Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-44736 — OpenProject: Relations API Filter Bypasses Visibility Scope, Leaking Cross-Project Work P…

OpenProject is open-source, web-based project management software. Prior to 17.4.0, the GET /api/v3/relations endpoint allows any authenticated user to retrieve relations — and the subject (title) of…

openproject | Remote | Authorization
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
6.5 MEDIUM
CVE-2026-44735 — OpenProject: Shares API Information Disclosure

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the GET /api/v3/shares endpoint returns share details for ALL work packages in a project to any user wit…

openproject | Remote | Authorization
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
6.5 MEDIUM
CVE-2026-44734 — OpenProject: Improper Access Control on OpenProject through the POST request to /projects…

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, a Missing Authorization vulnerability exists in OpenProject's CostReportsController. The rename and upda…

openproject | Remote | Authorization
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
5.9 MEDIUM
CVE-2026-44733 — OpenProject: Business Logic Error on OpenProject through PATCH request to /api/v3/users/m…

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password…

openproject | Remote | Authentication
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
4.3 MEDIUM
CVE-2026-44732 — OpenProject: IDOR on OpenProject through /api/v3/documents/{id} via PATCH parameter "proj…

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, OpenProject exposes a document update endpoint used to modify existing documents. The target document is…

openproject | Remote | Authorization
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
4.3 MEDIUM
CVE-2026-44731 — OpenProject: Improper Access Control on OpenProject through /projects/[projectName]/meeti…

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the web application's meetings filter feature leaks whether a given user ID corresponds to a valid accou…

openproject | Remote | Information Disclosure
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
5.7 MEDIUM
CVE-2026-44696 — OpenProject: Stored CSS injection via Sanitize::Config::RELAXED[:css] enables phishing ov…

OpenProject is open-source, web-based project management software. Prior to 17.4.0, OpenProject's rich text (markdown) rendering pipeline uses Sanitize::Config::RELAXED[:css] for inline style sanitiz…

openproject | Remote | Cross-Site Scripting
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
8.8 HIGH
CVE-2026-32833 — Cudy LT300 3.0 OS Command Injection via NTP Configuration

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharact…

Remote | Injection
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
5.4 MEDIUM
CVE-2026-29509 — Patool < 4.0.5 Path Traversal via safe_extract() Function

Patool before 4.0.5 contains a path traversal vulnerability in the safe_extract() function in patoolib/programs/py_tarfile.py when running on Python before 3.12, where the is_within_directory() helpe…

Remote | Path Traversal
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
5.9 MEDIUM
CVE-2026-54753 — Nx: `nx graph` dev server permissive CORS policy

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: * on every res…

Remote | Information Disclosure
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
5.9 MEDIUM
CVE-2026-48090 — Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash …

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter (envoy.filters.http.oauth2) can leave an in-flight a…

envoy | Remote | Memory Corruption
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
7.5 HIGH
CVE-2026-47220 — Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SERVER_NAME(X:Y)% is used in log format and host relate…

envoy | Remote | Denial of Service
Jun 26, 2026 Jun 30, 2026
Jun 26, 2026
Jun 30, 2026
5.9 MEDIUM
CVE-2026-47205 — Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free (UAF) vulnerability leading to a sudden segmentat…

envoy | Remote | Memory Corruption
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
7.2 HIGH
CVE-2026-13372 — Devolutions Remote Desktop Manager PowerShell Script Execution via Display Name Collision

Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a …

remote_desktop_manager | Remote | Authorization
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
8.6 HIGH
CVE-2026-56876 — extract-zip unvalidated symlink path traversal

extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relative path like '../../../../etc/passwd', extract-zip w…

extract-zip | Remote | Path Traversal
Jun 26, 2026 Jun 30, 2026
Jun 26, 2026
Jun 30, 2026
6.3 MEDIUM
CVE-2026-55448 — mise: Local credential_command executes untrusted config

mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credential_command from local project config before any trust decision, then executes …

mise | Misconfiguration
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
8.6 HIGH
CVE-2026-55441 — mise: Arbitrary command execution via task-include files in an untrusted, config-less rep…

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files (mise.toml, .tool-versions) through trust_check, but task-include files are …

mise | Misconfiguration
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
5.5 MEDIUM
CVE-2026-54557 — mise HTTP backend uses raw version path for install symlink destination

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.1, the mise HTTP backend builds its install symlink destination from the raw resolved version string for non-latest ver…

mise | Path Traversal
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
7.5 HIGH
CVE-2026-54341 — Dragonfly: RESTORE operations may crash the server

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds read in DragonflyDB's listpack collection loaders, cr…

dragonfly | Remote | Denial of Service
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
7.5 HIGH
CVE-2026-48743 — Envoy: HTTP/3 to HTTP/1 request smuggling via headers-only request with nonzero Content-L…

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete a…

envoy | Remote | Denial of Service
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
Showing 20 of 7983 Results