Filter and search through 199,638 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-24336 | Rejected reason: Not used | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-24335 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24334 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-2415 | Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an email template, it will... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24135 | ### Summary A Path Traversal vulnerability exists in the `updateWikiPage` function of Gogs. The vulnerability allows an authenticated user with write ... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-24133 | ### Impact User control of the first argument of the `addImage` method results in Denial of Service. If given the possibility to pass unsanitized im... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24132 | I am reporting a code injection vulnerability in Orval’s mock generation pipeline affecting @orval/mock in both the 7.x and 8.x series. This issue is ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24130 | ### Impact Instances of Moonraker configured with the `ldap` component enabled are vulnerable to LDAP search filter injection techniques via the logi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24124 | ## Summary Dragonfly Manager's Job REST API endpoints lack authentication, allowing unauthenticated attackers to create, query, modify, and delete jo... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24102 | No description available | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-24095 | Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p21, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows users with the "Use WATO" per... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-2406 | No description available | 0.0 | 0 | Low | Yes | No |
| CVE-2026-24058 | ### Impact _What kind of vulnerability is it? Who is impacted?_ This issue impacts every Soft Serve instance. A critical authentication bypass allow... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24055 | Langfuse is an open source large language model engineering platform. In versions 3.146.0 and below, the /api/public/slack/install endpoint initiates ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24054 | Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24050 | Zulip is an open-source team collaboration tool. From 5.0 to before 11.5, some administrative actions on the user profile were susceptible to stored X... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24044 | Element Server Suite Community Edition (ESS Community) deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Comm... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24043 | ### Impact User control of the first argument of the `addMetadata` function allows users to inject arbitrary XML. If given the possibility to pass u... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24040 | ### Impact The addJS method in the jspdf Node.js build utilizes a shared module-scoped variable (text) to store JavaScript content. When used in a co... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24026 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |