Latest CVE Vulnerabilities

4.3 MEDIUM

CVE-2026-8830 — Keycloak: org.keycloak/keycloak-services: keycloak: policy bypass during webauthn credent…

A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side …

Remote | Authentication

May 19, 2026 May 19, 2026

May 19, 2026

0.0 NA

CVE-2025-15609 — Fortis For WooCommerce < 1.3.1 - Sensitive API Key Disclosure

The Fortis for WooCommerce WordPress plugin before 1.3.1 may leak sensitive API keys to unauthenticated attackers, allowing them to query Fortis' API and retrieve sensitive customer information, like…

| Information Disclosure

May 19, 2026 May 19, 2026

May 19, 2026

5.5 MEDIUM

CVE-2026-47308 — Samsung Open Source Walrus NULL Pointer Dereference Vulnerability

NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9.

| Memory Corruption

May 19, 2026 May 19, 2026

May 19, 2026

5.3 MEDIUM

CVE-2026-32994 — Slack API Autotranslate Message ID Information Disclosure Vulnerability

The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content of any…

Remote | Authorization

May 19, 2026 May 19, 2026

May 19, 2026

0.0 NA

CVE-2026-8814 — ExifReader PNG zTXt Data Amplification Vulnerability

Versions of the package exifreader before 4.39.0 are vulnerable to Improper Handling of Highly Compressed Data (Data Amplification) due to decompressing PNG zTXt metadata without enforcing a built-in…

| Denial of Service

May 19, 2026 May 19, 2026

May 19, 2026

0.0 NA

CVE-2026-8813 — Apache ExifReader ICC mluc Tag Buffer Overflow Vulnerability

This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing,…

| Denial of Service

May 19, 2026 May 19, 2026

May 19, 2026

7.8 HIGH

CVE-2026-47311 — Samsung Open Source Escargot Heap Buffer Overflow

Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

| Memory Corruption

May 19, 2026 May 19, 2026

May 19, 2026

7.8 HIGH

CVE-2026-47310 — Samsung Escargot After Free Pointer Manipulation

Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

| Memory Corruption

May 19, 2026 May 19, 2026

May 19, 2026

5.5 MEDIUM

CVE-2026-47309 — Samsung Open Source Escargot Uncontrolled Recursion Deserialization Vulnerability

Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Oversized Serialized Data Payloads. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

| Denial of Service

May 19, 2026 May 19, 2026

May 19, 2026

5.5 MEDIUM

CVE-2026-47307 — Samsung Open Source Walrus Null Pointer Dereference Denial of Service Vulnerability

NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause a denial of service via a crafted WebAssembly module containing deeply nested instructions. This issu…

| Memory Corruption

May 19, 2026 May 19, 2026

May 19, 2026

3.3 LOW

CVE-2026-33565 — kernel_linux_common_modules has a Race Condition vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

| Denial of Service

May 19, 2026 May 19, 2026

May 19, 2026

3.3 LOW

CVE-2026-28751 — filemanagement_storage_service has an improper input validation vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

| Denial of Service

May 19, 2026 May 19, 2026

May 19, 2026

6.5 MEDIUM

CVE-2026-28733 — filemanagement_storage_service has an use after free vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution.

| Memory Corruption

May 19, 2026 May 19, 2026

May 19, 2026

3.3 LOW

CVE-2026-27781 — kernel_liteos_a has an integer overflow vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

| Denial of Service

May 19, 2026 May 19, 2026

May 19, 2026

5.5 MEDIUM

CVE-2026-27766 — multimedia_audio_framework has a Race Condition vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak.

| Information Disclosure

May 19, 2026 May 19, 2026

May 19, 2026

8.8 HIGH

CVE-2026-27648 — web_webview has an out-of-bounds write vulnerability

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

Remote | Injection

May 19, 2026 May 19, 2026

May 19, 2026

5.5 MEDIUM

CVE-2026-25850 — filemanagement_storage_service has an improper preservation of permissions vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak

| Information Disclosure

May 19, 2026 May 19, 2026

May 19, 2026

8.4 HIGH

CVE-2026-25781 — kernel_liteos_a has an out-of-bounds write vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.

| Denial of Service

May 19, 2026 May 19, 2026

May 19, 2026

3.3 LOW

CVE-2026-25110 — Sensors_medical_sensor has a NULL pointer dereference vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

| Denial of Service

May 19, 2026 May 19, 2026

May 19, 2026

8.1 HIGH

CVE-2026-24792 — web_webview has a Race Condition vulnerability

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

Remote | Memory Corruption

May 19, 2026 May 19, 2026

May 19, 2026

Browse by Apps

Latest CVE Feed

Cookie Preferences