation bypass

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs.…

freerdp | Remote | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
8.8 HIGH
CVE-2026-44420 — FreeRDP cliprdr server heap-buffer-overflow via undersized capabilitySetLength in CB_CLIP…

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel …

freerdp | Remote | Memory Corruption
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
6.3 MEDIUM
CVE-2026-44287 — FastGPT: sandbox escape to RCE - code-sandbox regex /\bimport\s*\(/ is bypassable

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import() with the regex /\bimport\s*\(/.t…

fastgpt | Remote | Injection
May 29, 2026 May 29, 2026
May 29, 2026
May 29, 2026
Showing 20 of 6963 Results