Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.5 HIGH
CVE-2026-48706 — Envoy Heap Buffer Overflow in TcpStatsdSink

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink (TcpSta…

envoy | Remote | Memory Corruption
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
7.5 HIGH
CVE-2026-48497 — Envoy: Abnormal process termination in DNS UDP filter

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution …

envoy | Remote | Denial of Service
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
7.5 HIGH
CVE-2026-48044 — Envoy Zstd Decompressor: Ratio Check at Wrong Loop Depth lead to memory explosion

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability has been identified in Envoy's zstd deco…

envoy | Remote | Denial of Service
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
7.5 HIGH
CVE-2026-48042 — Envoy: Stack overflow in destructor of highly nested JSON

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow when deeply O(…

envoy | Remote | Denial of Service
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
4.4 MEDIUM
CVE-2026-47778 — Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (…

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySu…

envoy | Remote | Misconfiguration
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
6.8 MEDIUM
CVE-2026-47775 — Envoy OAuth2 Filter: Padding Oracle via AES-256-CBC Cookie Decryption

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt()/decrypt() functions use AES-256…

envoy | Remote | Cryptography
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
4.8 MEDIUM
CVE-2026-47692 — Envoy: PROXY Protocol v2 header generator emits "skipped" TLVs, causing 65 KB attacker-co…

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY Protocol v2 header generator emits TLVs beyond the …

envoy | Injection
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
7.5 HIGH
CVE-2026-47221 — Envoy: Null pointer deref in internal redirects

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vul…

envoy | Remote | Denial of Service
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
6.5 MEDIUM
CVE-2026-47207 — Envoy crashes if multiple unexpected ext_proc responses are packed into one gRPC message

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an ext_proc server sends a single gRPC m…

envoy | Remote | Memory Corruption
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
2.3 LOW
CVE-2026-47206 — Dragonfly: RESP Protocol Injection via Lua redis.error_reply() in EvalSerializer

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.9, Dragonfly has a RESP Protocol Injection via Lua redis.error_reply() in EvalSerializer. An authenticated u…

dragonfly | Remote | Injection
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
7.5 HIGH
CVE-2026-47204 — Envoy: grpc_stats filter segfault on Connect protocol requests to direct_response routes

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the envoy.filters.http.grpc_stats filter crashes (null po…

envoy | Remote | Denial of Service
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
9.6 CRITICAL
CVE-2026-33646 — mise: Arbitrary Code Execution via Tera Templates in .tool-versions Files (Trust Bypass)

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.3.10, mise processes .tool-versions files through the Tera template engine during parsing, with the exec() function regis…

mise | Remote | Misconfiguration
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
8.8 HIGH
CVE-2026-57518 — Pagekit CMS 1.0.18 Privilege Escalation via UserApiController

Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to escalate privileges by assigning arbitrary custom roles to…

pagekit | Remote | Authorization
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
7.5 HIGH
CVE-2026-57231 — Podman: Malformed Image can trick podman run into leaking host environment variables into…

Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that v…

podman | Remote | Misconfiguration
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
5.4 MEDIUM
CVE-2026-56823 — AutoGPT: IDOR in Webhook Ping Endpoint Allows Enumeration and Cross-User Ping Triggering

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to , the `POST /api/integrations/webhooks/{webhook_id}/ping` endpoint …

autogpt_platform | Remote | Authorization
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
8.5 HIGH
CVE-2026-56663 — AutoGPT: SSRF-to-RCE Chain in `SendWebRequestBlock` via IP validation bypass and internal…

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP prot…

autogpt_platform | Remote | Server-Side Request Forgery
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
5.3 MEDIUM
CVE-2026-55686 — Podman: WORKDIR symlink traversal vulnerability

Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership…

podman | Remote
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
7.5 HIGH
CVE-2026-55677 — Echo: Encoded slash (%2F) bypasses route-level protection and exposes static files

Echo is a Go web framework. Prior to 4.15.3 and 5.2.0, Echo's router and static file handler disagree on URL path decoding. The router matches routes using the raw encoded path (preserving %2F as-is)…

echo | Remote | Authorization
Jun 26, 2026 Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
9.9 CRITICAL
CVE-2026-54636 — Dokku: OS Command Injection via app.json managed Cron

Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special she…

dokku | Remote | Injection
Jun 26, 2026 Jun 29, 2026
Jun 26, 2026
Jun 29, 2026
6.0 MEDIUM
CVE-2026-48529 — GitHub MCP Server: Lockdown mode singleton in HTTP server causes cross-user GraphQL clien…

GitHub MCP Server is GitHub's official MCP Server. From 0.22.0 until 1.1.2, when running in HTTP mode with --lockdown-mode enabled, the RepoAccessCache is implemented as a process-global singleton in…

Remote | Authentication
Jun 26, 2026 Jun 27, 2026
Jun 26, 2026
Jun 27, 2026
Showing 20 of 7983 Results