Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.8 CRITICAL
CVE-2026-54133 — jmespath.php has CompilerRuntime code injection via unescaped function names

jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP applications with PHP data structures. Versions prior to 2.9.1 ca…

Remote | Injection
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
9.8 CRITICAL
CVE-2026-53787 — Amasty Order Attributes for Magento 2 < 4.0.0 Unauthenticated Arbitrary File Upload

Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary file upload vulnerability that allows unauthenticated attackers to write arbitrary files to the store'…

Remote | Misconfiguration
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.1 MEDIUM
CVE-2026-53722 — Nuxt: Reflected XSS in `<NuxtLink>` via unsanitised `javascript:` or `data:` URL

Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, <NuxtLink> did not validate the URL scheme of values bound to its to or href props before rendering th…

nuxt | Remote | Cross-Site Scripting
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
8.8 HIGH
CVE-2026-53721 — Nuxt: Route-rule middleware bypass via case-sensitivity mismatch between vue-router and t…

Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch bet…

nuxt | Remote | Authorization
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
6.9 MEDIUM
CVE-2026-47739 — Frappe: Stored XSS in Note

Frappe is a full-stack web application framework. Prior to versions 15.106.0 and 16.16.0, stored XSS in Note was possible due to lack of sanitization. This issue has been patched in versions 15.106.0…

frappe | Remote | Cross-Site Scripting
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
5.3 MEDIUM
CVE-2026-47244 — Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, DefaultHttp2Connection.DefaultEndpoint initialises maxActiv…

netty | Remote | Denial of Service
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
9.8 CRITICAL
CVE-2026-47210 — vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, a sandbox escape vulnerability in vm2 allows arbitrary code execution in the host process when untrusted code is executed with a…

vm2 | Remote | Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
8.6 HIGH
CVE-2026-47209 — vm2: Bridge Proxy set trap ignores receiver parameter, enabling host object property inje…

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the BaseHandler.set trap in bridge.js (line 1231) ignores the receiver parameter and unconditionally writes to the host target o…

vm2 | Remote | Misconfiguration
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
10.0 CRITICAL
CVE-2026-47208 — vm2: Sandbox Breakout Using Promise Species

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and…

vm2 | Remote | Injection
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
6.9 MEDIUM
CVE-2026-47141 — vm2: NodeVM observability builtins leak host process and HTTP request data

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM exposes some process-wide observability builtins when they are allowed through require.builtin. The diagnostics_channel, …

vm2 | Remote | Information Disclosure
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
10.0 CRITICAL
CVE-2026-47140 — vm2: NodeVM builtin denylist bypass via process and inspector/promises allows host code e…

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM blocks several dangerous Node.js builtins such as module, worker_threads, cluster, vm, repl, and inspector. However, the …

vm2 | Remote | Injection
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
8.6 HIGH
CVE-2026-47139 — vm2: NodeVM network builtin exclusions bypass via internal _http_client and _http_server

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to htt…

vm2 | Remote | Misconfiguration
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
10.0 CRITICAL
CVE-2026-47137 — vm2: GHSA-8hg8-63c5-gwmx patch bypass: nesting:true without explicit require still allows…

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in nodevm.js line 263 that blocks the combination nesting: t…

vm2 | Remote | Misconfiguration
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
8.7 HIGH
CVE-2026-47135 — vm2: Sandbox escape via unblocked cross-realm Symbol.for keys + missing bridge write-trap…

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, Symbol.for override in setup-sandbox.js only intercepts 2 of 9 dangerous Node.js cross-realm symbols. Combined with the bridge's…

vm2 | Remote | Misconfiguration
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
10.0 CRITICAL
CVE-2026-47131 — vm2: Sandbox Escape

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, by combining Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__"), Buffer.call.call({}.__lookupSetter__, Buffer, "__proto_…

vm2 | Remote | Memory Corruption
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.5 HIGH
CVE-2026-46340 — Netty: SCTP reassembly nests buffers without bound

Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and 4.2.15.Final, for each non-complete SctpMessag…

netty | Remote | Denial of Service
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
8.7 HIGH
CVE-2026-45674 — Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin (bai…

netty | Remote | Information Disclosure
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
6.8 MEDIUM
CVE-2026-45673 — Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating…

netty | Remote | Misconfiguration
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
4.0 MEDIUM
CVE-2026-45536 — Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, netty_unix_socket_recvFd sets msg_control to `char control[…

netty | Denial of Service
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
7.5 HIGH
CVE-2026-45416 — Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode() reads the 24-bit TLS handsha…

netty | Remote | Denial of Service
Jun 12, 2026 Jun 12, 2026
Jun 12, 2026
Jun 12, 2026
Showing 20 of 6966 Results