Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.6 MEDIUM
CVE-2026-58555 — Card Module Permission Bypass Vulnerability

Permission bypass vulnerability in the card module. Impact: Successful exploitation of this vulnerability may affect availability.

harmonyos | Authorization
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.6 MEDIUM
CVE-2026-58554 — Settings Module Broken Access Control

Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

emui harmonyos | Authorization
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
4.0 MEDIUM
CVE-2026-58553 — Image Codec Module Out-of-Bounds Read Vulnerability

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

harmonyos | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
5.1 MEDIUM
CVE-2026-58552 — Image Codec Module Out-of-Bounds Read Vulnerability

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

harmonyos | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
5.1 MEDIUM
CVE-2026-58551 — Image Codec Module Out-of-Bounds Read Vulnerability

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

harmonyos | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
4.0 MEDIUM
CVE-2026-58550 — Image Codec Module Out-of-Bounds Read Vulnerability

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

harmonyos | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
4.0 MEDIUM
CVE-2026-58549 — Image Codec Out-of-Bounds Read Vulnerability

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

harmonyos | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
5.3 MEDIUM
CVE-2026-46459 — Missing Authorization in ICU Scandinavia Boomerang

ICU Scandinavia Boomerang is vulnerable to a missing authentication flaw in its device receiver endpoints. This allows an unauthenticated remote attacker to read full facility configurations and writ…

| Authentication
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
7.1 HIGH
CVE-2026-46458 — Credential exposure in ICU Scandinavia Boomerang

ICU Scandinavia Boomerang is vulnerable to an information disclosure flaw where sensitive credential files are exposed via static HTTP. This allows an unauthenticated remote attacker to retrieve plai…

| Information Disclosure
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
7.8 HIGH
CVE-2026-15809 — Github.com/cri-o/cri-o: fix bypass for cve-2022-4318 — /etc/passwd injection via home env

A flaw was found in CRI-O. The fix for a previous vulnerability (CVE-2022-4318) was incorrect, allowing it to be bypassed. An attacker capable of setting environment variables on a container can inje…

Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.1 MEDIUM
CVE-2026-15779 — Samba-winbind: samba: pam_winbind mkhomedir chowns critical system paths without validati…

A flaw was found in samba's pam_winbind. When mkhomedir is enabled, pam_winbind chowns the target account's home directory without validating the path is not a critical system directory such as /. On…

Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
8.1 HIGH
CVE-2026-61873 — Grav before 9.1.8 Arbitrary File Write via Twig-Processed Filename

Grav before 9.1.8 contains an arbitrary file write vulnerability in the Form plugin's process.save.filename parameter, which is validated against path traversal before Twig processing but never re-va…

grav | Remote | Path Traversal
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
2.5 LOW
CVE-2026-61872 — ImageMagick before 7.1.2-26 Memory Leak via TIFF Encoder

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the TIFF encoder when an invalid tiff:tile-geometry is specified. Supplying malformed tile geometry parameters causes allocated mem…

| Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.3 MEDIUM
CVE-2026-61871 — ImageMagick before 7.1.2-26 Memory Leak in ICON decoder

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the ICON decoder that occurs when a memory allocation fails. Processing a crafted ICON file that triggers an allocation failure lea…

Remote | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
2.9 LOW
CVE-2026-61869 — ImageMagick before 7.1.2-26 Memory Leak in MIFF Encoder

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the MIFF encoder that occurs when a memory allocation fails during MIFF image processing, which can lead to denial of service.

| Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
6.3 MEDIUM
CVE-2026-61868 — ImageMagick before 7.1.2-26 Memory Leak in YUV Decoder

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion (denia…

Remote | Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
2.9 LOW
CVE-2026-61867 — ImageMagick before 7.1.2-26 Memory Leak in TIFF Encoder

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the TIFF encoder when memory allocation fails. Attackers can trigger allocation failures during TIFF image processing to cause memo…

| Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
2.9 LOW
CVE-2026-61866 — ImageMagick before 7.1.2-26 Memory Leak in JNG encoder

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the JNG encoder when a blob cannot be opened. Attackers can trigger the memory leak by providing malformed JNG files that fail blob…

| Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
2.9 LOW
CVE-2026-61865 — ImageMagick before 7.1.2-26 Memory Leak in Hough Lines

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the hough lines operation: when a specific operation fails, a small memory leak occurs.

| Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
2.9 LOW
CVE-2026-61864 — ImageMagick before 7.1.2-26 Memory Leak in Log Colorspace

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in color transformation to the log colorspace: when the operation fails, a small amount of memory is not released.

| Memory Corruption
Jul 15, 2026 Jul 15, 2026
Jul 15, 2026
Jul 15, 2026
Showing 20 of 8438 Results