Filter and search through 392,598 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-24739 | ### Summary The Symfony Process component did not correctly treat some characters (notably `=`) as “special” when escaping arguments on Windows. When ... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2026-24738 | # Unbounded TLV length in ReadFile can cause Denial of Service ## Summary A Denial of Service vulnerability was identified in `ReadFile()` where unb... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-24736 | Squidex is an open source headless content management system and content management hub. Versions of the application up to and including 7.21.0 allow ... | 9.1 | 566 | Neutral | No | No |
| CVE-2026-24688 | ### Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. ... | 0.0 | 0 | Neutral | Yes | Yes |
| CVE-2026-24686 | # Security Vulnerability: Path Traversal in TAP 4 Multirepo Client ## Summary go-tuf's TAP 4 Multirepo Client uses the map file repository name stri... | 4.7 | 226 | Neutral | No | Yes |
| CVE-2026-24685 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24656 | Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter Log Socket Collector exposes port 4560 without authentication.... | 3.7 | 231 | Neutral | No | Yes |
| CVE-2026-24649 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24648 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24647 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24646 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24645 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24644 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24643 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24642 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-24636 | Missing Authorization vulnerability in Syed Balkhi Sugar Calendar (Lite) sugar-calendar-lite allows Exploiting Incorrectly Configured Access Control S... | 4.3 | 163 | Neutral | No | Yes |
| CVE-2026-24635 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DevsBlink EduBlink Core edubl... | 7.5 | 379 | Neutral | No | Yes |
| CVE-2026-24634 | Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Exploiting Incorrectly Configure... | 5.3 | 145 | Neutral | No | Yes |
| CVE-2026-24633 | Missing Authorization vulnerability in Passionate Brains Add Expires Headers & Optimized Minify add-expires-headers allows Exploiting Incorrectly Conf... | 5.3 | 188 | Neutral | No | Yes |
| CVE-2026-24632 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jagdish1o1 Delay Redirects delay-redirects allow... | 5.9 | 245 | Neutral | No | Yes |