Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.2 MEDIUM
CVE-2026-47905 — CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust s…

| Denial of Service
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
6.2 MEDIUM
CVE-2026-47904 — CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust s…

| Denial of Service
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
6.2 MEDIUM
CVE-2026-47903 — CAI Content Credentials | Improper Input Validation (CWE-20)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the applica…

| Denial of Service
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
6.2 MEDIUM
CVE-2026-47902 — CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust s…

| Denial of Service
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.5 HIGH
CVE-2026-34713 — CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust s…

Remote | Denial of Service
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.5 HIGH
CVE-2026-34712 — CAI Content Credentials | Improper Input Validation (CWE-20)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the applica…

Remote | Denial of Service
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.5 HIGH
CVE-2026-34711 — CAI Content Credentials | Integer Overflow or Wraparound (CWE-190)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the ap…

Remote | Denial of Service
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
5.5 MEDIUM
CVE-2026-34657 — CAI Content Credentials | Improper Limitation of a Pathname to a Restricted Directory ('P…

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could re…

| Path Traversal
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
6.1 MEDIUM
CVE-2026-34417 — OSCAL-GUI Reflected XSS via project parameter in oscal-forms.php

OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious content through th…

Remote | Cross-Site Scripting
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
6.1 MEDIUM
CVE-2026-25860 — OpenClinic GA 5.351.19 Reflected XSS via DICOM Image Upload Handler

OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embeddi…

Remote | Cross-Site Scripting
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
10.0 CRITICAL
CVE-2026-48303 — Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current…

campaign_classic | Remote | Authorization
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.8 HIGH
CVE-2026-48292 — Format Plugins | Heap-based Buffer Overflow (CWE-122)

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …

format_plugins | Memory Corruption
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.8 HIGH
CVE-2026-48291 — Format Plugins | Heap-based Buffer Overflow (CWE-122)

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …

format_plugins | Memory Corruption
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
5.5 MEDIUM
CVE-2026-47961 — Acrobat Reader | Out-of-bounds Read (CWE-125)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this v…

acrobat_reader | Information Disclosure
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.4 HIGH
CVE-2026-47960 — ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attack…

coldfusion | Remote | XML External Entity
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.8 HIGH
CVE-2026-47959 — Acrobat Reader | Stack-based Buffer Overflow (CWE-121)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current …

acrobat_reader | Memory Corruption
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.8 HIGH
CVE-2026-47955 — Acrobat Reader | Use After Free (CWE-416)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…

acrobat_reader | Memory Corruption
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.8 HIGH
CVE-2026-47952 — Acrobat Reader | Heap-based Buffer Overflow (CWE-122)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current u…

acrobat_reader | Memory Corruption
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
10.0 CRITICAL
CVE-2026-47938 — Adobe Campaign Classic (ACC) | Server-Side Request Forgery (SSRF) (CWE-918)

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in privilege escalation. Exploitation of this i…

campaign_classic | Remote | Server-Side Request Forgery
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
7.4 HIGH
CVE-2026-47937 — Acrobat Reader | Uncontrolled Search Path Element (CWE-427)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the cu…

acrobat_reader | Path Traversal
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
Showing 20 of 7426 Results