Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.1 MEDIUM
CVE-2026-33213 — Redash: Open redirect vulnerability in post-login redirect handling

Redash is a package for data visualization and sharing. From 5.0.2 to 26.3.0, the get_next_path() function in Redash's authentication module stripped the scheme and netloc from user-supplied next par…

Remote | Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-45805 — Penpot: MCP REPL server binds to 0.0.0.0 with unauthenticated /execute endpoint — RCE

Penpot is an open-source design tool for design and code collaboration. Prior to 2.15.0, Penpot MCP's mcp/packages/server/src/ReplServer.ts bound the ReplServer to 0.0.0.0:4403 and exposed an unauthe…

| Injection
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-44986 — Penpot: Pre-authenticated account takeover via team-invitation token + prepare-register-p…

Penpot is an open-source design tool for design and code collaboration. Prior to 2.14.5, Penpot exposed teams_invitations.clj invitation tokens from create-team-invitations, embedded an existing prof…

| Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-45806 — Penpot: Authenticated SSRF in remote image import via create-file-media-object-from-url

Penpot is an open-source design tool for design and code collaboration. Prior to 2.15.0, Penpot's remote image import passed the user-controlled url from frontend/src/app/main/data/workspace/media.cl…

| Server-Side Request Forgery
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
8.8 HIGH
CVE-2026-60005 — NGINX ngx_http_slice_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_module module. When the slice directive and unnamed regex captures are configured or when a background cache update happens…

nginx_plus nginx_open_source | Remote | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-47160 — Vaultwarden: Server-side request forgery (SSRF) via Icon Endpoint Decimal/Hex/Octal IP By…

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's /icons/{domain}/icon.png endpoint used src/http_client.rs checks including should_block_address() and post…

vaultwarden | Server-Side Request Forgery
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-47164 — Vaultwarden: SSO Email Auto-Link Can Bind an Existing Local Account to an Attacker-Contro…

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO login flow checked the IdP email_verified claim only for new-user creation and not when SSO_SIGNUPS_MA…

vaultwarden | Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-47159 — Vaultwarden: Authentication Flow Information Disclosure in SSO Discovery Allows Organizat…

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO discovery and pre-validation flow returned organization-related SSO metadata including organizationIde…

vaultwarden | Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-47158 — Vaultwarden: CSRF in SSO Authorization Flow

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initia…

vaultwarden | Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-46709 — Tabby: Drag-and-drop path injection still allows RCE via shell command substitution (inco…

Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing…

| Injection
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-41580 — Stirling-PDF: Reflected XSS through crafted PDF metadata fields (Title and Author)

Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. Prior to 2.0.0, Stirling-PDF's /get-info-on-pdf endpoint rendered PDF Title and Author metadata fiel…

| Cross-Site Scripting
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
0.0 NA
CVE-2026-61828 — nixos/mysql : `services.mysql` is configured with insecure authentication by default when…

Nixpkgs is a collection of software packages that can be installed with the Nix package manager. Prior to the 25.11 and 26.05 channel fixes, the NixOS module for MySQL services.mysql initializes the …

| Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
5.9 MEDIUM
CVE-2026-59838 — Fortinet FortiSIEM Cross-Site Scripting Vulnerability

A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.2.0 through 7.2.6, FortiSIEM 7.1 …

fortisiem | Remote | Cross-Site Scripting
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
9.1 CRITICAL
CVE-2026-43637 — Cornac < 2.6.0 Path Traversal via _extract_archive() in download.py

Cornac before 2.6.0 contains a path traversal (Tar Slip) vulnerability that allows attackers to write arbitrary files outside the intended cache directory by supplying a crafted TAR archive containin…

Remote | Path Traversal
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.5 MEDIUM
CVE-2026-58559 — Vibration Service Denial of Service Vulnerability

DoS vulnerability in the vibration service. Impact: Successful exploitation of this vulnerability may affect availability.

emui | Remote | Denial of Service
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
7.8 HIGH
CVE-2026-58558 — File System Permission Control Vulnerability

Permission control vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

emui | Authorization
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
4.8 MEDIUM
CVE-2026-58557 — Expedition Mode Design Defect Denial of Service

Design defect vulnerability in Expedition mode. Impact: Successful exploitation of this vulnerability may affect availability.

harmonyos | Denial of Service
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
5.1 MEDIUM
CVE-2026-58556 — Bluetooth Module Improper Authorization Vulnerability

Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vulnerability may affect availability.

emui | Authorization
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.6 MEDIUM
CVE-2026-58555 — Card Module Permission Bypass Vulnerability

Permission bypass vulnerability in the card module. Impact: Successful exploitation of this vulnerability may affect availability.

harmonyos | Authorization
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.6 MEDIUM
CVE-2026-58554 — Settings Module Broken Access Control

Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

emui harmonyos | Authorization
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
Showing 20 of 8424 Results