Filter and search through 392,438 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-24771 | Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, a Cross-Site Scripting (XSS) vulnerabil... | 4.7 | 111 | Neutral | No |
| No |
| CVE-2026-24770 | RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In version 0.23.1 and possibly earlier versions, the MinerU parser contains a "... | 9.8 | 596 | Neutral | No | No |
| CVE-2026-24765 | ### Overview A vulnerability has been discovered involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exi... | 7.8 | 560 | Neutral | No | Yes |
| CVE-2026-24748 | ### Impact A bug was found with authentication checks on the `GetConfig()` API endpoint. This allowed unauthenticated users to access this endpoint b... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24747 | ### Summary A vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded ... | 8.8 | 708 | Neutral | No | Yes |
| CVE-2026-24741 | ConvertXis a self-hosted online file converter. In versions prior to 0.17.0, the `POST /delete` endpoint uses a user-controlled `filename` value to co... | 8.1 | 484 | Neutral | No | No |
| CVE-2026-24740 | ### Summary A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters (for example, `label=env=dev`) to obtain an inte... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24738 | # Unbounded TLV length in ReadFile can cause Denial of Service ## Summary A Denial of Service vulnerability was identified in `ReadFile()` where unb... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24736 | Squidex is an open source headless content management system and content management hub. Versions of the application up to and including 7.21.0 allow ... | 9.1 | 566 | Neutral | No | No |
| CVE-2026-24688 | ### Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. ... | 0.0 | 0 | Neutral | Yes | Yes |
| CVE-2026-24686 | # Security Vulnerability: Path Traversal in TAP 4 Multirepo Client ## Summary go-tuf's TAP 4 Multirepo Client uses the map file repository name stri... | 4.7 | 226 | Neutral | No | Yes |
| CVE-2026-24656 | Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter Log Socket Collector exposes port 4560 without authentication.... | 3.7 | 231 | Neutral | No | Yes |
| CVE-2026-24649 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24648 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24647 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24646 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24645 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24644 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24643 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24642 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |