CVE-2025-13462
The "tarfile" module would still apply normalization of AREGTYPE (x00) blocks to DIRTYPE,...
CVE-2026-26791
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string...
CVE-2026-26792
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain multiple command injection vulnerabilities in...
CVE-2026-26794
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the add_group()...
CVE-2026-26795
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module...
CVE-2026-28252
A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and...
CVE-2026-28253
A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer...
CVE-2026-28254
A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow...
CVE-2026-28255
A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could...
CVE-2026-28256
A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer...
CVE-2026-31860
Unhead is a document head and template manager. Prior to 2.1.11, useHeadSafe() can be bypassed to inject...
0 CVE-2026-31873
Unhead is a document head and template manager. Prior to 2.1.11, The link.href check in makeTagSafe...
CVE-2026-31890
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes...
5.3 CVE-2026-32100
Shopware is an open commerce platform. /api/_info/config route exposes information about active security...
CVE-2026-32116
Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another....
CVE-2026-32129
soroban-poseidon provides Poseidon and Poseidon2 cryptographic hash functions for Soroban smart contracts....
8.8 CVE-2026-32137
Dataease is an open source data visualization analysis tool. Prior to 2.10.20, The table parameter for...
5.4 CVE-2026-32139
Dataease is an open source data visualization analysis tool. In DataEase 2.10.19 and earlier, the static...
8.8 CVE-2026-32140
Dataease is an open source data visualization analysis tool. Prior to 2.10.20, By controlling the IniFile...
7.5 CVE-2026-32141
flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse() function uses a recursive revive()...
CVE-2026-3841
A command injection vulnerability has been identified in the Telnet command-line interface (CLI) of...