Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.3 MEDIUM
CVE-2026-58214 — NATS Server: MQTT subscribe ACL bypass via $MQTT.deliver.pubrel prefix (incomplete fix fo…

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an authenticated MQTT client could subscribe to the internal $MQTT.deliv…

Remote | Authorization
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
7.1 HIGH
CVE-2026-58213 — NATS Server: MQTT SUBSCRIBE Protocol Injection via Leaf Node/Route Forwarding allows arbi…

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.1 and 2.12.9, an MQTT client could include protocol control characters in subscription …

Remote | Injection
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
7.5 HIGH
CVE-2026-58210 — NATS Server: MQTT partial CONNECT packets can exhaust pre-auth memory

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an unauthenticated MQTT client could cause the server to retain large in…

Remote | Denial of Service
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
4.3 MEDIUM
CVE-2026-58209 — NATS Server: MQTT retained and QoS replay bypass subscribe deny filters

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, MQTT retained message delivery and QoS1+ durable replay could deliver me…

Remote | Authorization
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
7.5 HIGH
CVE-2026-55760 — handlebars.java FileTemplateLoader Path Traversal

Handlebars.java provides logic-less and semantic Mustache templates with Java. Prior to 4.5.2, applications that pass user-controlled input to Handlebars.compile() using FileTemplateLoader or ClassPa…

Remote | Path Traversal
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
8.2 HIGH
CVE-2026-55575 — LiquidJS: `pop` filter bypasses `memoryLimit` accounting that its array-filter siblings e…

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.27.1, the pop array filter at src/filters/array.ts allocated a full clone of its input array via [...to…

Remote | Denial of Service
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
7.5 HIGH
CVE-2026-55404 — yt-dlp: Downstream command injection via improper sanitization of yt-dlp --write-link out…

yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to 2026.7.4, the --write-link, --write-url-link, and --write-desktop-link options can write .url or .desktop shortcut files using…

Remote | Injection
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
4.8 MEDIUM
CVE-2026-53624 — Fiber: HSTS header never set in helmet middleware due to incorrect protocol check

Fiber is an Express inspired web framework written in Go. Prior to 3.4.0, the helmet middleware in middleware/helmet/helmet.go never sets the Strict-Transport-Security response header even when HSTSM…

fiber | Remote | Misconfiguration
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
5.3 MEDIUM
CVE-2026-45045 — Fiber: X-Real-IP Spoofing via Header.Add() in BalancerForward

Fiber is an Express inspired web framework written in Go. Prior to 3.3.0 and 2.52.14, the BalancerForward proxy helper in middleware/proxy/proxy.go uses Header.Add() instead of Header.Set() when inje…

fiber | Remote | Injection
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
5.5 MEDIUM
CVE-2026-44512 — ONNX: Null Pointer Dereference in Upsample Version Converter Adapter (Zero Inputs)

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.version_converter.convert_version() can dereference a null pointer in Ups…

| Denial of Service
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
5.3 MEDIUM
CVE-2026-44332 — Fiber: Username Enumeration via Timing Oracle in BasicAuth Default Authorizer

Fiber is an Express inspired web framework written in Go. Prior to 3.3.0, the default Authorizer function in the BasicAuth middleware in middleware/basicauth/config.go uses short-circuit evaluation t…

fiber | Remote | Authentication
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
0.0 NA
CVE-2026-36028 — Code 27 Companion Hub Kiosk Mode Bypass

A protection mechanism failure in the Code 27 Companion Hub allows an attacker with physical access to completely bypass kiosk restrictions via a factory reset

| Authentication
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
6.8 MEDIUM
CVE-2026-36027 — Code27 Companion Hub Arbitrary Code Execution

An issue in Code27 Companion Hub SQ3A.220705.003.A1 allows a physically proximate attacker to execute arbitrary code via the USB debugging (ADB) and Android Debug Bridge components

| Authentication
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
6.5 MEDIUM
CVE-2026-15154 — Guardrails-detectors: guardrails-detectors: unauthenticated regular-expression denial of …

A flaw was found in `guardrails-detectors`, a component of Red Hat OpenShift AI. This vulnerability, known as Regular Expression Denial of Service (ReDoS), allows a remote attacker to provide special…

openshift_ai | Denial of Service
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
8.7 HIGH
CVE-2026-14891 — Nomad vulnerable to sandbox escape in Docker task driver

HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into a container even when volume bind mount…

nomad | Path Traversal
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
7.7 HIGH
CVE-2026-14373 — Nomad Docker driver Linux host namespace bypass

HashiCorp Nomad and Nomad Enterprise did not enforce the allow_privileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a …

nomad | Misconfiguration
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
4.7 MEDIUM
CVE-2026-14361 — Consul-template is vulnerable to path redirection in writeToFile through symlink attack

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended direct…

| Path Traversal
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
6.9 MEDIUM
CVE-2026-59938 — pypdf: Possible large memory usage for wrong image dimensions

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing larg…

Remote | Denial of Service
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
6.9 MEDIUM
CVE-2026-59937 — pypdf: Possible long runtimes for repeated malformed cross-reference entries

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recoverin…

Remote | Denial of Service
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
6.1 MEDIUM
CVE-2026-50813 — SQLite Session Extension Information Disclosure

An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension changeset concat/changegroup merge path

| Information Disclosure
Jul 08, 2026 Jul 08, 2026
Jul 08, 2026
Jul 08, 2026
Showing 20 of 7831 Results