Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
CVE-2026-25958
  • github.com/cube-js/cube
 Cube privilege escalation via a specially crafted request 19 hours ago
  • Fix available
  • Severity - 7.7 (High)
CVE-2026-25957
  • github.com/cube-js/cube
 Cube Denial of Service (DoS) - An authenticated attacker can crash the server by sending a specially crafted request 19 hours ago
  • Fix available
  • Severity - 6.5 (Medium)
CVE-2026-25895
  • github.com/frangoteam/fuxa
 FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API 19 hours ago
  • Fix available
  • Severity - 9.5 (Critical)
CVE-2026-25894
  • github.com/frangoteam/fuxa
 FUXA Unauthenticated Remote Code Execution via Hardcoded JWT Secret in Default Configuration 19 hours ago
  • Fix available
  • Severity - 9.5 (Critical)
CVE-2026-25893
  • github.com/frangoteam/fuxa
 FUXA Unauthenticated Remote Code Execution via Admin JWT Minting 19 hours ago
  • Fix available
  • Severity - 10.0 (Critical)
CVE-2026-25951
  • github.com/frangoteam/fuxa
 FUXA has a Path Traversal Sanitization Bypass 19 hours ago
  • Fix available
  • Severity - 8.6 (High)
CVE-2026-25939
  • github.com/frangoteam/fuxa
 FUXA Unauthenticated Remote Arbitrary Scheduler Write 19 hours ago
  • Fix available
  • Severity - 9.3 (Critical)
CVE-2026-25938
  • github.com/frangoteam/fuxa
 FUXA Unauthenticated Remote Code Execution in Node-RED Integration 20 hours ago
  • Fix available
  • Severity - 9.5 (Critical)
CVE-2026-25934
  • github.com/go-git/go-git
 go-git improperly verifies data integrity values for .idx and .pack files 20 hours ago
  • Fix available
  • Severity - 4.3 (Medium)
CVE-2026-25931
  • github.com/streetsidesoftware/vscode-spell-checker
 vscode-spell-checker has a workspace-trust bypass Code Execution 20 hours ago
  • Fix available
  • Severity - 7.8 (High)
CVE-2026-25925
  • github.com/modery/powerdocu
 PowerDocu Affected by Remote Code Execution via Insecure Deserialization 20 hours ago
  • Fix available
  • Severity - 7.8 (High)
CVE-2026-25923
  • github.com/my-little-forum/mylittleforum
 Phar Deserialization leading to Arbitrary File Deletion in my little forum 20 hours ago
  • Fix available
  • Severity - 8.7 (High)
CVE-2026-25807
  • github.com/taklaxbr/zai-shell
 Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell 20 hours ago
  • Fix available
  • Severity - 8.8 (High)
CVE-2026-25920
  • github.com/sumatrapdfreader/sumatrapdf
 SumatraPDF has a heap out-of-bounds read in MOBI HuffDic decompressor 20 hours ago
  • No fix available
  • Severity - 5.5 (Medium)
CVE-2026-25918
  • github.com/rageagainstthepixel/unity-cli
 unity-cli Exposes Plaintext Credentials in Debug Logs (sign-package command) 20 hours ago
  • Fix available
  • Severity - 5.9 (Medium)
CVE-2026-25892
  • github.com/vrana/adminer
 Adminer has an Unauthenticated Persistent DoS via Array Injection in ?script=version Endpoint 20 hours ago
  • Fix available
  • Severity - 7.5 (High)
Load more...