19,785 CVEs published in 2026. 0 flagged on the CISA Known Exploited Vulnerabilities catalog. Every guide includes runnable Linux, Windows PowerShell, and Bash remediation commands.
19,785 fix guides from 2026CVE-2026-5646: code-projects Easy Blog Site login.php sql injection in Easy Blog Site. Patch commands and verification.
CVE-2026-5647: code-projects Online Shoe Store Add Product admin_feature.php cross site scripting in Online Shoe Store. Patch commands and v
CVE-2026-5648: bundle sibling of CVE-2026-5255. Same patched build closes both.
CVE-2026-5649 is a sql injection in Code-projects Online Application System for Admission. CVSS 5.3 Medium. Patch commands, mitigations, and
CVE-2026-5650: code-projects Online Application System for Admission oas.sql sensitive information in Online Application System for Admissio
CVE-2026-5653 - CWE-122: Heap-based Buffer Overflow in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-5654 - CWE-121: Stack-based Buffer Overflow in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-5655 - CWE-416: Use After Free in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-5657 - CWE-415: Double Free in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-5659: pytries datrie trie File datrie.pyx Trie.__setstate__ deserialization in datrie. Patch commands and verification.
CVE-2026-5660: bundle sibling of CVE-2026-5620. Same patched build closes both.
CVE-2026-5661 is a free5gc ngsetuprequest denial of service in the vendor Free5GC. CVSS 6.9 Medium. Patch commands, mitigations, and verific
CVE-2026-5663: OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection in DCMTK. Patch commands and verification.
CVE-2026-5665: code-projects Online FIR System Login checklogin.php sql injection in Online FIR System. Patch commands and verification.
CVE-2026-5666: Insecure Storage of Sensitive Information in Online FIR System. Patch commands and verification.
CVE-2026-5668: bundle sibling of CVE-2026-5642. Same patched build closes both.
CVE-2026-5669: bundle sibling of CVE-2026-5642. Same patched build closes both.
CVE-2026-5670: bundle sibling of CVE-2026-5642. Same patched build closes both.
CVE-2026-5671 is a cross site scripting in Cyber-iii Student-Management-System, fixed by the same patch as CVE-2026-5642.
CVE-2026-5672: code-projects Simple IT Discussion Forum Parameter edit-category.php sql injection in Simple IT Discussion Forum. Patch comma
CVE-2026-5673 is a out-of-bounds read in Red Hat Enterprise Linux 10, fixed by the same patch as CVE-2026-4631.
CVE-2026-5675: bundle sibling of CVE-2026-5620. Same patched build closes both.
CVE-2026-5676: Totolink A8000R cstecgi.cgi setLanguageCfg missing authentication in A8000R. Patch commands and verification.
CVE-2026-5677: Totolink A7100RU cstecgi.cgi CsteSystem os command injection in A7100RU. Patch commands and verification.
CVE-2026-5678 is a totolink a7100ru cstecgi.cgi setschedulecfg os command injection in Totolink A7100RU, fixed by the same patch as CVE-2026
CVE-2026-5679 is a totolink a3300r cstecgi.cgi vsettr069cfg os command injection in Totolink A3300R, fixed by the same patch as CVE-2026-517
CVE-2026-5681: itsourcecode sanitize or validate this input Parameter borrowedequip.php sql injection in sanitize or validate this input. Pa
CVE-2026-5682: Meesho Online Shopping App com.meesho.supply endpoint risky encryption in Online Shopping App. Patch commands and verificatio
CVE-2026-5683: Tenda CX12L P2pListFilter fromP2pListFilter stack-based overflow in CX12L. Patch commands and verification.
CVE-2026-5688 is a totolink a7100ru cstecgi.cgi setddnscfg os command injection in Totolink A7100RU, fixed by the same patch as CVE-2026-567
CVE-2026-5689 is a totolink a7100ru cstecgi.cgi setntpcfg os command injection in Totolink A7100RU, fixed by the same patch as CVE-2026-5677
CVE-2026-5690 is a totolink a7100ru cstecgi.cgi setremotecfg os command injection in Totolink A7100RU, fixed by the same patch as CVE-2026-5
CVE-2026-5691 is a totolink a7100ru cstecgi.cgi setfirewalltype os command injection in Totolink A7100RU, fixed by the same patch as CVE-202
CVE-2026-5692 is a totolink a7100ru cstecgi.cgi setgamespeedcfg os command injection in Totolink A7100RU, fixed by the same patch as CVE-202
CVE-2026-5693 is a missing authorization in Smart Appointment & Booking. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-5704 is a tar: tar: hidden file injection via crafted archives in Red Hat Enterprise Linux 10, fixed by the same patch as CVE-2026-
CVE-2026-5705: code-projects Online Hotel Booking Booking Endpoint booknow.php cross site scripting in Online Hotel Booking. Patch commands
CVE-2026-5711: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Post Blocks & Tools. Patch commands a
CVE-2026-5713 is a stack buffer overflow in CPython. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-5715 improper neutralization of input during web page generation ('cross-site scripti in Voyage Plus. Runnable upgrade commands and
CVE-2026-5717 is a cross-site scripting in VI: Include Post By. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-5719: bundle sibling of CVE-2026-5620. Same patched build closes both.
CVE-2026-5721 is a cross-site scripting in wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin. This page lists verifi
CVE-2026-5724 is a missing authentication in temporal. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-5736: PowerJob detailPlus Endpoint InstanceController.java sql injection in PowerJob. Patch commands and verification.
CVE-2026-5739: PowerJob OpenAPI Endpoint addWorkflowNode GroovyEvaluator.evaluate code injection in PowerJob. Patch commands and verificatio
CVE-2026-5741: suvarchal docker-mcp-server HTTP index.ts pull_image os command injection in docker-mcp-server. Patch commands and verificati
CVE-2026-5742: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in UsersWP – Front-end login form, User
CVE-2026-5745 is a null pointer dereference in Red Hat Hardened Images, fixed by the same patch as CVE-2026-2625.
CVE-2026-5748 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Text Snippets. Runnable patch
CVE-2026-5753 missing authorization in All-in-One WP Migration Unlimited Extension. Runnable upgrade commands and verification steps for sys
CVE-2026-5754 is a cross-site scripting in Alteon vADC. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-5755 is a vulnerability in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-5758 is an information disclosure in Protocol-buffers-schema parser. This page lists verified fix commands and short-term mitigatio
CVE-2026-5762: ReportIncident DiscussionTools integration causes slow requests in MediaWiki - ReportIncident Extension. Patch commands and v
CVE-2026-5766 improper handling of length parameter inconsistency in Django. Runnable upgrade commands and verification steps for sysadmins.
CVE-2026-5767 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in SlideShowPro SC. Runnable pat
CVE-2026-5774 is a race condition in Juju. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-5790 is a cross-site scripting (XSS) in Stel Order. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-5791 is a cross-site request forgery (csrf) in DivvyDrive. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-5794 - CWE-694 Use of multiple resources with duplicate identifier in Cryptobox. Runnable patch commands, mitigation, and verificat
CVE-2026-5797 is a neutralization of special elements in output in Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker. This page list
CVE-2026-5802 is a idachev mcp-javadc http os command injection in Idachev mcp-javadc. CVSS 6.9 Medium. Patch commands, mitigations, and ver
CVE-2026-5803: bigsk1 openai-realtime-ui API Proxy Endpoint server.js server-side request forgery in openai-realtime-ui. Patch commands and
CVE-2026-5805 is a code-projects easy blog site contact_us.php sql injection in Code-projects Easy Blog Site, fixed by the same patch as CVE
CVE-2026-5806 is a code-projects easy blog site update.php cross site scripting in Code-projects Easy Blog Site, fixed by the same patch as
CVE-2026-5808: openstatusHQ openstatus Onboarding Endpoint client.tsx cross site scripting in openstatus. Patch commands and verification.
CVE-2026-5810: SourceCodester Sales and Inventory System GET Parameter delete.php cross site scripting in Sales and Inventory System. Patch
CVE-2026-5811 is a business logic errors in Sourcecodester Online Food Ordering System. CVSS 5.3 Medium. Patch commands, mitigations, and ve
CVE-2026-5812: Business Logic Errors in Pharmacy Product Management System. Patch commands and verification.
CVE-2026-5813: PHPGurukul Online Course Registration check_availability.php sql injection in Online Course Registration. Patch commands and
CVE-2026-5814: PHPGurukul Online Course Registration check_availability.php sql injection in Online Course Registration. Patch commands and
CVE-2026-5820 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Zypento Blocks. Runnable patc
CVE-2026-5823: bundle sibling of CVE-2026-5620. Same patched build closes both.
CVE-2026-5824: bundle sibling of CVE-2026-5255. Same patched build closes both.
CVE-2026-5825: bundle sibling of CVE-2026-5255. Same patched build closes both.
CVE-2026-5826: bundle sibling of CVE-2026-5672. Same patched build closes both.
CVE-2026-5827: bundle sibling of CVE-2026-5672. Same patched build closes both.
CVE-2026-5828: bundle sibling of CVE-2026-5672. Same patched build closes both.
CVE-2026-5829: bundle sibling of CVE-2026-5672. Same patched build closes both.
CVE-2026-5831: Agions taskflow-ai terminal_execute handlers.ts os command injection in taskflow-ai. Patch commands and verification.
CVE-2026-5832: atototo api-lab-mcp HTTP http-server.ts test_http_endpoint server-side request forgery in api-lab-mcp. Patch commands and ver
CVE-2026-5833: awwaiid mcp-server-taskwarrior index.ts server.setRequestHandler command injection in mcp-server-taskwarrior. Patch commands
CVE-2026-5834: bundle sibling of CVE-2026-5647. Same patched build closes both.
CVE-2026-5835: bundle sibling of CVE-2026-5647. Same patched build closes both.
CVE-2026-5836: bundle sibling of CVE-2026-5647. Same patched build closes both.
CVE-2026-5837: PHPGurukul News Portal Project news-details.php sql injection in News Portal Project. Patch commands and verification.
CVE-2026-5838: bundle sibling of CVE-2026-5837. Same patched build closes both.
CVE-2026-5839: bundle sibling of CVE-2026-5837. Same patched build closes both.
CVE-2026-5840: bundle sibling of CVE-2026-5837. Same patched build closes both.
CVE-2026-5841 is a tenda i3 http r7webssecurityhandler path traversal in Tenda i3. CVSS 6.9 Medium. Patch commands, mitigations, and verific
CVE-2026-5842: decolua 9router Administrative API Endpoint api authorization in 9router. Patch commands and verification.
CVE-2026-5847 is a information disclosure in Code-projects Movie Ticketing System. CVSS 5.3 Medium. Patch commands, mitigations, and verific
CVE-2026-5848 is a code injection in Jeecgboot JimuReport. CVSS 5.1 Medium. Patch commands, mitigations, and verification.
CVE-2026-5849 is a tenda i12 http path traversal in Tenda i12. CVSS 6.9 Medium. Patch commands, mitigations, and verification.
CVE-2026-5864 is a heap buffer overflow in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5867 is a heap buffer overflow in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5869 is a heap buffer overflow in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5875 is a policy bypass in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5876 is a side-channel information leakage in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5878 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5880 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5881 is a policy bypass in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5882 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5885 is a insufficient validation of untrusted input in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5886 is a out of bounds read in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5887 is a insufficient validation of untrusted input in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5888 is a uninitialized use in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5889 is a cryptographic flaw in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5891 is a insufficient policy enforcement in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5892 is a insufficient policy enforcement in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5893 is a race in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5894 is a inappropriate implementation in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5895 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5896 is a policy bypass in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5897 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5898 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5899 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5900 is a policy bypass in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5901 is a policy bypass in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5903 is a policy bypass in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5905 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5906 is a incorrect security ui in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5911 is a policy bypass in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5918 is a inappropriate implementation in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5919 is a insufficient validation of untrusted input in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5926 - Security vulnerabilities have been found in Verify Identity Access Container. Runnable patch commands, mitigation, and verif
CVE-2026-5937 - CWE-248 Uncaught exception in Foxit PDF Editor. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-5938 - Insufficient Control Flow Management (CWE-691) in Foxit PDF Editor. Runnable patch commands, mitigation, and verification on
CVE-2026-5939 - CWE-416 Use after free in Foxit PDF Editor. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-5942 - CWE-416 Use after free in Foxit PDF Editor. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-5944 - CWE-306 Missing authentication for critical function in Cisco Intersight Device Connector for Prism Central. Runnable patch
CVE-2026-5950 is a vulnerability in BIND 9. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-5957 improper limitation of a pathname to a restricted directory ('path traversal') in EmailKit – Email Customizer for WooCommerce
CVE-2026-5960: Information Disclosure in Patient Record Management System. Patch commands and verification.
CVE-2026-5961: bundle sibling of CVE-2026-5672. Same patched build closes both.
CVE-2026-5962 is a tenda ch22 httpd r7webssecurityhandlerfunction path traversal in Tenda CH22, fixed by the same patch as CVE-2026-5604.
CVE-2026-5970: FoundationAgents MetaGPT HumanEvalBenchmark/MBPPBenchmark check_solution code injection in MetaGPT. Patch commands and verifi
CVE-2026-5971: bundle sibling of CVE-2026-5970. Same patched build closes both.
CVE-2026-5972: bundle sibling of CVE-2026-5970. Same patched build closes both.
CVE-2026-5973: bundle sibling of CVE-2026-5970. Same patched build closes both.
CVE-2026-5974: bundle sibling of CVE-2026-5970. Same patched build closes both.
CVE-2026-5985: bundle sibling of CVE-2026-5672. Same patched build closes both.
CVE-2026-5986 is a zod jsvideourlparser util.js gettime redos in Zod jsVideoUrlParser. CVSS 6.9 Medium. Patch commands, mitigations, and ver
CVE-2026-5987: Improper Neutralization of Special Elements Used in a Template Engine in PublicCMS. Patch commands and verification.
CVE-2026-5998 is a path traversal in chatgpt-on-wechat CowAgent. This page lists verified fix commands and short-term mitigations you can ru
CVE-2026-5999 is an improper authorization in JeecgBoot. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6000 is an information disclosure in Online Library Management System. This page lists verified fix commands and short-term mitigat
CVE-2026-6003 is a cross-site scripting in Simple IT Discussion Forum. This page lists verified fix commands and short-term mitigations you
CVE-2026-6004 is a SQL injection in Simple IT Discussion Forum. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6005 is a SQL injection in Patient Record Management System. This page lists verified fix commands and short-term mitigations you c
CVE-2026-6006 is a SQL injection in Patient Record Management System. This page lists verified fix commands and short-term mitigations you c
CVE-2026-6007 is a SQL injection in Construction Management System. This page lists verified fix commands and short-term mitigations you can
CVE-2026-6008: an insecure direct object reference (IDOR) in DijiDemi. Patched version and vendor advisory inside.
CVE-2026-6010 is a SQL injection in Online Classroom. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6011 is a server-side request forgery in OpenClaw. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-6024 is a path traversal in i6. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6030 is a SQL injection in Construction Management System. This page lists verified fix commands and short-term mitigations you can
CVE-2026-6031 is a SQL injection in Simple IT Discussion Forum. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6032 is a cross-site scripting in Simple Laundry System. This page lists verified fix commands and short-term mitigations you can r
CVE-2026-6033 is a SQL injection in Online Classroom. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6034 is a cross-site scripting in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigati
CVE-2026-6035 is a cross-site scripting in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigati
CVE-2026-6036 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6037 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6038 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6041 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Buzz Comments. Runnable patch
CVE-2026-6042 is an inefficient algorithmic complexity in libc. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6048 is a cross-site scripting in Flipbox Addon for Elementor. This page lists verified fix commands and short-term mitigations you
CVE-2026-6058 is an encoding or escaping of output in WRE6505 v2 firmware. This page lists verified fix commands and short-term mitigations
CVE-2026-6060 is a denial of service in OTRS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6063: an insecure direct object reference (IDOR) in GitLab. Patched version and vendor advisory inside.
CVE-2026-6068 is an use-after-free in NASM. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6072: an insecure direct object reference (IDOR) in Oliver POS – A WooCommerce Point of Sale. Patched version and vendor advisory i
CVE-2026-6080 is a SQL injection in Tutor LMS – eLearning and online course solution. This page lists verified fix commands and short-term m
CVE-2026-6093 improper neutralization of special elements used in an sql command ('sql injecti in corteza. Runnable upgrade commands and ver
CVE-2026-6104 is a out-of-bounds read in PHP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-6105 is an improper authorization in go-fastdfs-web. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-6106 is a cross-site scripting in MaxKB. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6107 is a cross-site scripting in MaxKB. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6108 is an OS command injection in MaxKB. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6109 is a cross-site request forgery in MetaGPT. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6110 is a code injection in MetaGPT. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6111 is a server-side request forgery in MetaGPT. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-6117 is a sandbox issue in AstrBot. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6118 is a command injection in AstrBot. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6119 is a server-side request forgery in AstrBot. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-6125 is a code injection in warm-flow. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6126 is a missing authentication in chatgpt-on-wechat CowAgent. This page lists verified fix commands and short-term mitigations yo
CVE-2026-6127 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Elementor Website Builder – m
CVE-2026-6129 is a missing authentication in chatgpt-on-wechat CowAgent. This page lists verified fix commands and short-term mitigations yo
CVE-2026-6130 is an OS command injection in chatbox. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6141 is an OS command injection in Personal_AI_Infrastructure. This page lists verified fix commands and short-term mitigations you
CVE-2026-6142 is a SQL injection in Hotel Management System. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-6143 is a vulnerability in cc-switch. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6145: a missing authorization in User Registration & Membership – Free & . Patched version and vendor advisory inside.
CVE-2026-6146 use of cryptographically weak pseudo-random number generator (prng) in Amazon::Credentials. Runnable upgrade commands and veri
CVE-2026-6148 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6149 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6150 is a cross-site scripting in Simple Laundry System. This page lists verified fix commands and short-term mitigations you can r
CVE-2026-6151 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6152 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6153 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6158 is an OS command injection in N300RH. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6159 is a cross-site scripting in Simple ChatBox. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-6160 is a file and directory information exposure in Simple ChatBox. This page lists verified fix commands and short-term mitigatio
CVE-2026-6161 is a SQL injection in Simple ChatBox. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6162 is a cross-site scripting in Company Visitor Management System. This page lists verified fix commands and short-term mitigatio
CVE-2026-6163 is a SQL injection in Lost and Found Thing Management. This page lists verified fix commands and short-term mitigations you ca
CVE-2026-6164 is a SQL injection in Lost and Found Thing Management. This page lists verified fix commands and short-term mitigations you ca
CVE-2026-6165 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6166 is a SQL injection in Vehicle Showroom Management System. This page lists verified fix commands and short-term mitigations you
CVE-2026-6167 is a SQL injection in Faculty Management System. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6174 is a cross-site scripting (XSS) in CC Child Pages. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-6179 is a cross-site scripting in NightWolf Penetration Testing Platform. This page lists verified fix commands and short-term miti
CVE-2026-6180 time-of-check time-of-use (toctou) race condition in PaperCut NG/MF. Runnable upgrade commands and verification steps for sysa
CVE-2026-6182 is a SQL injection in Simple Content Management System. This page lists verified fix commands and short-term mitigations you c
CVE-2026-6183 is a SQL injection in Simple Content Management System. This page lists verified fix commands and short-term mitigations you c
CVE-2026-6184 is a cross-site scripting in Simple Content Management System. This page lists verified fix commands and short-term mitigation
CVE-2026-6187 is a SQL injection in Pharmacy Sales and Inventory System. This page lists verified fix commands and short-term mitigations yo
CVE-2026-6188 is a SQL injection in Pharmacy Sales and Inventory System. This page lists verified fix commands and short-term mitigations yo
CVE-2026-6189 is a SQL injection in Pharmacy Sales and Inventory System. This page lists verified fix commands and short-term mitigations yo
CVE-2026-6190 is a SQL injection in Construction Management System. This page lists verified fix commands and short-term mitigations you can
CVE-2026-6191 is a SQL injection in Construction Management System. This page lists verified fix commands and short-term mitigations you can
CVE-2026-6192 is an integer overflow in openjpeg. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6193 is a SQL injection in Daily Expense Tracking System. This page lists verified fix commands and short-term mitigations you can
CVE-2026-6201 is an access controls in Online Job Portal. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6202 is a SQL injection in Easy Blog Site. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6203 is an url redirection to untrusted site in User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Re
CVE-2026-6206: an insecure direct object reference (IDOR) in MW WP Form. Patched version and vendor advisory inside.
CVE-2026-6214 missing authorization in Forminator Forms – Contact Form, Payment Form & Custom Form Builder. Runnable upgrade commands and ve
CVE-2026-6215 is a server-side request forgery in DbGate. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6216 is a cross-site scripting in DbGate. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6218 is a cross-site scripting in ytDownloader. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6219 is a command injection in ytDownloader. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6220 is a server-side request forgery in HummerRisk. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-6222 missing authorization in Forminator Forms – Contact Form, Payment Form & Custom Form Builder. Runnable upgrade commands and ve
CVE-2026-6224 is a sandbox issue in plugin-workflow-javascript. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6225: a SQL injection in Taskbuilder – Project Management & Task . Patched version and vendor advisory inside.
CVE-2026-6231 is an improper input validation in C Driver. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-6236 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Posts map. Runnable patch com
CVE-2026-6237 improper neutralization of input during web page generation ('cross-site scripti in Quick Table. Runnable upgrade commands and
CVE-2026-6238 - CWE-126 Buffer over-read in glibc. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6245 is a buffer access with incorrect length value in Red Hat Enterprise Linux 10. This page lists verified fix commands and short
CVE-2026-6246 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Simple Random Posts Shortcode
CVE-2026-6247 improper neutralization of input during web page generation ('cross-site scripti in scratchblocks for WP. Runnable upgrade com
CVE-2026-6252: a cross-site scripting (XSS) in Meta Field Block – Display custom fields. Patched version and vendor advisory inside.
CVE-2026-6255 improper neutralization of input during web page generation ('cross-site scripti in Simple Owl Shortcodes. Runnable upgrade co
CVE-2026-6256 improper neutralization of input during web page generation ('cross-site scripti in Credits Shortcode. Runnable upgrade comman
CVE-2026-6262 improper limitation of a pathname to a restricted directory ('path traversal') in Betheme. Runnable upgrade commands and verif
CVE-2026-6293 is a cross-site request forgery in Inquiry form to posts or pages. This page lists verified fix commands and short-term mitiga
CVE-2026-6294 - CWE-352 Cross-Site Request Forgery (CSRF) in Google PageRank Display. Runnable patch commands, mitigation, and verification
CVE-2026-6298 is a heap buffer overflow in Chrome. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6332: an information disclosure in Ecostruxure™ Machine Expert HVAC. Patched version and vendor advisory inside.
CVE-2026-6335 is a cross-site scripting (XSS) in GitLab. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-6339 is a vulnerability in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6340 is an OS command injection in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-6341 is an access control bypass in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-6342 is an access control bypass in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-6343 is an access control bypass in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-6344 improper limitation of a pathname to a restricted directory ('path traversal') in Fluent Forms – Customizable Contact Forms, S
CVE-2026-6345 is a path traversal in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6355 - CWE-284: Improper Access Control in Augmentt. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6357 - pip self-update functionality can import newly installed modules after wheel installation in pip. Runnable patch commands, m
CVE-2026-6362 is an use-after-free in Chrome. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6364 is an out-of-bounds read in Chrome. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6369 is a missing authentication in canonical-livepatch. This page lists verified fix commands and short-term mitigations you can r
CVE-2026-6370 is a cross-site scripting in Mini Ajax Cart for WooCommerce. This page lists verified fix commands and short-term mitigations
CVE-2026-6378 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in MaxiBlocks Builder | 17, 000+
CVE-2026-6383 is an incorrect authorization in Red Hat OpenShift Virtualization 4. This page lists verified fix commands and short-term miti
CVE-2026-6385 is an integer overflow in Lightspeed Core. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6386 - CWE-269 Improper Privilege Management in FreeBSD. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6391: a cross-site request forgery (CSRF) in Sentence To SEO (keywords. Patched version and vendor advisory inside.
CVE-2026-6393 - CWE-862 Missing Authorization in BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor. Runnable patc
CVE-2026-6394: a server-side request forgery (SSRF) in Nexa Blocks – Gutenberg Blocks. Patched version and vendor advisory inside.
CVE-2026-6395 is a cross-site scripting (XSS) in Word 2 Cash. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-6396 - CWE-352 Cross-Site Request Forgery (CSRF) in Fast & Fancy Filter – 3F. Runnable patch commands, mitigation, and verification
CVE-2026-6397 is a cross-site scripting (XSS) in Sticky. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-6399 is a cross-site scripting (XSS) in General Options. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-6400: a cross-site request forgery (CSRF) in Child Height Predictor by Ostheimer. Patched version and vendor advisory inside.
CVE-2026-6401 is a cross-site request forgery (CSRF) in Bottom Bar. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-6402 exposed dangerous method or function in webpack-dev-server. Runnable upgrade commands and verification steps for sysadmins.
CVE-2026-6404: a cross-site scripting (XSS) in Anomify AI – Anomaly Detection and Alert. Patched version and vendor advisory inside.
CVE-2026-6405: a cross-site scripting (XSS) in Anomify AI – Anomaly Detection and Alert. Patched version and vendor advisory inside.
CVE-2026-6410 is a path traversal in @fastify/static. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6414 is a cwe-177: improper handling of url encoding in @fastify/static. This page lists verified fix commands and short-term mitig
CVE-2026-6415: a cross-site scripting (XSS) in Advanced Custom Fields: Font Awesome Fie. Patched version and vendor advisory inside.
CVE-2026-6417: a cross-site scripting (XSS) in GLS Shipping for WooCommerce. Patched version and vendor advisory inside.
CVE-2026-6418 is a absolute path traversal in PaperCut NG/MF. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-6420 use of predictable algorithm in random number generator in Red Hat Enterprise Linux 10. Runnable upgrade commands and verifica
CVE-2026-6437 is a vulnerability in AWS EFS CSI Driver. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6439 is a cross-site scripting in VideoZen. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6441 is a missing authorization in Canto. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6446 - CWE-522 Insufficiently Protected Credentials in My Social Feeds – Social Feeds Embedder Plugin for WordPress. Runnable patch
CVE-2026-6447 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Call for Price for WooCommerc
CVE-2026-6449 - CWE-285 Improper Authorization in Booking for Appointments and Events Calendar – Amelia. Runnable patch commands, mitigation
CVE-2026-6451 is a cross-site request forgery in Plugin: CMS für Motorrad Werkstätten. This page lists verified fix commands and short-term
CVE-2026-6452: a cross-site request forgery (CSRF) in Bigfishgames Syndicate. Patched version and vendor advisory inside.
CVE-2026-6457 - CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Geo Mashup. Runnable patch co
CVE-2026-6472 is a missing authorization in PostgreSQL. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-6474 is a format string vulnerability in PostgreSQL. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-6478 is a vulnerability in PostgreSQL. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6486 is a cross-site scripting in classroombookings. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-6487 is a path traversal in jtbc5 CMS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6488 is a SQL injection in sms. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6489 is an unrestricted file upload in sms. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6490 is a SQL injection in sms. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6491 is a heap buffer overflow in libvips. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6492 is an information disclosure in Hotel Booking Management System. This page lists verified fix commands and short-term mitigati
CVE-2026-6493 is a cross-site scripting in rallly. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6494 is an output neutralization for logs in Red Hat Ansible Automation Platform 2. This page lists verified fix commands and short
CVE-2026-6496 is a path traversal in TinyFileManager. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6497 is a server-side request forgery in TinyFileManager. This page lists verified fix commands and short-term mitigations you can
CVE-2026-6498 - CWE-345 Insufficient Verification of Data Authenticity in Five Star Restaurant Reservations – WordPress Booking Plugin. Runn
CVE-2026-6500 is a plaintext storage of a password in OpenConcerto. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-6501 improper restriction of xml external entity reference in jOpenDocument. Runnable upgrade commands and verification steps for s
CVE-2026-6504: a cross-site scripting (XSS) in Royal Addons for Elementor – Addons and . Patched version and vendor advisory inside.
CVE-2026-6515 - CWE-613: Insufficient Session Expiration in GitLab. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6519 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6520 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6521 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6522 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6523 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6524 - CWE-824: Access of Uninitialized Pointer in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6525 - CWE-476: NULL Pointer Dereference in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6526 - CWE-476: NULL Pointer Dereference in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6527 - CWE-674: Uncontrolled Recursion in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6528 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6529 - CWE-122: Heap-based Buffer Overflow in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6530 - CWE-122: Heap-based Buffer Overflow in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6531 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6532 - CWE-126: Buffer Over-read in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6533 - CWE-1325: Improperly Controlled Sequential Memory Allocation in Wireshark. Runnable patch commands, mitigation, and verifica
CVE-2026-6534 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6535 - CWE-1325: Improperly Controlled Sequential Memory Allocation in Wireshark. Runnable patch commands, mitigation, and verifica
CVE-2026-6536 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-6537 - CWE-121: Stack-based Buffer Overflow in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6538 - CWE-121: Stack-based Buffer Overflow in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6539 - CWE-134 Use of Externally Controlled Format String in Notepad++. Runnable patch commands, mitigation, and verification on th
CVE-2026-6542 - CWE-639 Authorization Bypass Through User-Controlled Key in Langflow OSS. Runnable patch commands, mitigation, and verificat
CVE-2026-6549: a cross-site scripting (XSS) in Logo Manager For Enamad. Patched version and vendor advisory inside.
CVE-2026-6550 is a vulnerability in AWS Encryption SDK for Python. This page lists verified fix commands and short-term mitigations you can
CVE-2026-6551 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Timeline Blocks for Gutenberg
CVE-2026-6559 is a cross-site scripting in WL-WN579A3. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6561 is an unrestricted file upload in EyouCMS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6562 is a SQL injection in muucmf. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6564 is an improper authorization in EMQX Enterprise. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6566: an insecure direct object reference (IDOR) in Photo Gallery. Patched version and vendor advisory inside.
CVE-2026-6568 is a path traversal in KodExplorer. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6569 is an authentication bypass in KodExplorer. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6570 is an authorization bypass in KodExplorer. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6571 is an authorization bypass in KodExplorer. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6572 is an improper authorization in KodExplorer. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-6573 is a server-side request forgery in PHPEMS. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6574 is a hard-coded credentials in LightPicture. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-6575 is a vulnerability in PostgreSQL. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6576 is a command injection in DjangoBlog. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6577 is a missing authentication in DjangoBlog. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6578 is a hard-coded credentials in DjangoBlog. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6579 is a missing authentication in DjangoBlog. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6580 is an use of hard-coded cryptographic key in DjangoBlog. This page lists verified fix commands and short-term mitigations you
CVE-2026-6582 is a missing authentication in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6583 is an authorization bypass in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6584 is an authorization bypass in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6585 is an authorization bypass in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6586 is an authorization bypass in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6587 is a server-side request forgery in RAGAS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6588 is a missing authentication in serge. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6589 is a cross-site request forgery in ComfyUI. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6590 is a path traversal in ComfyUI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6591 is a path traversal in ComfyUI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6592 is a cross-site scripting in ComfyUI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6593 is a cross-site scripting in ComfyUI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6594 is a vulnerability in merge. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6595 is a SQL injection in School Management System. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-6596 is an unrestricted file upload in langflow. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6597 is an unprotected storage of credentials in langflow. This page lists verified fix commands and short-term mitigations you can
CVE-2026-6598 is a cleartext storage in a file or in langflow. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6599 is an injection in langflow. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6600 is a cross-site scripting in langflow. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6601 is a denial of service in WHMCS Template. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6602 is an unrestricted file upload in Hospital Management System. This page lists verified fix commands and short-term mitigations
CVE-2026-6603 is a code injection in agentscope. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6604 is a server-side request forgery in agentscope. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-6605 is a server-side request forgery in agentscope. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-6606 is a server-side request forgery in agentscope. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-6607 is a denial of service in fastchat. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6608 is a control flow in fastchat. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6609 is an improper authorization in DjangoBlog. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6610 is a hard-coded credentials in DjangoBlog. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6612 is an authorization bypass in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6613 is an authorization bypass in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6614 is an authorization bypass in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6615 is a path traversal in SuperAGI. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6616 is a server-side request forgery in SuperAGI. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-6617 is a server-side request forgery in dify. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6618 is a server-side request forgery in dify. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6619 is a cross-site scripting in dify. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6620 is a path traversal in sonic-server. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6621 is a vulnerability in extend-deep. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6622 is a cross-site scripting in ISP Billing Software. This page lists verified fix commands and short-term mitigations you can ru
CVE-2026-6623 is a cross-site scripting in ISP Billing Software. This page lists verified fix commands and short-term mitigations you can ru
CVE-2026-6624 is a cross-site scripting in ISP Billing Software. This page lists verified fix commands and short-term mitigations you can ru
CVE-2026-6625 is a server-side request forgery in Mogu Blog v2. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6626 is a neutralization of special elements in data in Cockpit. This page lists verified fix commands and short-term mitigations y
CVE-2026-6628 is a SQL injection in Ecclesia CRM. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6629 is a SQL injection in MetaCRM. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6633 is a cross-site scripting in CMS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6634 is an improper authorization in memos. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6635 is an authentication bypass in rowboat. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6636 is a path traversal in convert. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6646: a cross-site scripting (XSS) in The7, Website and eCommerce Builder for. Patched version and vendor advisory inside.
CVE-2026-6648 is a cross-site scripting in CMS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6649 is a server-side request forgery in CMS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6650 is an unrestricted file upload in Z-BlogPHP. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-6651 is a cross-site scripting in ERP Online. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6652 is a vulnerability in CMS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6654 is a double free in thin-vec. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6662 is a vulnerability in copilot-api. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6663 is a missing authorization in GWD Conex. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-6666 is a null pointer dereference in PgBouncer. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-6667 is a missing authorization in PgBouncer. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-6670 is a path traversal in Media Sync. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6672 improper neutralization of input during web page generation ('cross-site scripti in Affiliate Program Suite, SliceWP Affiliate
CVE-2026-6674 is a SQL injection in Plugin: CMS für Motorrad Werkstätten. This page lists verified fix commands and short-term mitigations y
CVE-2026-6675 is an improper input validation in Responsive Blocks – Page Builder for Blocks & Patterns. This page lists verified fix comman
CVE-2026-6696 improper neutralization of input during web page generation ('cross-site scripti in Zingaya Click-to-Call. Runnable upgrade co
CVE-2026-6700 is a cross-site request forgery (csrf) in DX Sources. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-6701 is a cross-site request forgery (csrf) in addfreespace. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-6702 is a cross-site request forgery (csrf) in Publish 2 Ping.fm. Patched version, runnable upgrade commands, and how to verify the
CVE-2026-6703 is a missing authorization in Responsive Blocks – Page Builder for Blocks & Patterns. This page lists verified fix commands an
CVE-2026-6704 improper neutralization of input during web page generation ('cross-site scripti in Blog Settings. Runnable upgrade commands a
CVE-2026-6706 - CWE-862: Missing Authorization in Server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6708 missing authorization in HEL Online Classroom: AI-powered Online Classrooms. Runnable upgrade commands and verification steps
CVE-2026-6709 missing authorization in Coinbase Commerce for Contact Form 7. Runnable upgrade commands and verification steps for sysadmins.
CVE-2026-6710 cross-site request forgery (csrf) in Skysa Text Ticker App. Runnable upgrade commands and verification steps for sysadmins.
CVE-2026-6711 is a cross-site scripting in Website LLMs.txt. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-6712 is a cross-site scripting in Website LLMs.txt. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-6725 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in WPC Smart Messages for WooCom
CVE-2026-6728 is an information disclosure in Slider Revolution. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-6729 is an authentication bypass in OpenHarness. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6732 - Access of Resource Using Incompatible Type ('Type Confusion') in Red Hat Hardened Images. Runnable patch commands, mitigatio
CVE-2026-6736 missing authentication for critical function in Enterprise Server. Runnable upgrade commands and verification steps for sysadm
CVE-2026-6743 is a cross-site scripting in WebTOTUM. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6744 is a server-side request forgery in Bagisto. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-6745 is a cross-site scripting in Bagisto. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6755 is a cross-site request forgery in Firefox. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6757 is an access of uninitialized pointer in Firefox. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6762 is an authentication bypass by spoofing in Firefox. This page lists verified fix commands and short-term mitigations you can r
CVE-2026-6763 is a protection mechanism failure in Firefox. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-6764 is a buffer overflow in Firefox. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6765 is an exposure of private personal information to in Firefox. This page lists verified fix commands and short-term mitigations
CVE-2026-6767 is a buffer overflow in Firefox. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6770 is an information disclosure in Firefox. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6774 is a protection mechanism failure in Firefox. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-6775 is a buffer overflow in Firefox. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6777 is an improper input validation in Firefox. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-6778 is an access of uninitialized pointer in Firefox. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6779 is a buffer overflow in Firefox. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6783 is an integer overflow in Firefox. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6796 is a cleartext storage in a file or in PublicCMS. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-6797 is a denial of service in PublicCMS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6799 is a command injection in CF-N1-S. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6800 improper neutralization of input during web page generation ('cross-site scripti in FastBots. Runnable upgrade commands and ve
CVE-2026-6805 improper handling of insufficient permissions or privileges in Cryptobox. Runnable upgrade commands and verification steps for
CVE-2026-6807 - CWE-611 in GRASSMARLIN. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6808 improper neutralization of input during web page generation ('cross-site scripti in Pricing Tables for WP. Runnable upgrade co
CVE-2026-6809 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Social Post Embed. Runnable p
CVE-2026-6810 - CWE-639 Authorization Bypass Through User-Controlled Key in Booking Calendar Contact Form. Runnable patch commands, mitigati
CVE-2026-6811 is a vulnerability in PHP Driver. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6812 - CWE-918 Server-Side Request Forgery (SSRF) in Ona. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6813 improper neutralization of input during web page generation ('cross-site scripti in Continually. Runnable upgrade commands and
CVE-2026-6815 improper limitation of a pathname to a restricted directory ('path traversal') in Casdoor. Runnable upgrade commands and verif
CVE-2026-6817 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Quiz Maker by AYS. Runnable p
CVE-2026-6826 is an information disclosure in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-6828: a cross-site scripting (XSS) in Fluent Forms – Customizable Contact Form. Patched version and vendor advisory inside.
CVE-2026-6829 is a path traversal in hermes-webui. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6830 is an exposure of resource to wrong sphere in hermes-webui. This page lists verified fix commands and short-term mitigations y
CVE-2026-6835 - CWE-434 Unrestricted upload of file with dangerous type in a+HCM. Runnable patch commands, mitigation, and verification on t
CVE-2026-6839 - CWE-1284 Improper validation of specified quantity in input in ONE. Runnable patch commands, mitigation, and verification on
CVE-2026-6840 - CWE-129 Improper validation of array index in ONE. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6841 is a cross-site scripting (XSS) in Request Tracker. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-6843 - Use of Externally-Controlled Format String in Red Hat Enterprise Linux 10. Runnable patch commands, mitigation, and verifica
CVE-2026-6844 - Uncontrolled Resource Consumption in Red Hat Enterprise Linux 10. Runnable patch commands, mitigation, and verification on t
CVE-2026-6845 - NULL Pointer Dereference in Red Hat Enterprise Linux 10. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6848 - Insufficient Session Expiration in Red Hat Quay 3. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6860 is a improper certificate validation in Eclipse Vert.x. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-6861 - Off-by-one Error in Red Hat Enterprise Linux 10. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6862 - Uncontrolled Recursion in Red Hat Enterprise Linux 10. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6863 is a improper authorization in Velociraptor. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-6864: a cross-site scripting (XSS) in CBX 5 Star Rating & Review. Patched version and vendor advisory inside.
CVE-2026-6867 - CWE-1325: Improperly Controlled Sequential Memory Allocation in Wireshark. Runnable patch commands, mitigation, and verifica
CVE-2026-6868 - CWE-121: Stack-based Buffer Overflow in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6869 - CWE-1325: Improperly Controlled Sequential Memory Allocation in Wireshark. Runnable patch commands, mitigation, and verifica
CVE-2026-6870 - CWE-824: Access of Uninitialized Pointer in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6874 - Reliance on Reverse DNS Resolution in copilot-api. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6878 - Sandbox Issue in verl. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6907 is a use of cache containing sensitive information in Django. Patched version, runnable upgrade commands, and how to verify th
CVE-2026-6909 improper neutralization of input during web page generation (xss or 'cross-site in ATutor. Runnable upgrade commands and verif
CVE-2026-6913 improper neutralization of input during web page generation ('cross-site scripti in Shortcodely. Runnable upgrade commands and
CVE-2026-6915 - CWE-1284 Improper validation of specified quantity in input in MongoDB Server. Runnable patch commands, mitigation, and veri
CVE-2026-6916 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Jeg Kit for Elementor – Power
CVE-2026-6932 cross-site request forgery (csrf) in Woo Commerce Minimum Weight. Runnable upgrade commands and verification steps for sysadmi
CVE-2026-6940 - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in radare2. Runnable patch commands, m
CVE-2026-6941 - CWE-59: Improper Link Resolution Before File Access ('Link Following') in radare2. Runnable patch commands, mitigation, and
CVE-2026-6948 allocation of resources without limits or throttling in Velociraptor. Runnable upgrade commands and verification steps for sys
CVE-2026-6956 improper neutralization of input during web page generation (xss or 'cross-site in ATutor. Runnable upgrade commands and verif
CVE-2026-6959 improper link resolution before file access (link following) in Nomad. Runnable upgrade commands and verification steps for sy
CVE-2026-6962: a cross-site scripting (XSS) in Cost of Goods: Product Cost & Profit Cal. Patched version and vendor advisory inside.
CVE-2026-6965: an insecure direct object reference (IDOR) in Tutor LMS – eLearning and online course . Patched version and vendor advisory i
CVE-2026-6977 - Improper Authorization in vanna. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6978 - SQL Injection in JiZhiCMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6979 - Server-Side Request Forgery in WAHA. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6980 - Command Injection in GitPilot-MCP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6981 - Server-Side Request Forgery in AiraHub2. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6982 - SQL Injection in ShowDoc. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6983 - Server-Side Request Forgery in pagekit. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6984 - Improper Neutralization of Special Elements Used in a Template Engine in AstrBot. Runnable patch commands, mitigation, and v
CVE-2026-6985 - Infinite Loop in Mongoose. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6986 - Improper Verification of Cryptographic Signature in Mongoose. Runnable patch commands, mitigation, and verification on this
CVE-2026-6987 - Command Injection in PicoClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6989 - Command Injection in F453. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6990 - Cross Site Scripting in siga. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6991 - SQL Injection in Zod. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6993 - Unintended Intermediary in kratos. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6994 - Injection in Envoy. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6995 - Cross Site Scripting in P3310D. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6996 - Cross Site Scripting in P3310D. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6997 - Cross Site Scripting in P3310D. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6998 - Cross Site Scripting in P3310D. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6999 - Cross Site Scripting in TR321. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7000 - Cross Site Scripting in DM4100. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7001 - Cross Site Scripting in DM4100. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7002 - SQL Injection in SocialMediaWebsite. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7010 improper neutralization of crlf sequences in http headers ('http request/respons in HTTP::Tiny. Runnable upgrade commands and
CVE-2026-7011 - Cross Site Scripting in CMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7012 - Cross Site Scripting in CMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7013 - Cross Site Scripting in CMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7014 - Cross Site Scripting in CMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7015 - Cross Site Scripting in CMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7016 - Cross Site Scripting in CMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7018 - Use of Hard-coded Cryptographic Key in Datavines. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7020 - Path Traversal in Ollama. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7021 - Information Disclosure in sre. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7022 - Improper Authentication in sre. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7023 - SQL Injection in coze-studio. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7024 - Path Traversal in sims. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7025 - Server-Side Request Forgery in Typecho. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7026 - Cross Site Scripting in DGS-3420. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7027 - Cross Site Scripting in DSL-2740R. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7028 - SQL Injection in Online Job Portal. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7036 - Path Traversal in i9. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7038 - Insufficiently Protected Credentials in ssh-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7041 - Information Disclosure in MiroFish. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7042 - Missing Authentication in MiroFish. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7043 - Unrestricted Upload in GreenCMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7044 - Unrestricted Upload in GreenCMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7045 - Injection in dynamic-datasource. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7046: a SQL injection in NEX-Forms – Ultimate Forms Plugin for Wo. Patched version and vendor advisory inside.
CVE-2026-7050 is a missing authorization in Forms Rb. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7051: a missing authorization in Blog2Social: Social Media Auto Post & Sc. Patched version and vendor advisory inside.
CVE-2026-7058 - Command Injection in MiroFish. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7059 - Path Traversal in MiroFish. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7060 - SQL Injection in yu-picture. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7061 - OS Command Injection in chatgpt-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7062 - OS Command Injection in context-sync. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7063 - SQL Injection in Employee Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7064 - OS Command Injection in browser-tools-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7065 - Server-Side Request Forgery in BuildingAI. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7066 - OS Command Injection in simple-openstack-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7067 - Command Injection in DIR-822. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7070 - SQL Injection in Inventory Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7071 - File and Directory Information Exposure in Online Job Portal. Runnable patch commands, mitigation, and verification on this
CVE-2026-7072 - SQL Injection in canteen_management_system. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7073 - SQL Injection in Construction Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7074 - SQL Injection in Construction Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7075 - SQL Injection in Construction Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7076 - SQL Injection in Courier Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7077 - SQL Injection in Courier Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7083 - SQL Injection in likeadmin_php. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7084 - Server-Side Request Forgery in Toonflow-app. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7086 - Path Traversal in Toonflow-app. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7087 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7088 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7089 - Cross Site Scripting in Home Service System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7090 - Cross Site Scripting in Chat System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7091 - Improper Authorization in Invoice System in Laravel. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7092 - Improper Authorization in Invoice System in Laravel. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7093 - Improper Authorization in Invoice System in Laravel. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7094 - Server-Side Request Forgery in GlutamateMCPServers. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7095 - Cross Site Scripting in Employee Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7102 - Command Injection in F456. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7103 - Use of Weak Hash in Chat System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7107 - Unrestricted Upload in Invoice System in Laravel. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7108 - Cross-Site Request Forgery in Invoice System in Laravel. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7109 - Improper Authorization in Invoice System in Laravel. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7110 - Cross Site Scripting in Invoice System in Laravel. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7112 - Improper Authentication in hermes-agent. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7113 - Missing Authentication in hermes-agent. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7114 - SQL Injection in Employee Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7115 - SQL Injection in Employee Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7116 - Cross Site Scripting in Employee Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7117 - SQL Injection in Employee Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7118 - SQL Injection in Employee Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7126 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7127 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7128 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7129 - Cross Site Scripting in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this p
CVE-2026-7130 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7131 - SQL Injection in Online Lot Reservation System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7132 - Path Traversal in Online Lot Reservation System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7133 - Unrestricted Upload in Online Lot Reservation System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7134 - Unrestricted Upload in Online Lot Reservation System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7135 - Out-of-Bounds Read in GPAC. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7141 - Uninitialized Resource in vllm. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7142 - Improper Authorization in Wooey. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7143 - SQL Injection in Portfolio Management System MCA. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7144 - Authorization Bypass in Portfolio Management System MCA. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7145 - Authorization Bypass in sendportal. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7146 - Server-Side Request Forgery in mcp-data-vis. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7147 - Server-Side Request Forgery in mcp-chat-studio. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7148 - SQL Injection in Online Classroom. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7149 - Path Traversal in kaggle-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7150 - Server-Side Request Forgery in auto-favicon. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7157 - Command Injection in aider-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7158 - Server-Side Request Forgery in mcp-url-downloader. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7159 - Path Traversal in mkdocs-mcp-plugin. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7163 - Cleartext Storage of Sensitive Information in multicluster engine for Kubernetes 2.10. Runnable patch commands, mitigation,
CVE-2026-7177 - Server-Side Request Forgery in NextChat. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7178 - Server-Side Request Forgery in NextChat. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7179 - Path Traversal in binwalk. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7183 - Uncaught Exception in UERANSIM. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7194 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7196 - SQL Injection in Online Classroom. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7199 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7200 - Cross Site Scripting in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this p
CVE-2026-7205 - Path Traversal in papers-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7206 - SQL Injection in sqlite-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7209 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Simple Link Directory. Runnab
CVE-2026-7210 is a insufficient entropy in CPython. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7211 - Command Injection in MCP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7212 - Path Traversal in notes-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7213 - Path Traversal in MLOps_MCP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7214 - Path Traversal in engineer-your-data. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7215 - Command Injection in gmx-vmd-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7216 - Path Traversal in processing-claude-mcp-bridge. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7217 - Absolute Path Traversal in PromptX. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7220 - OS Command Injection in FastlyMCP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7221 - Server-Side Request Forgery in CloudBase-MCP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7222 - Cross Site Scripting in Coaching Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7223 - Server-Side Request Forgery in HyperChat. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7224 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7225 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7226 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7227 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7228 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7229 - SQL Injection in Coaching Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7230 - Cross Site Scripting in Safety Anger Pad. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7233 - Out-of-Bounds Read in MuPDF. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7234 - Path Traversal in browser-operator-core. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7235 - Path Traversal in claude-agent-sdk-master. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7237 - Path Traversal in scaffold-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7238 - Unrestricted Upload in Online Music Site. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7249: a missing authorization in Location Weather – WordPress Weather For. Patched version and vendor advisory inside.
CVE-2026-7255 improper restriction of excessive authentication attempts in WRE6505 v2 firmware. Runnable upgrade commands and verification s
CVE-2026-7257 insecure storage of sensitive information in WRE6505 v2 firmware. Runnable upgrade commands and verification steps for sysadmi
CVE-2026-7258 is a out-of-bounds read in PHP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7261 is a use after free in PHP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7263 is a improper resource shutdown or release in PHP. Patched version, runnable upgrade commands, and how to verify the fix lande
CVE-2026-7264 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7265 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7266 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7267 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7268 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7269 - Cross Site Scripting in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this p
CVE-2026-7271 - Path Traversal in creative-ad-agent. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7272 - Path Traversal in matlab-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7281 - Cross Site Scripting in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this p
CVE-2026-7282 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7283 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7290 - SQL Injection in JeecgBoot. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7291 - Server-Side Request Forgery in o2oa. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7292 - Improper Authorization in o2oa. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7293 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7294 - Cross Site Scripting in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7295 - Cross Site Scripting in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7296 - Cross Site Scripting in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7297 - Cross Site Scripting in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7303 - Improper Control of Resource Identifiers in xxl-job. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7305 - Server-Side Request Forgery in xxl-job. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7306 - Use of Hard-coded Cryptographic Key in xxl-job. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7308 improper neutralization of input during web page generation (xss or 'cross-site in Nexus Repository. Runnable upgrade commands
CVE-2026-7309 - Untrusted Search Path in Red Hat OpenShift Container Platform 4. Runnable patch commands, mitigation, and verification on th
CVE-2026-7314 - Path Traversal in spire-doc-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7315 - Path Traversal in spire-pdf-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7316 - Command Injection in aider-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7318 - Path Traversal in mcp-project. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7319 - Path Traversal in execution-system-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7340 - Integer overflow in Chrome. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7375 - CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark. Runnable patch commands, mitigation, and verif
CVE-2026-7376 - CWE-476: NULL Pointer Dereference in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7378 - CWE-122: Heap-based Buffer Overflow in Wireshark. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7379 - CWE-401: Missing Release of Memory after Effective Lifetime in Wireshark. Runnable patch commands, mitigation, and verificat
CVE-2026-7382 - CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in PDKS. Runnable patch commands, mitigation, and verific
CVE-2026-7384 - Path Traversal in mcp-bases. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7386 - Path Traversal in mail-mcp-bridge. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7388 - Code Injection in EyouCMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7389 - SQL Injection in EyouCMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7390 - Cross Site Scripting in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this p
CVE-2026-7391 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7392 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7393 - Unrestricted Upload in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7394 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7396 - Path Traversal in hermes-agent. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7397 - Symlink Following in hermes-agent. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7398 - Path Traversal in BioinfoMCP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7400 - Path Traversal in filesystem-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7401 - Cross Site Scripting in CET Automated Grading System with AI Predictive Analytics. Runnable patch commands, mitigation, and
CVE-2026-7403 - Path Traversal in gel-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7404 - Relative Path Traversal in mcpo-simple-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7407 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7408 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7409 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7410 - SQL Injection in Pizzafy Ecommerce System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7416 - OS Command Injection in xcode-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7417 - Server-Side Request Forgery in xhs-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7423 - CWE-191: Integer Underflow (Wrap or Wraparound) in FreeRTOS-Plus-TCP. Runnable patch commands, mitigation, and verification
CVE-2026-7425 - CWE-125: Out-of-bounds Read in FreeRTOS-Plus-TCP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7426 - CWE-787: Out-of-bounds Write in FreeRTOS-Plus-TCP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7431 incorrect permission assignment for critical resource in Secure Access Client. Runnable upgrade commands and verification step
CVE-2026-7437 improper neutralization of input during web page generation ('cross-site scripti in AzonPost. Runnable upgrade commands and ve
CVE-2026-7439 - CWE-346: Origin Validation Error in AgentFlow. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7443 - OS Command Injection in mcp-dnstwist. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7445 - Path Traversal in ZMCPTools. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7446 - OS Command Injection in mcp-server-semgrep. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7447 - SQL Injection in Pet Grooming Management Software. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7457 improper neutralization of input during web page generation ('cross-site scripti in LatePoint – Calendar Booking Plugin for Ap
CVE-2026-7462 is a cross-site scripting (XSS) in VatanSMS WP SMS. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-7464 improper neutralization of input during web page generation ('cross-site scripti in WP Google Maps Integration. Runnable upgra
CVE-2026-7468 - Improper Access Controls in smart-admin. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7469 - Command Injection in 4G300. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7472 is a SQL injection in Read More & Accordion. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-7475 improper neutralization of input during web page generation ('cross-site scripti in Sky Addons – Elementor Addons with Widgets
CVE-2026-7500 - Direct Request ('Forced Browsing') in Red Hat Build of Keycloak. Runnable patch commands, mitigation, and verification on th
CVE-2026-7501 - Cross Site Scripting in LinkStack. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7502 - Authorization Bypass in LinkStack. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7505 - Improper Authorization in GoClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7506 - SQL Injection in Hotel Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7508 - Code Injection in CMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7509 is a cross-site scripting (XSS) in KIA Subtitle. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-7510 - Authorization Bypass in DefectDojo. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7518 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7519 - Path Traversal in LiveBOS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7525: a missing authorization in My Calendar – Accessible Event Manager. Patched version and vendor advisory inside.
CVE-2026-7535 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7536 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7541 allocation of resources without limits or throttling in Enterprise Server. Runnable upgrade commands and verification steps fo
CVE-2026-7545 - SQL Injection in Advanced School Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7549 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7550 - SQL Injection in Pharmacy Sales and Inventory System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7553 - SQL Injection in Gym Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7554 - Weak Password Recovery in M60. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7555 - SQL Injection in Electronic Judging System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7561 cross-site request forgery (csrf) in Tm – WordPress Redirection. Runnable upgrade commands and verification steps for sysadmin
CVE-2026-7562 is a cross-site request forgery (csrf) in WP-Redirection. Patched version, runnable upgrade commands, and how to verify the fi
CVE-2026-7563: a missing authorization in Classified Listing – AI-Powered Classifi. Patched version and vendor advisory inside.
CVE-2026-7568 is a integer overflow or wraparound in PHP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7572 is a off-by-one error in velociraptor. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7573 authorization bypass through user-controlled key in velociraptor. Runnable upgrade commands and verification steps for sysadmi
CVE-2026-7578 - Unrestricted Upload in MacCMS Pro. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7579 - Hard-coded Credentials in AstrBot. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7580 - Code Injection in Exiftool. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7581 - Permissive Cross-domain Policy with Untrusted Domains in MeTube. Runnable patch commands, mitigation, and verification on th
CVE-2026-7582 - Out-of-bounds Write in OpenImageIO. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7583 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7585 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7586 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7587 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7588 - Path Traversal in coding-standards-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7589 - Path Traversal in splunk-mcp-integration. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7590 - OS Command Injection in p_69_branch_monkey_mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7591 - SQL Injection in astro-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7592 - SQL Injection in Courier Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7593 - OS Command Injection in command-executor-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7594 - Path Traversal in mcp-game-asset-gen. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7595 - Code Injection in ui-ux-pro-max-skill. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7596 - Cross Site Scripting in ui-ux-pro-max-skill. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7597 - Deserialization in mem0. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7598 - Integer Overflow in libssh2. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7599 - Path Traversal in hwpx-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7600 - OS Command Injection in yii2-mcp-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7601 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7602 - Improper Authorization in JeecgBoot. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7603 - Server-Side Request Forgery in JeecgBoot. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7604 - Server-Side Request Forgery in JeecgBoot. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7605 - Server-Side Request Forgery in JeecgBoot. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7606 - Insufficient Verification of Data Authenticity in TEW-821DAP. Runnable patch commands, mitigation, and verification on this
CVE-2026-7608 - OS Command Injection in TEW-821DAP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7609 - OS Command Injection in TEW-821DAP. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7610 - Cleartext Transmission of Sensitive Information in TEW-821DAP. Runnable patch commands, mitigation, and verification on this
CVE-2026-7611 - Insufficient Verification of Data Authenticity in TEW-821DAP. Runnable patch commands, mitigation, and verification on this
CVE-2026-7612 - SQL Injection in Courier Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7615: a cross-site request forgery (CSRF) in Widget Context. Patched version and vendor advisory inside.
CVE-2026-7616 is a cross-site request forgery (csrf) in Zawgyi Embed. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-7619: a SQL injection in Charitable – Donation Plugin for WordPre. Patched version and vendor advisory inside.
CVE-2026-7626 exposure of sensitive information to an unauthorized actor in Slek Gateway for WooCommerce. Runnable upgrade commands and veri
CVE-2026-7627 - Path Traversal in metatrader-4-mcp. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7628 - Command Injection in mcp-code-review-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7629 - Command Injection in awesome-cursor-mpc-server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7630 - Improper Authentication in InnoShop. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7631 - Improper Authorization in Online Hospital Management System. Runnable patch commands, mitigation, and verification on this p
CVE-2026-7632 - SQL Injection in Online Hospital Management System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7633 - File Inclusion in N300RH. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7636: an information disclosure in Slider by Soliloquy – Responsive Image S. Patched version and vendor advisory inside.
CVE-2026-7638 - CWE-639 Authorization Bypass Through User-Controlled Key in App Builder – Create Native Android & iOS Apps On The Flight. Ru
CVE-2026-7642 - OS Command Injection in website-downloader. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7643 - Permissive Cross-domain Policy with Untrusted Domains in NextChat. Runnable patch commands, mitigation, and verification on
CVE-2026-7644 - Improper Authorization in NextChat. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7645 - Path Traversal in sublinear-time-solver. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7648: an insecure direct object reference (IDOR) in LearnPress – WordPress LMS Plugin for Cr. Patched version and vendor advisory i
CVE-2026-7650 improper neutralization of input during web page generation ('cross-site scripti in E2Pdf – Export Pdf Tool for WordPress. Run
CVE-2026-7652 weak password recovery mechanism for forgotten password in LatePoint – Calendar Booking Plugin for Appointments and Events. Ru
CVE-2026-7653 - OS Command Injection in mcp-server-rijksmuseum. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7659 improper neutralization of input during web page generation ('cross-site scripti in Advanced Social Media Icons. Runnable upgr
CVE-2026-7661 improper neutralization of input during web page generation ('cross-site scripti in Bootstrap Shortcode. Runnable upgrade comm
CVE-2026-7668 - Out-of-Bounds Read in RouterOS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7669 - Code Injection in SGLang. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7670 - SQL Injection in OA. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7671 - Improper Restriction of Excessive Authentication Attempts in Tornet Scooter Mobile App. Runnable patch commands, mitigation,
CVE-2026-7672 is a sql injection in youlai-boot. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7673 is a unrestricted upload in crmeb java. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7676 is a path traversal in FastBee. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7677 is a cross site scripting in FastBee. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7678 is a sql injection in yudao-cloud. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7679 is a improper authentication in yudao-cloud. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7680 - Path Traversal in COCO Annotator. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7681 - Authorization Bypass in COCO Annotator. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7682 - Command Injection in BR-6208AC. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7683 - Command Injection in BR-6428nC. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7686 - Improper Access Controls in Adblock Plus. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7687 - Command Injection in langflow. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7689 - Improper Verification of Cryptographic Signature in ERP CRM. Runnable patch commands, mitigation, and verification on this p
CVE-2026-7690 - Command Injection in WL-WN570HA1. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7691 - Command Injection in WL-WN570HA1. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7692 - Command Injection in WL-WN570HA1. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7694 - SQL Injection in ECEMS Enterprise Microgrid Energy Efficiency Management System. Runnable patch commands, mitigation, and ve
CVE-2026-7695 - SQL Injection in EEMS Enterprise Power Operation and Maintenance Cloud Platform. Runnable patch commands, mitigation, and ve
CVE-2026-7696 - Unrestricted Upload in EEMS Enterprise Power Operation and Maintenance Cloud Platform. Runnable patch commands, mitigation,
CVE-2026-7697 - SQL Injection in Hotel Broadband Operation System. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7698 - OS Command Injection in Easy7 Integrated Management Platform. Runnable patch commands, mitigation, and verification on this
CVE-2026-7699 - SQL Injection in MaxKey. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7700 - Code Injection in langflow. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7701 - NULL Pointer Dereference in Desktop. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7702 - Authorization Bypass in AFFiNE. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7703 - Code Injection in Pixera Two Media Server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7704 - Path Traversal in Pixera Two Media Server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7705 - Command Injection in JDCOS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7706 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7707 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7708 - Denial of Service in Open5GS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7709 - Improper Authorization in Calibre-Web. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7710 - Improper Authentication in yudao-cloud. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7711 - Unrestricted Upload in MindsDB. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7712 - Deserialization in MindsDB. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7713 is a improper authorization in Calibre-Web-Automated. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-7714 is a missing authentication in Calibre-Web-Automated. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-7715 is a path traversal in mcp-server-arangodb. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7716 is a sql injection in Gym Management System In PHP. Patched version, runnable upgrade commands, and how to verify the fix land
CVE-2026-7718 is a command injection in Wa300. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7720 is a command injection in Wa300. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7721 is a command injection in Wa300. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7722 is a improper authentication in prefect. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7723 is a missing authentication in prefect. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7725 is a argument injection in prefect. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7727 is a sql injection in PDM Product Data Management System. Patched version, runnable upgrade commands, and how to verify the fi
CVE-2026-7728 is a path traversal in mcp-rtfm. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7729 is a server-side request forgery in directus-mcp. Patched version, runnable upgrade commands, and how to verify the fix landed
CVE-2026-7730 is a os command injection in mcp-test-runner. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7731 is a sql injection in BloodBank Managing System. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7732 is a unrestricted upload in BloodBank Managing System. Patched version, runnable upgrade commands, and how to verify the fix l
CVE-2026-7733 is a unrestricted upload in funadmin. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7734 is a denial of service in GoBGP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7735 is a buffer overflow in GoBGP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7736 is a integer underflow in GoBGP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7737 is a out-of-bounds read in GoBGP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7738 is a path traversal in doc-tools-mcp. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7739 is a denial of service in tsMuxer. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7740 is a denial of service in tsMuxer. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7741 is a sql injection in Online Classroom. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7742 is a sql injection in Online Classroom. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7743 is a sql injection in Online Classroom. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7744 is a sql injection in Online Classroom. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7745 is a sql injection in Online Classroom. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7746 sql injection in Web-based Pharmacy Product Management System. Runnable upgrade commands and verification steps for sysadmins.
CVE-2026-7778 is a improper privilege management in Platform. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7779 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7780 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7781 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7782 is a authorization bypass in Perfex CRM. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7783 is a sql injection in Perfex CRM. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7784 is a path traversal in NagaAgent. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7785 is a os command injection in wireshark-mcp. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7788 is a path traversal in MCP-Docusaurus. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7798: a server-side request forgery (SSRF) in FluentCRM – Email Newsletter. Patched version and vendor advisory inside.
CVE-2026-7810 is a path traversal in python-notebook-mcp. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7811 is a path traversal in code-mcp. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7812 is a command injection in code-mcp. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7814 improper neutralization of input during web page generation ('cross-site scripti in pgAdmin 4. Runnable upgrade commands and v
CVE-2026-7817 files or directories accessible to external parties in pgAdmin 4. Runnable upgrade commands and verification steps for sysadmi
CVE-2026-7820 improper restriction of excessive authentication attempts in pgAdmin 4. Runnable upgrade commands and verification steps for s
CVE-2026-7822 is a sql injection in Courier Management System. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7824 insertion of sensitive information into log file in PaperCut Hive. Runnable upgrade commands and verification steps for sysadm
CVE-2026-7844 is a missing authentication in Langchain-Chatchat. Patched version, runnable upgrade commands, and how to verify the fix lande
CVE-2026-7864 exposure of sensitive system information to an unauthorized control sphere in Secure Email Gateway. Runnable upgrade commands
CVE-2026-7879 is a missing authorization in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-7881: an insecure direct object reference (IDOR) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-7904 is a out of bounds read in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7910 is a use after free in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7912 is a integer overflow in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7915 is a improper input validation in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7924 is a uninitialized use in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7931 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7932 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7933 is a out of bounds read in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7934 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7935 user interface (ui) misrepresentation of critical information in Chrome. Runnable upgrade commands and verification steps for
CVE-2026-7936 is a out-of-bounds read in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7939 improper neutralization of input during web page generation ('cross-site scripti in Chrome. Runnable upgrade commands and veri
CVE-2026-7941 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7942 is a integer overflow in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7943 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7946 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7947 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7950 is a out-of-bounds read in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7952 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7953 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7955 is a uninitialized use in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7958 improper neutralization of input during web page generation ('cross-site scripti in Chrome. Runnable upgrade commands and veri
CVE-2026-7960 is a race in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7961 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7962 is a insufficient policy enforcement in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7964 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7969 is a integer overflow in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7971 is a improper privilege management in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7972 is a uninitialized use in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7977 is a improper privilege management in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7979 is a origin validation error in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7982 is a uninitialized use in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7983 is a out of bounds read in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7986 is a origin validation error in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7989 is a improper input validation in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7993 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7996 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7998 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7999 exposure of sensitive information to an unauthorized actor in Chrome. Runnable upgrade commands and verification steps for sys
CVE-2026-8003 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-8004 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8005 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-8006 user interface (ui) misrepresentation of critical information in Chrome. Runnable upgrade commands and verification steps for
CVE-2026-8008 user interface (ui) misrepresentation of critical information in Chrome. Runnable upgrade commands and verification steps for
CVE-2026-8009 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8010 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-8011 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8012 improper neutralization of input during web page generation ('cross-site scripti in Chrome. Runnable upgrade commands and veri
CVE-2026-8013 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-8014 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8015 user interface (ui) misrepresentation of critical information in Chrome. Runnable upgrade commands and verification steps for
CVE-2026-8019 user interface (ui) misrepresentation of critical information in Chrome. Runnable upgrade commands and verification steps for
CVE-2026-8020 is a uninitialized use in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8021 is a script injection in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8026 is a information disclosure in Flowise. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8027 is a authorization bypass in Flowise. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8028 is a information disclosure in Flowise. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8031 is a missing authentication in e-Clinic Healthcare System ECHS. Patched version, runnable upgrade commands, and how to verify
CVE-2026-8032 is a hard-coded credentials in e-Clinic Healthcare System ECHS. Patched version, runnable upgrade commands, and how to verify
CVE-2026-8033 is a information disclosure in e-Clinic Healthcare System ECHS. Patched version, runnable upgrade commands, and how to verify
CVE-2026-8038 is a cross-site scripting (XSS) in Faces of Users. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-8052 improper link resolution before file access (link following) in Shared library. Runnable upgrade commands and verification ste
CVE-2026-8080 improper neutralization of input during web page generation (xss or 'cross-site in misp. Runnable upgrade commands and verific
CVE-2026-8081 is a server-side request forgery in CLIProxyAPI. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8083 is a sql injection in Pharmacy Sales and Inventory System. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-8084 is a out-of-bounds read in gdal. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8086 is a heap-based buffer overflow in gdal. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8087 is a heap-based buffer overflow in gdal. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8088 is a out-of-bounds read in gdal. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8096: a missing authorization in Kirki – Freeform Page Builder. Patched version and vendor advisory inside.
CVE-2026-8097 is a sql injection in Online Classroom. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8098 is a sql injection in Feedback System. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8106 improper neutralization of input during web page generation ('cross-site scripti in Enterprise Server. Runnable upgrade comman
CVE-2026-8109 is a exposed dangerous method or function in Endpoint Manager. Patched version, runnable upgrade commands, and how to verify t
CVE-2026-8112 is a os command injection in MiniClaw. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8113 is a path traversal in MiniClaw. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8114 is a sql injection in JeecgBoot. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8115 is a path traversal in short-video-maker. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8116 is a path traversal in xiaozhi-mcphub. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8117 is a cross site scripting in Pizzafy Ecommerce System. Patched version, runnable upgrade commands, and how to verify the fix l
CVE-2026-8119 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8120 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8121 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8122 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8123 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8124 is a allocation of resources in Gpac. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8125 is a sql injection in Simple Chat System. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8126 is a sql injection in Comment System. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8127 is a improper access controls in eladmin. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8128 is a sql injection in SUP Online Shopping. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8129 is a sql injection in SUP Online Shopping. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8130 is a sql injection in SUP Online Shopping. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8131 is a sql injection in SUP Online Shopping. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8132 is a sql injection in Leave Management System. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8133 is a sql injection in FilePress. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8136 cross site scripting in Pharmacy Sales and Inventory System. Runnable upgrade commands and verification steps for sysadmins.
CVE-2026-8142 is a insufficient verification of data authenticity in Vince. Patched version, runnable upgrade commands, and how to verify th
CVE-2026-8144 is a missing authorization in GitLab. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8149 is a security vulnerability in Bc-Lts. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8185 is a missing authentication in Cm933. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8186 is a out-of-bounds read in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8187 is a resource consumption in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8188 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8189 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8190 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8191 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8192 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8193 is a server-side request forgery in Akaunting. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8194 is a cross-site request forgery in osTicket. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8195 is a cross site scripting in JeecgBoot. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8196 is a authorization bypass in JeecgBoot. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8198 exposure of sensitive information to an unauthorized actor in Activity Logs, User Activity Tracking, Multisite Activity Log fr
CVE-2026-8200 is an information disclosure in MongoDB Server. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-8201 is an use-after-free in MongoDB Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8202 is a denial of service in MongoDB Server. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-8204: an insecure direct object reference (IDOR) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8205 is a path traversal in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8209 is a relative path traversal in gibbon. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8210 is a command injection in tgpt. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8211 is a code injection in Fess. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8212 is a heap-based buffer overflow in gdal. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8213 is a heap-based buffer overflow in gdal. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8214 is a improper authentication in Canias ERP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8215 is a path traversal in Canias ERP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8216 is a improper authentication in Canias ERP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8217 is a os command injection in Canias ERP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8218 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8219 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8220 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8221 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8222 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8223 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8224 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8225 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8226 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8227 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8228 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8229 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8230 is a os command injection in Nu516U1. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8231 is a sql injection in Online Catering Ordering System. Patched version, runnable upgrade commands, and how to verify the fix l
CVE-2026-8232 is a denial of service in XproUPF. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8235 is a os command injection in MiniClaw. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8236 is a missing authorization in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-8237 is a missing authorization in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-8238 is a missing authorization in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-8239 is a missing authorization in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-8240 is an access control bypass in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-8241 is a improper authorization in Canias ERP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8242 is a observable response discrepancy in Canias ERP. Patched version, runnable upgrade commands, and how to verify the fix land
CVE-2026-8243 is a use of hard-coded cryptographic key in Canias ERP. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-8244 is a improper authentication in Canias ERP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8245 is a vulnerability in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8248 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8249 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8250 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8251 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8252 is a null pointer dereference in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8253 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8254 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8255 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8256 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8257 is a reachable assertion in Binaryen. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8258 is a stack-based buffer overflow in Squirrel. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8259 is a os command injection in AC6. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8261 is a heap-based buffer overflow in Squirrel. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8262 is a cross site scripting in ERP Online. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8263 is a os command injection in AC6. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8264 is a os command injection in AC6. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8265 is a os command injection in AC6. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8266 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8267 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8268 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8269 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8270 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8271 is a os command injection in Dns-320. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8272 is a os command injection in Dns-320. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8273 is a os command injection in Dns-320. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8274 is a path traversal in cramfs-tools. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8275 is a integer coercion error in bettercap. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8276 is a integer coercion error in bettercap. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8280 is a denial of service in GitLab. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8288 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8289 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8290 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8291 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8292 is a denial of service in Open5GS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8295 is a vulnerability in simdjson. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8305 is a improper authentication in OpenClaw. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8318 is a infinite loop in PageIndex. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8319 is a resource consumption in agents. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8320 is a server-side request forgery in jshERP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8321 is a authentication bypass using alternate channel in agents. Patched version, runnable upgrade commands, and how to verify th
CVE-2026-8327 is a vulnerability in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8328 is a server-side request forgery (SSRF) in CPython. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-8337: an insecure direct object reference (IDOR) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8344 is a command injection in Dir-816. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8345 is a command injection in Dir-816. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8346 is a command injection in Dir-816. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8349 is a memory corruption in amf. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8367 is an authentication bypass in aria2c. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8368 is a insufficiently protected credentials in LWP::UserAgent. Patched version, runnable upgrade commands, and how to verify the
CVE-2026-8369 is an improper input validation in OpenThread. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-8381 is a missing authorization in DEX (On-premises). Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8388 improper restriction of operations within the bounds of a memory buffer in Firefox. Runnable upgrade commands and verification
CVE-2026-8391 is a improper input validation in Firefox. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8407 is a missing authorization in Server. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8418: a cross-site request forgery (CSRF) in Games Catalog. Patched version and vendor advisory inside.
CVE-2026-8419: a cross-site request forgery (CSRF) in Amazon Scraper. Patched version and vendor advisory inside.
CVE-2026-8420: a cross-site request forgery (CSRF) in BLOGCHAT Chat System. Patched version and vendor advisory inside.
CVE-2026-8423: a cross-site request forgery (CSRF) in JaviBola Custom Theme Test. Patched version and vendor advisory inside.
CVE-2026-8424: a cross-site request forgery (CSRF) in Remove Yellow BGBOX. Patched version and vendor advisory inside.
CVE-2026-8425 is a cross-site request forgery (CSRF) in Notify Odoo. Verified patched version, official vendor advisory, and how to confirm
CVE-2026-8485 is an OS command injection in MOVEit Automation. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8486 is a denial of service in MOVEit Automation. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-8487 is a vulnerability in MOVEit Automation. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-8488 is a denial of service in MOVEit Automation. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-8605 is a cross-site scripting (XSS) in ScadaBR. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-8610: a missing authorization in TypeSquare Webfonts for ConoHa. Patched version and vendor advisory inside.
CVE-2026-8624: a cross-site scripting (XSS) in LJ comments import: reloaded. Patched version and vendor advisory inside.
CVE-2026-8626 is a cross-site scripting (XSS) in SponsorMe. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-8627 is a cross-site scripting (XSS) in Correct Prices. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-8656 is a cross-site scripting (XSS) in jsondiffpatch. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-8672 is a default credentials in Avantra. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8673 is a path traversal in Avantra. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8681 is a missing authorization in Essential Chat Support. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-8684 is a missing authorization in MotoPress Hotel Booking. Verified patched version, official vendor advisory, and how to confirm
CVE-2026-8685 is a SQL injection in Infility Global. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8692: a missing authorization in Vedrixa Forms – User Registration Form. Patched version and vendor advisory inside.
CVE-2026-8723 is a denial of service in qs. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8724 is a SQL injection in Dataease. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8725 is a server-side request forgery (SSRF) in CAAL. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8728 is a vulnerability in Open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8729 is a vulnerability in Open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8730 is a vulnerability in Open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8731 is a vulnerability in Open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8733 is a stack-based buffer overflow in SlimPDFReader. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-8734 is a SQL injection in Pamirs. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8735 is an unsafe deserialization in Pamirs. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8737 is an authentication bypass in PublicCMS. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-8738 is a vulnerability in PublicCMS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8739 is a hard-coded credentials in PublicCMS. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-8740 is a server-side template injection in PublicCMS. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-8743 is an access control bypass in Open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8744 is a vulnerability in Open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8745 is a vulnerability in Open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8746 is an use-after-free in Open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8747 is an access control bypass in Z-BlogPHP. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-8750 is an information disclosure in h2o-3. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8751 is an unsafe deserialization in h2o-3. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8752 is an access control bypass in h2o-3. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8753 is an OS command injection in Kodbox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8754 is a path traversal in AstrBot. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8755 is a path traversal in Bert-VITS2. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8756 is a path traversal in Bert-VITS2. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8757 is a path traversal in hive. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8758 is an unrestricted file upload in MetaCRM. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-8759 is a vulnerability in beetl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8765 is a path traversal in kilocode. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8766 is an information disclosure in kilocode. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-8768 is a server-side request forgery (SSRF) in ai. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-8769 is a vulnerability in ai. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8770 is a path traversal in continue. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8771 is a SQL injection in litemall. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8772 is a SQL injection in litemall. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8773 is a vulnerability in litemall. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8774 is an OS command injection in BR-6228NC. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-8777 is an OS command injection in BR-6428NS. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-8779 is a memory corruption in amf. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8780 is a memory corruption in amf. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8781 is a denial of service in amf. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8782 is a denial of service in amf. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8783 is a denial of service in amf. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8784 is a vulnerability in cramfs-tools. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8785: a SQL injection in hospital-management-system-in-php. Patched version and vendor advisory inside.
CVE-2026-8786: an insecure direct object reference (IDOR) in WeKnora. Patched version and vendor advisory inside.
CVE-2026-8802 is a path traversal in Open Source Point of Sale. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-8803 is a vulnerability in Open Source Point of Sale. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8814 is a vulnerability in exifreader. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8830 is a vulnerability in Red Hat Build of Keycloak. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8922 is a vulnerability in Red Hat Build of Keycloak. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8997 is a path traversal in vifm. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9053 is a vulnerability in 9front. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9056: a cross-site scripting (XSS) in Talend Administration Center. Patched version and vendor advisory inside.
CVE-2026-9084 is an authentication bypass in misp. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9087: an insecure direct object reference (IDOR) in Red Hat Build of Keycloak. Patched version and vendor advisory inside.
CVE-2026-9100 is an access control bypass in C Driver. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-9101 is a vulnerability in Compass. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9104 is a cross-site scripting (XSS) in Draft List. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-9137 is a vulnerability in misp. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9149 is a path traversal in Red Hat Enterprise Linux 10. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-9150: a stack-based buffer overflow in Red Hat Enterprise Linux 10. Patched version and vendor advisory inside.
CVE-2026-0102 is a vulnerability in Microsoft Edge (Chromium-based). Verified patched version, official vendor advisory, and how to confirm
CVE-2026-0115 is a information disclosure in Google Android. CVSS 2.1 Low. Patch commands, mitigations, and verification.
CVE-2026-0121 is a information disclosure in Google Android. CVSS 2.9 Low. Patch commands, mitigations, and verification.
CVE-2026-0228 is a code injection in Cloud NGFW. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0233 is a cwe-295: improper certificate validation in Autonomous Digital Experience Manager. This page lists verified fix commands
CVE-2026-0238 is an improper input validation in Broker VM. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-0396 is a html injection in the web dashboard in Powerdns DNSdist. CVSS 3.1 Low. Patch commands, mitigations, and verification.
CVE-2026-0397 is a information disclosure via cors misconfiguration in Powerdns DNSdist, fixed by the same patch as CVE-2026-0396.
CVE-2026-0403 is an improper input validation in RBR750. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-0428 is an access control bypass in AMD Instinct™ MI300A. Verified patched version, official vendor advisory, and how to confirm th
CVE-2026-0504 is a code injection in SAP Identity Management. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-0510 is a vulnerability in NW AS Java UME User Mapping. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-0520 is a cwe-532: insertion of sensitive information into log file in Lenovo FileZ. CVSS 2.4 Low. Patch commands, mitigations, and
CVE-2026-0633 is an authentication bypass in MetForm – Contact Form. Verified patched version, official vendor advisory, and how to confirm
CVE-2026-0639 is a liteos_a has a missing release of memory in OpenHarmony. CVSS 3.3 Low. Patch commands, mitigations, and verification.
CVE-2026-0682 is a vulnerability in Church Admin. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0819 is a cwe-121: stack-based buffer overflow in wolfSSL. CVSS 2.2 Low. Patch commands, mitigations, and verification.
CVE-2026-0849: crypto: ATAES132A response length allows stack buffer overflow in Zephyr. Patch commands and verification.
CVE-2026-0872: a code injection in SafeNet Agent for Windows Logon. Patched version and vendor advisory inside.
CVE-2026-0925 is an access control bypass in Discover. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-0930 is a buffer over-read in wolfSSH. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-0965: an arbitrary file read in Red Hat Enterprise Linux 10. Patched version and vendor advisory inside.
CVE-2026-0967 is a vulnerability in Red Hat Enterprise Linux 10. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-0968 is a vulnerability in Red Hat Enterprise Linux 10. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-0976: an improper input validation in Red Hat Build of Keycloak. Patched version and vendor advisory inside.
CVE-2026-0988 is a vulnerability in Red Hat Hardened Images. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-0989 is a vulnerability in Red Hat Hardened Images. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-0992 is a vulnerability in Red Hat Hardened Images. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-0995 is a cwe-362 concurrent execution using shared resource with improper synchronization ('race condition') in Arm C1 Pro. This p
CVE-2026-1005 is a cwe-191 integer underflow (wrap or wraparound) in wolfSSL. CVSS 2.1 Low. Patch commands, mitigations, and verification.
CVE-2026-1035 is a vulnerability in Red Hat build of Keycloak 26.4. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-1190 is a vulnerability in Red Hat build of Keycloak 26.4. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-1195 is a vulnerability in MineAdmin. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1196 is an information disclosure in MineAdmin. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-1197 is an information disclosure in MineAdmin. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-1225 is an improper input validation in Logback-core. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-1229 is a cwe-682 incorrect calculation in Cloudflare CIRCL. This page lists the verified fix and inline mitigations.
CVE-2026-1237 is a vulnerability in juju. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1272 - CWE-613 Insufficient Session Expiration in Guardium Data Protection. Runnable patch commands, mitigation, and verification o
CVE-2026-1282 is a vulnerability in GitLab. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1337 is a vulnerability in Enterprise Edition. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-1407 is an information disclosure in 777VR1. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1408 is a vulnerability in 777VR1. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1409 is a vulnerability in 777VR1. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1471 is a caching of authentication context in Neo4j Enterprise edition. CVSS 2.1 Low. Patch commands, mitigations, and verificatio
CVE-2026-1485 is a vulnerability in Red Hat Enterprise Linux 10. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-1497: Incorrect privilege assignment in composite databases in Enterprise Edition. Patch commands and verification.
CVE-2026-1518 is a vulnerability in Red Hat Build of Keycloak. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-1524: Auth misconfiguration when multiple providers enabled in Enterprise Edition. Patch commands and verification.
CVE-2026-1582: an information disclosure in WP All Export – Drag & Drop Export to An. Patched version and vendor advisory inside.
CVE-2026-1694 is a cwe-201 insertion of sensitive information into sent data in arcinfo PcVue. This page lists the verified fix and inline m
CVE-2026-1696 is a cross-site scripting in arcinfo PcVue. This page lists the verified fix and inline mitigations.
CVE-2026-1703 is a path traversal in pip. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1735 is an OS command injection in MeetingBar A30. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-1743 is a code injection in Mavic Mini. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1751 is a vulnerability in GitLab. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1762 is a path traversal in Enervista. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1791: an unrestricted file upload in Operation and Maintenance Security Gatew. Patched version and vendor advisory inside.
CVE-2026-1831: a vulnerability in YayMail – WooCommerce Email Customizer. Patched version and vendor advisory inside.
CVE-2026-1892 is an access control bypass in WeKan. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1966 is a path traversal in YugabyteDB Anywhere. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-2010 is an access control bypass in PublicCMS. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-20137 is a path traversal in Splunk Enterprise. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-20730 is an information disclosure in BIG-IP Edge Client. Verified patched version, official vendor advisory, and how to confirm th
CVE-2026-20732 is a vulnerability in BIG-IP. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20757 is a cwe-667 improper locking in Gallagher Command Centre Server. This page lists the verified fix and inline mitigations.
CVE-2026-20796 is a vulnerability in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20969 is a vulnerability in Samsung Mobile Devices. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-20975 is a vulnerability in Samsung Cloud. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21249 is an arbitrary file read in Windows 10 Version 1607. Verified patched version, official vendor advisory, and how to confirm
CVE-2026-21295: Adobe Commerce | URL Redirection to Untrusted Site ('Open Redirect') (CWE-601) in Adobe Commerce. Patch commands and verific
CVE-2026-21388 is an allocation of resources without limits in Mattermost. This page lists verified fix commands and short-term mitigations
CVE-2026-21422 is a external control of system or configuration setting in Dell PowerScale OneFS. This page lists the verified fix and inlin
CVE-2026-21429 is a vulnerability in emlog. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21431 is a vulnerability in emlog. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21439 is a vulnerability in badkeys. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21443 is a improper encoding or escaping of output in openemr openemr. This page lists the verified fix and inline mitigations.
CVE-2026-21619 is a denial of service via resource consumption in hexpm hex_core. This page lists the verified fix and inline mitigations.
CVE-2026-21620 is a relative path traversal in Erlang OTP. This page lists the verified fix and inline mitigations.
CVE-2026-21640 is a format string vulnerability in Revive Adserver. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-21674 is a vulnerability in iccDEV. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21715 is a vulnerability in node. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21716 is a vulnerability in node. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21725 is a cwe-367 time-of-check time-of-use (toctou) race condition in Grafana Grafana. This page lists the verified fix and inlin
CVE-2026-21727 is an incorrect permission assignment in Grafana Correlations. This page lists verified fix commands and short-term mitigatio
CVE-2026-21741 is an execute unauthorized code or commands in FortiNAC-F. This page lists verified fix commands and short-term mitigations y
CVE-2026-21786 is a log exposure of sensitive info in HCLSoftware Sametime for iOS. This page lists the verified fix and inline mitigations.
CVE-2026-21791: HCL Sametime for Android is affected by sensitive information disclosure in Sametime. Patch commands and verification.
CVE-2026-21889 is an access control bypass in weblate. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-21895 is a vulnerability in RSA. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21930: a vulnerability in Oracle ZFS Storage Appliance Kit. Patched version and vendor advisory inside.
CVE-2026-21947 is a vulnerability in Oracle Java SE. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21965 is a vulnerability in MySQL Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21977: a vulnerability in Oracle Zero Data Loss Recovery Appliance. Patched version and vendor advisory inside.
CVE-2026-21996 - An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer D
CVE-2026-22001 - Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise M
CVE-2026-22007 - Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, O
CVE-2026-22008 - Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
CVE-2026-22014 - Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User Man
CVE-2026-22018 - Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
CVE-2026-22041 is a vulnerability in loggingredactor. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22051 is an information disclosure in StorageGRID (formerly StorageGRID Webscale). This page lists verified fix commands and short-
CVE-2026-22210: wpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Attachment URLs in wpDiscuz. Patch commands and verification.
CVE-2026-22213 is a stack-based buffer overflow in RIOT OS. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-22250 is a code injection in wlc. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22261 is a vulnerability in suricata. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22281 is a vulnerability in PowerScale OneFS. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-2239 is a vulnerability in Red Hat Enterprise Linux 7. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-22545 is a password change bypass via auth switch endpoint in Mattermost. CVSS 3.1 Low. Patch commands, mitigations, and verificati
CVE-2026-22602 is an information disclosure in openproject. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-22611 is an improper input validation in aws-sdk-net. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-22629 is a improper access control in Fortinet FortiAnalyzer. CVSS 3.4 Low. Patch commands, mitigations, and verification.
CVE-2026-22690 is a vulnerability in pypdf. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22691 is a vulnerability in pypdf. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22706 is a vulnerability in strapi. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2271: an out-of-bounds write in Red Hat Enterprise Linux 6. Patched version and vendor advisory inside.
CVE-2026-22710 is a vulnerability in Mediawiki - Wikibase Extension. Verified patched version, official vendor advisory, and how to confirm
CVE-2026-22712: a vulnerability in Mediawiki - ApprovedRevs Extension. Patched version and vendor advisory inside.
CVE-2026-22713: a vulnerability in Mediawiki - GrowthExperiments Extension. Patched version and vendor advisory inside.
CVE-2026-22714 is a vulnerability in Mediawiki - Monaco Skin. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-22717 is a out-of-bounds read in VMware Workstation. This page lists the verified fix and inline mitigations.
CVE-2026-22735 is a server sent event stream corruption in Spring Foundation. CVSS 2.6 Low. Patch commands, mitigations, and verification.
CVE-2026-22741 - CWE-524 Information Exposure Through Caching in Spring Framework. Runnable patch commands, mitigation, and verification on
CVE-2026-22746 - User Attribute Enumeration when Using DaoAuthenticationProvider in Spring Security. Runnable patch commands, mitigation, an
CVE-2026-22760 is a improper check for unusual or exceptional conditions in Dell Device Management Agent (DDMA). This page lists the verifie
CVE-2026-22782 is a vulnerability in rustfs. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22784 is an access control bypass in Lychee. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22800 is a vulnerability in PILOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22805 is a vulnerability in metabase. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22866 is a improper verification of cryptographic signature in ensdomains ens-contracts. This page lists the verified fix and inlin
CVE-2026-22877 is a path traversal in Copeland Copeland XWEB 300D PRO. This page lists the verified fix and inline mitigations.
CVE-2026-22885 is a path traversal in SmartServer IoT. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-22894 is a path traversal in File Station 5. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22895 is a vulnerability in QuFTP Service. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2290 is a vulnerability in Post Affiliate Pro. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-22919 is a vulnerability in TDC-X401GL. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2345 is a vulnerability in Secure Exam Proctor Extension. Verified patched version, official vendor advisory, and how to confirm th
CVE-2026-23497 is a vulnerability in lms. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23522 is an access control bypass in lobe-chat. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-2366: Authorization Bypass Through User-Controlled Key in Red Hat build of Keycloak 26.4. Patch commands and verification.
CVE-2026-23686: a vulnerability in SAP NetWeaver Application Server Java. Patched version and vendor advisory inside.
CVE-2026-23738 is a vulnerability in asterisk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23739 is a XML external entity (XXE) in asterisk. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-23749 is a improper null termination in Golioth Firmware SDK. This page lists the verified fix and inline mitigations.
CVE-2026-23833 is a vulnerability in esphome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23847 is a vulnerability in siyuan. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23859 is a client-side enforcement of server-side security in Dell Wyse Management Suite. This page lists the verified fix and inli
CVE-2026-23901 is a vulnerability in Apache Shiro. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23983 is a information exposure in Apache Software Foundation Apache Superset. This page lists the verified fix and inline mitigati
CVE-2026-23996 is a vulnerability in fastapi-api-key. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23999 is a use of insufficiently random values in fleetdm fleet. This page lists the verified fix and inline mitigations.
CVE-2026-24001 is a vulnerability in jsdiff. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24004 is a missing authorization in fleetdm fleet. This page lists the verified fix and inline mitigations.
CVE-2026-2401 is an insertion of sensitive information into log in PowerChute™ Serial Shutdown. This page lists verified fix commands and sh
CVE-2026-24048 is a vulnerability in backstage. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24050 is a vulnerability in zulip. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24122 is a code injection in cosign. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24130 is a vulnerability in moonraker. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24140 is a vulnerability in MyTube. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2419 is a path traversal in WP-DownloadManager. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-24310: Missing Authorization check in SAP NetWeaver Application Server for ABAP in SAP NetWeaver Application Server for ABAP. Patch
CVE-2026-24320: a vulnerability in SAP NetWeaver and ABAP Platform (Applica. Patched version and vendor advisory inside.
CVE-2026-24439 is a vulnerability in W30E V2. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24508: CWE-295: Improper Certificate Validation in Alienware Command Center (AWCC). Patch commands and verification.
CVE-2026-24509 is a cwe-284: improper access control in Dell Alienware Command Center (AWCC). CVSS 3.6 Low. Patch commands, mitigations, and
CVE-2026-24513 is a denial of service in ingress-nginx. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-24515 is a vulnerability in libexpat. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24641 is a denial of service in Fortinet FortiWeb. CVSS 2.5 Low. Patch commands, mitigations, and verification.
CVE-2026-24661 is an allocation of resources without limits in Mattermost. This page lists verified fix commands and short-term mitigations
CVE-2026-2475 is a url redirection to untrusted site ('open redirect') in IBM Verify Identity Access Container, fixed by the same patch as C
CVE-2026-24764 is a vulnerability in clawdbot. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24870 is an information disclosure in ixray-1.6-stcop. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-24883 is a vulnerability in GnuPG. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25046 is an OS command injection in kimi-agent-sdk. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-25050 is an information disclosure in vendure. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-25110 is a denial of service in OpenHarmony. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25149 is a vulnerability in qwik. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25211 is a vulnerability in Llama Stack. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25221 is a vulnerability in PolarLearn. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25224 is an OS command injection in fastify. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25423 is a vulnerability in Real 3D FlipBook. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-25491 is a vulnerability in cms. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2555 is an unsafe deserialization in JeecgBoot. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-25608 is an information disclosure in STER. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25674 is a concurrent execution using shared resource with improper synchronization ('race condition') in djangoproject Django. Thi
CVE-2026-25724 is a vulnerability in claude-code. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25729 is an access control bypass in DeepAudit. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-25764 is a vulnerability in openproject. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25815 is a code injection in FortiOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25884 is a out-of-bounds read in Exiv2 exiv2. This page lists the verified fix and inline mitigations.
CVE-2026-25963 is a incorrect authorization in fleetdm fleet. This page lists the verified fix and inline mitigations.
CVE-2026-26013 is a vulnerability in langchain. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26031 is an access control bypass in lms. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26059 is a vulnerability in CRM. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26228 is a path traversal in VideoLAN VLC for Android. This page lists the verified fix and inline mitigations.
CVE-2026-26230 is a team admin privilege escalation to demote members to guest in Mattermost. CVSS 3.8 Low. Patch commands, mitigations, and
CVE-2026-2655 is an use-after-free in ChaiScript. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2656 is an use-after-free in ChaiScript. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2671 is a cleartext transmission of sensitive information in Mendi Neurofeedback Headset. This page lists the verified fix and inli
CVE-2026-26883 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26884 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26885 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26886 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26887 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26888 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26889 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26890 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26891 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26892 is a SQL injection in n/a n/a. This page lists the verified fix and inline mitigations.
CVE-2026-26958 is a vulnerability in filippo.io/edwards25519. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-26961 is a rack: multipart boundary parsing ambiguity allowing waf bypass in rack. CVSS 3.7 Low. Patch commands, mitigations, and v
CVE-2026-26964 is an information disclosure in windmill. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-26997 is a cross-site scripting in MacWarrior clipbucket-v5. This page lists the verified fix and inline mitigations.
CVE-2026-27017 is a vulnerability in utls. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2702 is a hard-coded credentials in 777VR1. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2708 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in Red Hat Enterprise Linux 10. Runnable pa
CVE-2026-27139 is a security vulnerability in Go standard library os. This page lists the verified fix and inline mitigations.
CVE-2026-27150 is a missing authorization in discourse discourse. This page lists the verified fix and inline mitigations.
CVE-2026-27151 is a missing authorization in discourse discourse. This page lists the verified fix and inline mitigations.
CVE-2026-27152 is a improper access control in discourse discourse. This page lists the verified fix and inline mitigations.
CVE-2026-27153 is a incorrect authorization in discourse discourse. This page lists the verified fix and inline mitigations.
CVE-2026-27154 is a cross-site scripting in discourse discourse. This page lists the verified fix and inline mitigations.
CVE-2026-27171 is an access control bypass in zlib. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-27183 is an access control bypass in OpenClaw. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-27205 is a use of cache containing sensitive information in pallets flask. This page lists the verified fix and inline mitigations.
CVE-2026-27307 is a denial of service in ColdFusion. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-27308 is a denial of service in ColdFusion. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-27316 is an information disclosure in FortiSandbox. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-2733: an access control bypass in Red Hat build of Keycloak 26.4. Patched version and vendor advisory inside.
CVE-2026-2741 is a zip slip path traversal on node unpack in vaadin. CVSS 2.3 Low. Patch commands, mitigations, and verification.
CVE-2026-27448 is a cwe-636: not failing securely ('failing open') in Pyca pyopenssl. CVSS 1.7 Low. Patch commands, mitigations, and verific
CVE-2026-27465 is a insertion of sensitive information into sent data in fleetdm fleet. This page lists the verified fix and inline mitigati
CVE-2026-27467 is a information exposure in bigbluebutton bigbluebutton. This page lists the verified fix and inline mitigations.
CVE-2026-27484 is a missing authorization in openclaw openclaw. This page lists the verified fix and inline mitigations.
CVE-2026-27524: OpenClaw < 2026.2.21 - Prototype Pollution via Debug Override Path in OpenClaw. Patch commands and verification.
CVE-2026-2756 is an authentication bypass in NeoRhythm. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-27596 is a out-of-bounds read in Exiv2 exiv2. This page lists the verified fix and inline mitigations.
CVE-2026-27628 is a loop with unreachable exit condition ('infinite loop') in py-pdf pypdf. This page lists the verified fix and inline miti
CVE-2026-27631 is a uncaught exception in Exiv2 exiv2. This page lists the verified fix and inline mitigations.
CVE-2026-27632 is a CSRF in Talishar Talishar. This page lists the verified fix and inline mitigations.
CVE-2026-27675 is a code injection in SAP Landscape Transformation. This page lists verified fix commands and short-term mitigations you can
CVE-2026-27680: a vulnerability in SAP NetWeaver Application Server ABAP. Patched version and vendor advisory inside.
CVE-2026-27769 is a missing authorization in Mattermost. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-27781 is a vulnerability in OpenHarmony. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-27820 is a cwe-120: buffer copy without checking size in zlib. This page lists verified fix commands and short-term mitigations you
CVE-2026-27838 is a authorization bypass through user-controlled key in wger-project wger. This page lists the verified fix and inline mitig
CVE-2026-27860 is a vulnerability in OX Dovecot Pro. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-27937 - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in october. Runnable patch com
CVE-2026-27942 is a buffer overflow in NaturalIntelligence fast-xml-parser. This page lists the verified fix and inline mitigations.
CVE-2026-27945 is a SSRF in zitadel zitadel. This page lists the verified fix and inline mitigations.
CVE-2026-27949: Plane Exposes User Email (PII and part of credential) in GET Parameter in plane. Patch commands and verification.
CVE-2026-27964 is a cross-site scripting (XSS) in facturascripts. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-27977: Next.js: null origin can bypass dev HMR websocket CSRF checks in next.js. Patch commands and verification.
CVE-2026-28196 is a cwe-459 in JetBrains TeamCity. This page lists the verified fix and inline mitigations.
CVE-2026-28219 is a improperly controlled modification of dynamically-determined object attributes in discourse discourse. This page lists t
CVE-2026-28227 is a incorrect authorization in discourse discourse. This page lists the verified fix and inline mitigations.
CVE-2026-28264: CWE-732: Incorrect Permission Assignment for Critical Resource in PowerProtect Agent. Patch commands and verification.
CVE-2026-28282 is a cwe-863: incorrect authorization in discourse. CVSS 2.3 Low. Patch commands, mitigations, and verification.
CVE-2026-28355 is a cross-site scripting in thinkst canarytokens. This page lists the verified fix and inline mitigations.
CVE-2026-28358 is a observable response discrepancy in nocodb nocodb. This page lists the verified fix and inline mitigations.
CVE-2026-28360 is a plaintext credential storage in nocodb nocodb. This page lists the verified fix and inline mitigations.
CVE-2026-28422 is a stack buffer overflow in vim vim. This page lists the verified fix and inline mitigations.
CVE-2026-28433 is a misskey lacks resource ownership validation in Misskey-dev misskey. CVSS 2.3 Low. Patch commands, mitigations, and verif
CVE-2026-28436 is a cross-site scripting in frappe frappe. This page lists the verified fix and inline mitigations.
CVE-2026-28526 is a path traversal in BTstack. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28527 is a path traversal in BTstack. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28528 is a path traversal in BTstack. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28751 is an improper input validation in OpenHarmony. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-28753 is a vulnerability in NGINX Open Source. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-28910 is a improper access control in macOS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-28957 is a improper access control in iOS and iPadOS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-2900 is a missing authorization in GitLab. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29071 is a vulnerability in open-webui. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29104 is a cwe-434: unrestricted upload of file with dangerous type in SuiteCRM. CVSS 2.7 Low. Patch commands, mitigations, and ver
CVE-2026-29110 is a information disclosure via error message in cryptomator cryptomator. This page lists the verified fix and inline mitigat
CVE-2026-29113: Craft has a potential information disclosure vulnerability in preview tokens in cms. Patch commands and verification.
CVE-2026-2913 is a heap buffer overflow in n/a libvips. This page lists the verified fix and inline mitigations.
CVE-2026-29173: Craft Commerce has Stored XSS while updating Order Status from Orders Table in commerce. Patch commands and verification.
CVE-2026-29177: Craft Commerce has Stored XSS in Craft Commerce Order Details Slideout in commerce. Patch commands and verification.
CVE-2026-29179 - CWE-863: Incorrect Authorization in october. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-29184 is a cwe-532: insertion of sensitive information into log file in backstage. CVSS 2 Low. Patch commands, mitigations, and ver
CVE-2026-29185: @backstage/integration: Potential reading of SCM URLs using built in token in backstage. Patch commands and verification.
CVE-2026-2964 is a improperly controlled modification of object prototype attributes in higuma web-audio-recorder-js. This page lists the ve
CVE-2026-2970 is a unsafe deserialization in datapizza-labs datapizza-ai. This page lists the verified fix and inline mitigations.
CVE-2026-2974 is a exposure of backup file to an unauthorized control sphere in n/a AliasVault App. This page lists the verified fix and inl
CVE-2026-29776 is a cwe-190: integer overflow or wraparound in FreeRDP. CVSS 3.1 Low. Patch commands, mitigations, and verification.
CVE-2026-29781: Sliver: Authenticated Nil-Pointer Dereference in Handlers in sliver. Patch commands and verification.
CVE-2026-29790 is a path traversal in dbt-labs dbt-common. This page lists the verified fix and inline mitigations.
CVE-2026-2994 is a CSRF in Concrete CMS Concrete CMS. This page lists the verified fix and inline mitigations.
CVE-2026-30237 is a cross-site scripting in Intermesh groupoffice. This page lists the verified fix and inline mitigations.
CVE-2026-30241 is a incorrect authorization in mercurius-js mercurius. This page lists the verified fix and inline mitigations.
CVE-2026-30812 is a cross-site scripting in Pandora FMS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-30830 is a cross-site scripting in kepano defuddle. This page lists the verified fix and inline mitigations.
CVE-2026-30873 is a cwe-401: missing release of memory after effective lifetime in openwrt. CVSS 2.4 Low. Patch commands, mitigations, and v
CVE-2026-30874 is a cwe-187: partial string comparison in openwrt. CVSS 1.8 Low. Patch commands, mitigations, and verification.
CVE-2026-30888 is a vulnerability in discourse. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30904 is an authentication bypass in Zoom Workplace. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-30977: RenderBlocking has Stored XSS in renderblocking-css with Inline Assets mode in RenderBlocking. Patch commands and verificati
CVE-2026-31051 - n/a in n/a. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-3109 is a denial of service in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31369 - Privilege Bypass in PcManager. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-3155 is a missing authorization in OneSignal – Web Push Notifications. This page lists verified fix commands and short-term mitigat
CVE-2026-3184: bundle sibling of CVE-2026-2625. Same patched build closes both.
CVE-2026-31863: CWE-307: Improper Restriction of Excessive Authentication Attempts in anytype-heart. Patch commands and verification.
CVE-2026-3189 is a SSRF in feiyuchuixue sz-boot-parent. This page lists the verified fix and inline mitigations.
CVE-2026-3193 is a CSRF in Chia Blockchain. This page lists the verified fix and inline mitigations.
CVE-2026-3194 is a missing authentication in Chia Blockchain. This page lists the verified fix and inline mitigations.
CVE-2026-31974 is a blind ssrf on openproject instance via webhooks in Opf openproject. CVSS 3 Low. Patch commands, mitigations, and verific
CVE-2026-31991 is a cwe-863: incorrect authorization in OpenClaw. CVSS 2 Low. Patch commands, mitigations, and verification.
CVE-2026-31996: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) in OpenClaw. Patch comma
CVE-2026-32006 is a cwe-863: incorrect authorization in OpenClaw. CVSS 2.3 Low. Patch commands, mitigations, and verification.
CVE-2026-32018: OpenClaw < 2026.2.19 - Race Condition in Sandbox Registry Write Operations in OpenClaw. Patch commands and verification.
CVE-2026-32019: OpenClaw < 2026.2.22 - Incomplete IPv4 Special-Use Range Blocking in SSRF Guard in OpenClaw. Patch commands and verification
CVE-2026-32037 is a cwe-918 server-side request forgery (ssrf) in OpenClaw. CVSS 2.3 Low. Patch commands, mitigations, and verification.
CVE-2026-32040: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in OpenClaw. Patch commands and
CVE-2026-32058 is an access control bypass in OpenClaw. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-3206 is a cwe-404 improper resource shutdown or release in KrakenD KrakenD-CE. This page lists the verified fix and inline mitigati
CVE-2026-32067 is an access control bypass in OpenClaw. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-32108 is a cwe-863: incorrect authorization in 9001 copyparty. CVSS 2.3 Low. Patch commands, mitigations, and verification.
CVE-2026-32109: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in copyparty. Patch commands an
CVE-2026-32236: @backstage/plugin-auth-backend: SSRF in experimental CIMD metadata fetch in plugin-auth-backend. Patch commands and verifica
CVE-2026-32266: Google Cloud Storage for Craft CMS has an Information Disclosure in google-cloud. Patch commands and verification.
CVE-2026-32270 is an information disclosure in commerce. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-3229 is a integer overflow in certificate chain allocation in Wofssl wolfSSL. CVSS 1.2 Low. Patch commands, mitigations, and verifi
CVE-2026-32293: GL-iNet Comet (GL-RM1) KVM insufficient certificate validation in Comet KVM. Patch commands and verification.
CVE-2026-3230 is a improper key_share validation in tls 1.3 helloretryrequest in wolfSSL. CVSS 1.2 Low. Patch commands, mitigations, and ver
CVE-2026-3236 is a incorrect authorization in Octopus Deploy Octopus Server. This page lists the verified fix and inline mitigations.
CVE-2026-3237: Low-Privilege User Can Modify Global Signing Key Settings in Octopus Server. Patch commands and verification.
CVE-2026-32445 is a missing authorization in Elementor Website Builder. CVSS 2.7 Low. Patch commands, mitigations, and verification.
CVE-2026-3254 - CWE-1021: Improper Restriction of Rendered UI Layers or Frames in GitLab. Runnable patch commands, mitigation, and verificat
CVE-2026-32607 is a discourse: stored xss via unescaped assignee name in discourse, fixed by the same patch as CVE-2026-27481.
CVE-2026-32638: StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens in studiocms. Patch commands and verification.
CVE-2026-32642 is an access control bypass in Apache Artemis. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-32684 is a vulnerability in Hik-Connect APP. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-32690 is an exposure of resource to wrong sphere in Apache Airflow. This page lists verified fix commands and short-term mitigation
CVE-2026-32696 is a vulnerability in nanomq. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-32715 is a cwe-863: incorrect authorization in Mintplex-labs anything-llm. CVSS 3.8 Low. Patch commands, mitigations, and verificat
CVE-2026-32717 is a cwe-863: incorrect authorization in Mintplex-labs anything-llm. CVSS 2.7 Low. Patch commands, mitigations, and verificat
CVE-2026-32722: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in memray. Patch commands and v
CVE-2026-32735: Unpacking Arbitrary Mustache Template Files via `maven-dependency-plugin` in openapi-to-java-records-mustache-templates-pare
CVE-2026-32766 is an interpretation conflict in tokio-tar. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-32772 is a cwe-669 incorrect resource transfer between spheres in Gnu inetutils. CVSS 3.4 Low. Patch commands, mitigations, and ver
CVE-2026-32778 is a cwe-476 null pointer dereference in Libexpat Project libexpat. CVSS 2.9 Low. Patch commands, mitigations, and verificati
CVE-2026-32803 is a insufficient logging in PowerScale OneFS. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-32943: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition in parse-server. Patch commands and verification.
CVE-2026-32970 is a not failing securely ('failing open') in OpenClaw, fixed by the same patch as CVE-2026-32916.
CVE-2026-33070 is an authentication bypass in FileRise. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-33073 is a discourse-subscriptions plugin leaking stripe api key in multisite environment in discourse, fixed by the same patch as
CVE-2026-33160 is a vulnerability in cms. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33161 is an information disclosure in cms. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33167 is a vulnerability in actionpack. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33168 is a vulnerability in actionview. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33212 is a cwe-284: improper access control in weblate. This page lists verified fix commands and short-term mitigations you can ru
CVE-2026-33221 is a cwe-345: insufficient verification of data authenticity in nhost. CVSS 2.1 Low. Patch commands, mitigations, and verific
CVE-2026-33284: an improper input validation in globaleaks-whistleblowing-software. Patched version and vendor advisory inside.
CVE-2026-33296 is a vulnerability in AVideo. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3339: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Keep Backup Daily. Patch commands an
CVE-2026-33394 is a discourse leaks pm post edits to moderators in discourse. CVSS 2.7 Low. Patch commands, mitigations, and verification.
CVE-2026-33402 is a vulnerability in sakai. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33404 is a pi-hole has a stored xss / html injection in the network page/dashboard in Pi-hole web, fixed by the same patch as CVE-2
CVE-2026-33405 is a pi-hole has a stored html injection in queries.js in Pi-hole web, fixed by the same patch as CVE-2026-33403.
CVE-2026-33408: Discourse has Improper Authorization in "Post Edits" Report For Moderators in discourse. Patch commands and verification.
CVE-2026-33422 is a discourse exposes ip_address of flagged user in discourse. CVSS 3.5 Low. Patch commands, mitigations, and verification.
CVE-2026-33423: Discourse staff can modify any user's group notification level in discourse. Patch commands and verification.
CVE-2026-33426: Discourse users can edit or synonymize hidden tags they can't see in discourse. Patch commands and verification.
CVE-2026-33427: Discourse Authorization Page Displays Unvalidated Redirect Domain in discourse. Patch commands and verification.
CVE-2026-33436 is an improper input validation in Stirling-PDF. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-33446 - Buffer overflow in Secure Access. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-33447 - Security Vulnerability in Secure Access. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-33449 - Message handler buffer overflow in Secure Access. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-33450 - Out of bounds read in Secure Access. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-33490 is a vulnerability in h3. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3351 is a missing authorization in Canonical lxd. This page lists the verified fix and inline mitigations.
CVE-2026-33525 is a vulnerability in authelia. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33529 is a path traversal in zoraxy. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33550 is a vulnerability in SOGo. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33551 is an incorrect authorization in Keystone. This page lists verified fix commands and short-term mitigations you can run today
CVE-2026-33565 is a race condition in OpenHarmony. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33585: a path traversal in Symmetric Key Agreement Platform. Patched version and vendor advisory inside.
CVE-2026-33596 - Integer Overflow or Wraparound in DNSdist. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-33597 - Improper Encoding or Escaping of Output in DNSdist. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-33599 - Out-of-bounds Read in DNSdist. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-33624 is a vulnerability in parse-server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33644 is a vulnerability in Lychee. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33658 is an OS command injection in activestorage. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-33659 is a server-side request forgery in espocrm. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-33674 is an arbitrary file read in PrestaShop. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-33762: go-git: Missing validation decoding Index v4 files leads to panic in go-git. Patch commands and verification.
CVE-2026-33769 is an improper input validation in astro. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-33877 is a cwe-208: observable timing discrepancy in apostrophe. This page lists verified fix commands and short-term mitigations y
CVE-2026-33879 is a vulnerability in FLIP. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33948 is a cwe-170: improper null termination in jq. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-3401 is a session expiration in SourceCodester Web-based Pharmacy Product Management System. This page lists the verified fix and i
CVE-2026-3404 is a XML external entity in thinkgem JeeSite. This page lists the verified fix and inline mitigations.
CVE-2026-3405 is a path traversal in thinkgem JeeSite. This page lists the verified fix and inline mitigations.
CVE-2026-34067 - CWE-617: Reachable Assertion in nimiq-transaction. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-34073: cryptography has incomplete DNS name constraint enforcement on peer names in cryptography. Patch commands and verification.
CVE-2026-34086 is a improper input validation in AbuseFilter. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-34088 exposure of sensitive information to an unauthorized actor in MediaWiki. Runnable upgrade commands and verification steps for
CVE-2026-34089 improper neutralization of input during web page generation ('cross-site scripti in Scribunto. Runnable upgrade commands and
CVE-2026-34092 exposure of sensitive information to an unauthorized actor in MediaWiki. Runnable upgrade commands and verification steps for
CVE-2026-34093 exposure of sensitive information to an unauthorized actor in MediaWiki. Runnable upgrade commands and verification steps for
CVE-2026-34094 is a exposure of resource to wrong sphere in MediaWiki. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-34154 is a missing authorization in discourse. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-34166: LiquidJS has a Memory Limit Bypass via Quadratic Amplification in `replace` Filter in liquidjs. Patch commands and verificat
CVE-2026-34203: Nautobot: Management of users via REST API does not apply configured password validators in nautobot. Patch commands and ver
CVE-2026-34224: bundle sibling of CVE-2026-34215. Same patched build closes both.
CVE-2026-34248 is a cwe-284: improper access control in zammad. CVSS 2.1 Low. Patch commands, mitigations, and verification.
CVE-2026-34268 - Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, O
CVE-2026-34312 - Easily exploitable vulnerability allows high privileged attacker having Row Access Method privilege with network access via
CVE-2026-34454 is a cwe-613: insufficient session expiration in oauth2-proxy. This page lists verified fix commands and short-term mitigatio
CVE-2026-34506 is a cwe-863: incorrect authorization in OpenClaw, fixed by the same patch as CVE-2026-32916.
CVE-2026-34513: bundle sibling of CVE-2026-22815. Same patched build closes both.
CVE-2026-34514: bundle sibling of CVE-2026-22815. Same patched build closes both.
CVE-2026-34517: bundle sibling of CVE-2026-22815. Same patched build closes both.
CVE-2026-34518: bundle sibling of CVE-2026-22815. Same patched build closes both.
CVE-2026-34519 is a aiohttp: http response splitting via \r in reason phrase in Aio-libs aiohttp, fixed by the same patch as CVE-2026-22815.
CVE-2026-34520: bundle sibling of CVE-2026-22815. Same patched build closes both.
CVE-2026-34527 is a use of weak hash in Sandboxie. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-3465 is a denial of service in Tuya App. This page lists the verified fix and inline mitigations.
CVE-2026-34685 is an improper input validation in Adobe Commerce. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-3469 is a improper input validation in Sonicwall Email Security, fixed by the same patch as CVE-2026-3468.
CVE-2026-3470 is a improper input validation in Sonicwall Email Security, fixed by the same patch as CVE-2026-3468.
CVE-2026-34720 is a zammad has an origin validation error in sso mechanism in zammad, fixed by the same patch as CVE-2026-34248.
CVE-2026-34743 is a xz utils: buffer overflow in lzma_index_append() in Tukaani-project xz. CVSS 1.7 Low. Patch commands, mitigations, and v
CVE-2026-34762: Ella Core Has Audit Log Falsification via Path/Body IMSI Mismatch in UpdateSubscriber in core. Patch commands and verificati
CVE-2026-34764: Electron has a use-after-free in offscreen shared texture release() callback in electron. Patch commands and verification.
CVE-2026-34766 is a electron: usb device selection not validated against filtered device list in electron, fixed by the same patch as CVE-20
CVE-2026-34768 is a electron: unquoted executable path in app.setloginitemsettings on windows in electron, fixed by the same patch as CVE-20
CVE-2026-34781 is a electron crashes in clipboard.readimage() on malformed clipboard image data in electron, fixed by the same patch as CVE-
CVE-2026-34849 is a race condition in HarmonyOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-34850 is a race condition in HarmonyOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-34851 is a race condition in HarmonyOS. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-34945 is a vulnerability in wasmtime. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-34947 is a discourse: staged user custom fields are exposed on public invite pages in discourse, fixed by the same patch as CVE-202
CVE-2026-3495 is a cross-site scripting (XSS) in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-34969: Nhost Leaks the Refresh Token via URL Query Parameter in OAuth Provider Callback in nhost. Patch commands and verification.
CVE-2026-3497 is a cwe-908 use of uninitialized resource in Ubuntu openssh. CVSS 2.7 Low. Patch commands, mitigations, and verification.
CVE-2026-34983 is an use-after-free in wasmtime. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-34988 is a buffer overflow in wasmtime. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-35038 is a signalk-server: arbitrary prototype read via `from` field bypass in signalk-server, fixed by the same patch as CVE-2026-
CVE-2026-35094: bundle sibling of CVE-2026-4631. Same patched build closes both.
CVE-2026-35192 use of persistent cookies containing sensitive information in Django. Runnable upgrade commands and verification steps for sy
CVE-2026-35200: bundle sibling of CVE-2026-34215. Same patched build closes both.
CVE-2026-35249 is an access control in Oracle VM VirtualBox. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-35250 is an access control in Oracle VM VirtualBox. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-35342 - CWE-377: Insecure Temporary File in coreutils. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-35343 - CWE-670: Always-Incorrect Control Flow Implementation in coreutils. Runnable patch commands, mitigation, and verification o
CVE-2026-35344 - CWE-252: Unchecked Return Value in coreutils. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-35346 - CWE-176: Improper Handling of Unicode Encoding in coreutils. Runnable patch commands, mitigation, and verification on this
CVE-2026-35353 - CWE-367: Time-of-Check Time-of-Use (TOCTOU) Race Condition in coreutils. Runnable patch commands, mitigation, and verificat
CVE-2026-35361 - CWE-281: Improper Preservation of Permissions in coreutils. Runnable patch commands, mitigation, and verification on this p
CVE-2026-35362 - CWE-367: Time-of-Check Time-of-Use (TOCTOU) Race Condition in coreutils. Runnable patch commands, mitigation, and verificat
CVE-2026-35367 - CWE-732: Incorrect Permission Assignment for Critical Resource in coreutils. Runnable patch commands, mitigation, and verif
CVE-2026-35371 - CWE-451: User Interface (UI) Misrepresentation of Critical Information in coreutils. Runnable patch commands, mitigation, a
CVE-2026-35373 - CWE-176: Improper Handling of Unicode Encoding in coreutils. Runnable patch commands, mitigation, and verification on this
CVE-2026-35375 - CWE-176: Improper Handling of Unicode Encoding in coreutils. Runnable patch commands, mitigation, and verification on this
CVE-2026-35377 - CWE-20: Improper Input Validation in coreutils. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-35378 - CWE-768: Incorrect Short Circuit Evaluation in coreutils. Runnable patch commands, mitigation, and verification on this pag
CVE-2026-35379 - CWE-684: Incorrect Provision of Specified Functionality in coreutils. Runnable patch commands, mitigation, and verification
CVE-2026-35381 - CWE-684: Incorrect Provision of Specified Functionality in coreutils. Runnable patch commands, mitigation, and verification
CVE-2026-35386 is a incorrect behavior order in Openbsd OpenSSH, fixed by the same patch as CVE-2026-35385.
CVE-2026-35387 is a always-incorrect control flow implementation in Openbsd OpenSSH, fixed by the same patch as CVE-2026-35385.
CVE-2026-35388 is a unprotected alternate channel in Openbsd OpenSSH, fixed by the same patch as CVE-2026-35385.
CVE-2026-35400 is a loris incorrectly trusts user input in publication module in Aces Loris, fixed by the same patch as CVE-2026-33350.
CVE-2026-35402 is a cwe-284: improper access control in mcp-neo4j. This page lists verified fix commands and short-term mitigations you can
CVE-2026-35448 is a cwe-862: missing authorization in Wwbn AVideo, fixed by the same patch as CVE-2026-34394.
CVE-2026-35496 is a path traversal in CubeCart. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-35537 is a deserialization of untrusted data in Roundcube Webmail. CVSS 3.7 Low. Patch commands, mitigations, and verification.
CVE-2026-35538: bundle sibling of CVE-2026-35537. Same patched build closes both.
CVE-2026-35617 is a reliance on untrusted inputs in a in OpenClaw. This page lists verified fix commands and short-term mitigations you can
CVE-2026-35624 is a reliance on untrusted inputs in a in OpenClaw. This page lists verified fix commands and short-term mitigations you can
CVE-2026-35648 is a vulnerability in OpenClaw. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-35679 is a improperly implemented security check for standard in zcashd. CVSS 3.5 Low. Patch commands, mitigations, and verificatio
CVE-2026-3579: Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I in wolfSSL. Patch commands and verification.
CVE-2026-3580: Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V in wolfSSL. Patch commands and verification.
CVE-2026-3632: Improper Validation of Syntactic Correctness of Input in Red Hat Enterprise Linux 10. Patch commands and verification.
CVE-2026-3633: Libsoup: libsoup: header and http request injection via crlf injection in Red Hat Enterprise Linux 10. Patch commands and ver
CVE-2026-3634: Improper Neutralization of CRLF Sequences ('CRLF Injection') in Red Hat Enterprise Linux 10. Patch commands and verification.
CVE-2026-3668 is a improper access controls in Freedom Factory dGEN1. This page lists the verified fix and inline mitigations.
CVE-2026-36872 is a SQL injection in Sourcecodester Basic. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-36873 is a SQL injection in Sourcecodester Basic. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-36874 is a SQL injection in Sourcecodester Basic. This page lists verified fix commands and short-term mitigations you can run toda
CVE-2026-36919 is a SQL injection in Sourcecodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-36920 is a SQL injection in Sourcecodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-36922 is a SQL injection in Sourcecodester Cab. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-36923 is a SQL injection in Sourcecodester Cab. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-36937 is a SQL injection in Sourcecodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-36938 is a SQL injection in Sourcecodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-36941 is a SQL injection in Sourcecodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-36942 is a SQL injection in Sourcecodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-36943 is a SQL injection in Sourcecodester Computer. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-36944 is a SQL injection in Sourcecodester Computer. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-36945 is a SQL injection in Sourcecodester Computer. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-36946 is a SQL injection in Sourcecodester Computer. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-36947 is a SQL injection in Sourcecodester Computer. This page lists verified fix commands and short-term mitigations you can run t
CVE-2026-36950 is a SQL injection in Sourcecodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-36952 is a SQL injection in Sourcecodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-37589 is a SQL injection in SourceCodester Storage. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-37590 is a SQL injection in SourceCodester Storage. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-37591 is a SQL injection in Sourcecodester Storage. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-37592 is a SQL injection in Sourcecodester Storage. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-37593 is a SQL injection in SourceCodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-37594 is a SQL injection in SourceCodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-37595 is a SQL injection in SourceCodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-37596 is a SQL injection in SourceCodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-37597 is a SQL injection in SourceCodester Online. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-37598 is a SQL injection in SourceCodester Patient. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-37600 is a SQL injection in SourceCodester Patient. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-37601 is a SQL injection in SourceCodester Patient. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-37602 is a SQL injection in SourceCodester Patient. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-37977 is a origin validation error in Red Hat Build of Keycloak. CVSS 3.7 Low. Patch commands, mitigations, and verification.
CVE-2026-3832 - Incorrect Behavior Order: Early Validation in the affected product. Runnable patch commands, mitigation, and verification on
CVE-2026-3911: Exposure of Private Personal Information to an Unauthorized Actor in Red Hat build of Keycloak 26.4. Patch commands and verif
CVE-2026-3929 is a side-channel information leakage in Google Chrome. CVSS 3.1 Low. Patch commands, mitigations, and verification.
CVE-2026-39349: bundle sibling of CVE-2026-39345. Same patched build closes both.
CVE-2026-39388 is a cwe-295: improper certificate validation in openbao. This page lists verified fix commands and short-term mitigations yo
CVE-2026-39396 is a denial of service in openbao. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-39419 is a vulnerability in MaxKB. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-39510: Authorization Bypass Through User-Controlled Key in Image Photo Gallery Final Tiles Grid. Patch commands and verification.
CVE-2026-39957 is an incorrect authorization in Lychee. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-39967: an insecure direct object reference (IDOR) in typebot.io. Patched version and vendor advisory inside.
CVE-2026-40020 is an access control bypass in OX Dovecot Pro. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-40072 is a server-side request forgery in web3.py. This page lists verified fix commands and short-term mitigations you can run tod
CVE-2026-40077 is a cwe-184: incomplete list of disallowed inputs in beszel. This page lists verified fix commands and short-term mitigation
CVE-2026-40097 is a cwe-129: improper validation of array index in certificates. This page lists verified fix commands and short-term mitiga
CVE-2026-40109 is an authentication bypass in notification-controller. This page lists verified fix commands and short-term mitigations you
CVE-2026-40131: a SQL injection in SAP HANA Deployment Infrastructure (HDI). Patched version and vendor advisory inside.
CVE-2026-40184 is a missing authentication in TREK. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-40194 is a cwe-208: observable timing discrepancy in phpseclib. This page lists verified fix commands and short-term mitigations yo
CVE-2026-40228 is a resource transfer between spheres in systemd. This page lists verified fix commands and short-term mitigations you can r
CVE-2026-40243 is a improper certificate validation in incus. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-40263 is a cwe-208: observable timing discrepancy in note-mark. This page lists verified fix commands and short-term mitigations yo
CVE-2026-40264 is a cwe-1259: improper restriction of security token in openbao. This page lists verified fix commands and short-term mitiga
CVE-2026-40279 is a cwe-758: reliance on undefined, unspecified, or in bacnet-stack. This page lists verified fix commands and short-term mi
CVE-2026-40319 is a vulnerability in giskard-oss. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-40334 is a cwe-170: improper null termination in libgphoto2. This page lists verified fix commands and short-term mitigations you c
CVE-2026-40336 is a memory leak in libgphoto2. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-40341 is a cwe-126: buffer over-read in libgphoto2. This page lists verified fix commands and short-term mitigations you can run to
CVE-2026-40354 is an unix symbolic link (symlink) following in xdg-desktop-portal. This page lists verified fix commands and short-term miti
CVE-2026-4053 is a vulnerability in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-40686 - CWE-125 Out-of-bounds Read in Exim. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-40878 is a cross-site scripting in mailcow-dockerized. This page lists verified fix commands and short-term mitigations you can run
CVE-2026-40947 is an untrusted search path in libfido2. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-40969 - CWE-209: Generation of Error Message Containing Sensitive Information in Spring gRPC. Runnable patch commands, mitigation,
CVE-2026-41080 is an insufficient entropy in libexpat. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-41140 - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in poetry. Runnable patch commands,
CVE-2026-41321 - CWE-918: Server-Side Request Forgery (SSRF) in @astrojs/cloudflare. Runnable patch commands, mitigation, and verification o
CVE-2026-41330 is a cwe-453: insecure default variable initialization in OpenClaw. This page lists verified fix commands and short-term miti
CVE-2026-41341 - CWE-351 Insufficient Type Distinction in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41347 - CWE-352 Cross-Site Request Forgery (CSRF) in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41348 - CWE-863: Incorrect Authorization in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41356 - CWE-613: Insufficient Session Expiration in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41357 - CWE-214 Invocation of Process Using Visible Sensitive Information in OpenClaw. Runnable patch commands, mitigation, and ver
CVE-2026-41358 - CWE-346: Origin Validation Error in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41362 - CWE-668: Exposure of Resource to Wrong Sphere in OpenClaw. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-41376 - CWE-346: Origin Validation Error in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41381 - CWE-863: Incorrect Authorization in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41382 - CWE-862 Missing Authorization in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41398 - CWE-346: Origin Validation Error in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41402 - CWE-706: Use of Incorrectly-Resolved Name or Reference in OpenClaw. Runnable patch commands, mitigation, and verification o
CVE-2026-41406 - CWE-639 Authorization Bypass Through User-Controlled Key in OpenClaw. Runnable patch commands, mitigation, and verification
CVE-2026-41408 - CWE-770: Allocation of Resources Without Limits or Throttling in OpenClaw. Runnable patch commands, mitigation, and verific
CVE-2026-41430 - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in press. Runnable patch comma
CVE-2026-41488 - CWE-918: Server-Side Request Forgery (SSRF) in langchain-openai. Runnable patch commands, mitigation, and verification on t
CVE-2026-41498 is a missing authorization in kimai. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-41530 is a path traversal in Lhaz. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4159 is a wc_pkcs7_decodeenvelopeddata 1 byte out-of-bounds read in wolfSSL. CVSS 1.2 Low. Patch commands, mitigations, and verific
CVE-2026-41659 exposure of sensitive information to an unauthorized actor in admidio. Runnable upgrade commands and verification steps for s
CVE-2026-41663 is a cross-site request forgery (csrf) in admidio. Patched version, runnable upgrade commands, and how to verify the fix land
CVE-2026-41677 - CWE-125: Out-of-bounds Read in rust-openssl. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41889 improper neutralization of special elements used in an sql command ('sql injecti in pgx. Runnable upgrade commands and verifi
CVE-2026-41908 - CWE-863 Incorrect Authorization in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41910 - CWE-863: Incorrect Authorization in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41916 - CWE-613: Insufficient Session Expiration in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-41962 is a vulnerability in HarmonyOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-41963 is a stack-based buffer overflow in HarmonyOS. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-41988 - CWE-670 Always-Incorrect Control Flow Implementation in uuid. Runnable patch commands, mitigation, and verification on this
CVE-2026-4202: Broken Access Control in extension "Redirect Tab" in Extension "Redirect Tabs". Patch commands and verification.
CVE-2026-42040 - CWE-116: Improper Encoding or Escaping of Output in axios. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-42158 is an access control bypass in flowsint. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-4217 is a unprotected storage of credentials in Xreal Nebula App. CVSS 2 Low. Patch commands, mitigations, and verification.
CVE-2026-4218: myAEDES App aedes.me.beta EngageBayUtils.java information disclosure in myAEDES App. Patch commands and verification.
CVE-2026-42183 is a null pointer dereference in argo-workflows. Patched version, runnable upgrade commands, and how to verify the fix landed
CVE-2026-42186 is a vulnerability in openbao. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-42188 is a server-side request forgery (ssrf) in Geyser. Patched version, runnable upgrade commands, and how to verify the fix land
CVE-2026-42195 url redirection to untrusted site ('open redirect') in drawio. Runnable upgrade commands and verification steps for sysadmins
CVE-2026-42245 is a inefficient algorithmic complexity in net-imap. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-42355 is a vulnerability in NanaZip. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4242 is a unprotected storage of credentials in Babychakra Pregnancy & Parenting App. CVSS 2 Low. Patch commands, mitigations, and
CVE-2026-42421 - CWE-613: Insufficient Session Expiration in OpenClaw. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-4243: La Nacion App app.lanacion.activity BuildConfig.java credentials storage in La Nacion App. Patch commands and verification.
CVE-2026-42442 is a denial of service in NanaZip. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-42443 is a vulnerability in NanaZip. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-42444 is a denial of service in NanaZip. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-42445 is a vulnerability in NanaZip. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4250: Unprotected Storage of Credentials in Albert Health. Patch commands and verification.
CVE-2026-4251: CityData CityChat ai.citydata.citychat credentials.json credentials storage in CityChat. Patch commands and verification.
CVE-2026-42578 is a vulnerability in netty. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4273 is an access control bypass in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-42794 improper neutralization of input during web page generation ('cross-site scripti in absinthe plug. Runnable upgrade commands
CVE-2026-4286 is an access control bypass in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-42865 exposure of sensitive information to an unauthorized actor in inbox-zero. Runnable upgrade commands and verification steps fo
CVE-2026-42874 improper neutralization of crlf sequences in http headers ('http request/respons in microdot. Runnable upgrade commands and v
CVE-2026-4292 is a privilege abuse in modeladmin.list_editable in Djangoproject Django, fixed by the same patch as CVE-2026-3902.
CVE-2026-4313 - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in AdaptiveGRC. Runnable
CVE-2026-43529 time-of-check time-of-use (toctou) race condition in OpenClaw. Runnable upgrade commands and verification steps for sysadmins
CVE-2026-4359: CWE-158 Improper neutralization of null byte or NUL character in MongoDB C Driver. Patch commands and verification.
CVE-2026-4363 is an access control bypass in GitLab. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43859 improper neutralization of null byte or nul character in mutt. Runnable upgrade commands and verification steps for sysadmins
CVE-2026-43860 is a off-by-one error in mutt. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43861 improper neutralization of null byte or nul character in mutt. Runnable upgrade commands and verification steps for sysadmins
CVE-2026-43862 access of resource using incompatible type ('type confusion') in mutt. Runnable upgrade commands and verification steps for s
CVE-2026-43863 is a incorrect check of function return value in mutt. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-43864 is a null pointer dereference in mutt. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43930 is a race condition in parse-server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4395 is a heap-based buffer overflow in wc_ecc_import_x963_ex kcapi path in wolfssl. CVSS 1.3 Low. Patch commands, mitigations, and
CVE-2026-43964 is a off-by-one error in Postfix. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43969 improper neutralization of crlf sequences ('crlf injection') in cowlib. Runnable upgrade commands and verification steps for
CVE-2026-44057 is a vulnerability in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44059 is a race condition in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44065 is a vulnerability in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44067 is an out-of-bounds read in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44069 is a vulnerability in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4407 is a out-of-bounds array write in xpdf 4.06 due to missing validation in Xpdf. CVSS 2.1 Low. Patch commands, mitigations, and
CVE-2026-44070 is a denial of service in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44071 is an authentication bypass in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-44072 is an OS command injection in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-44074 is a vulnerability in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44075 is a vulnerability in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44111 is a permissive list of allowed inputs in OpenClaw. Patched version, runnable upgrade commands, and how to verify the fix lan
CVE-2026-44218 is a improper privilege management in ciguard. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-44219 allocation of resources without limits or throttling in ciguard. Runnable upgrade commands and verification steps for sysadmi
CVE-2026-44220 improper link resolution before file access ('link following') in ciguard. Runnable upgrade commands and verification steps f
CVE-2026-44242 is a uncontrolled resource consumption in micronaut-core. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-44278 is a information disclosure in FortiClientWindows. Patched version, runnable upgrade commands, and how to verify the fix land
CVE-2026-44286 is a server-side request forgery (ssrf) in FastGPT. Patched version, runnable upgrade commands, and how to verify the fix lan
CVE-2026-4433 is a vulnerability in Tenable Operation Technology. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-44348 is a vulnerability in podofo. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44405 use of a broken or risky cryptographic algorithm in Paramiko. Runnable upgrade commands and verification steps for sysadmins.
CVE-2026-44428 is a server-side request forgery (SSRF) in registry. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-44459 is an access control bypass in hono. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44515 is a server-side request forgery (SSRF) in news. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-44572 is a vulnerability in next.js. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44582 is a vulnerability in next.js. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44589 is a server-side request forgery (SSRF) in og-image. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-44597 is a incorrect provision of specified functionality in Tor. Patched version, runnable upgrade commands, and how to verify the
CVE-2026-44599 is a incorrect resource transfer between spheres in Tor. Patched version, runnable upgrade commands, and how to verify the fi
CVE-2026-44600 is a incorrect behavior order in Tor. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-44601 is a improper enforcement of a single, unique action in Tor. Patched version, runnable upgrade commands, and how to verify th
CVE-2026-44602 is a null pointer dereference in Tor. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-44603 is a off-by-one error in Tor. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-44638 is a denial of service in libsixel. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44658 is a improper input validation in desktop. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-4477: Yi Technology YI Home Camera WPA/WPS hard-coded key in YI Home Camera. Patch commands and verification.
CVE-2026-44916 improper neutralization of special elements used in a template engine in Ironic. Runnable upgrade commands and verification s
CVE-2026-44927 is a numeric truncation error in uriparser. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-44928 always-incorrect control flow implementation in uriparser. Runnable upgrade commands and verification steps for sysadmins.
CVE-2026-44987 is a improper privilege management in sysreptor. Patched version, runnable upgrade commands, and how to verify the fix landed
CVE-2026-44991 is a incorrect authorization in OpenClaw. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-44993 is a incomplete list of disallowed inputs in OpenClaw. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-44997 is a incorrect privilege assignment in OpenClaw. Patched version, runnable upgrade commands, and how to verify the fix landed
CVE-2026-44998 is a incorrect authorization in OpenClaw. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-45000 is a server-side request forgery (ssrf) in OpenClaw. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-45028 is a path traversal in astro. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4512 - CWE-79 Cross-Site Scripting (XSS) in reCaptcha by WebDesignBy. Runnable patch commands, mitigation, and verification on this
CVE-2026-45182 unintended proxy or intermediary ('confused deputy') in GrapheneOS. Runnable upgrade commands and verification steps for sysa
CVE-2026-45186 is a inefficient algorithmic complexity in libexpat. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-45232 is a vulnerability in rsync. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-45244 is a missing authorization in summarize. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-45316 is an access control bypass in open-webui. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-45362 is a cleartext storage of sensitive information in Switchvox. Patched version, runnable upgrade commands, and how to verify t
CVE-2026-4541 is an authentication bypass in tinyssh. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4549 is a vulnerability in next-saas-stripe-starter. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-45781 is a vulnerability in registry. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-45803 is a vulnerability in cli. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4582 is an authentication bypass in MPOS M6 PLUS. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-4583 is a code injection in MPOS M6 PLUS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4584 is a vulnerability in MPOS M6 PLUS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4590 is a vulnerability in kodbox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4633 is a vulnerability in Red Hat Build of Keycloak. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-4643 is a denial of service in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-46483 is an OS command injection in vim. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-47068: an insecure direct object reference (IDOR) in phoenix_storybook. Patched version and vendor advisory inside.
CVE-2026-47090 is a vulnerability in claude-hud. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-47099 is a cross-site scripting (XSS) in telejson. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-4742 is a vulnerability in liteide. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4761 is an arbitrary file read in Panorama Suite. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-47782: a vulnerability in Android App "RoboForm Password Manager". Patched version and vendor advisory inside.
CVE-2026-4794: Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF in PaperCut NG/MF. Patch commands and verification.
CVE-2026-4823 is an information disclosure in Iperius Backup. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-4874 is a vulnerability in Red Hat Build of Keycloak. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-4916 is a missing authorization in gitlab in GitLab, fixed by the same patch as CVE-2026-1092.
CVE-2026-4958 is a vulnerability in XAgent. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-5107 is an access control bypass in FRR. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-5115: Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices in Papercut NG/MF. Patch commands and ver
CVE-2026-5187 is a heap buffer overflow in wolfSSL. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-5188 is an integer underflow in wolfSSL. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-5199: Cross Namespace Access via Batch Operation in temporal. Patch commands and verification.
CVE-2026-5266 exposure of sensitive information to an unauthorized actor in Echo. Runnable upgrade commands and verification steps for sysad
CVE-2026-5310: Enter Software Iperius Backup IperiusAccounts.ini hard-coded key in Iperius Backup. Patch commands and verification.
CVE-2026-5375 is a runzero platform api credential information leak in Runzero Platform, fixed by the same patch as CVE-2026-5372.
CVE-2026-5379 is a runzero platform mcp certification information leak in Runzero Platform, fixed by the same patch as CVE-2026-5372.
CVE-2026-5381 is a runzero platform task information leak in Runzero Platform, fixed by the same patch as CVE-2026-5372.
CVE-2026-5382 is a runzero platform mcp endpoint information leak in Runzero Platform, fixed by the same patch as CVE-2026-5372.
CVE-2026-5392 is an out-of-bounds read in wolfSSL. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-5420: Shinrays Games Goods Triple App cats.goods.sort.sorting.games jRwTX.java hard-coded key in Goods Triple App. Patch commands a
CVE-2026-5448 is a 1-2 byte buffer overflow in wolfssl_x509_notafter/notbefore in wolfSSL, fixed by the same patch as CVE-2026-5446.
CVE-2026-5473 is a nasa cfs pickle pickle.load deserialization in Nasa cFS. CVSS 2 Low. Patch commands, mitigations, and verification.
CVE-2026-5476 is a nasa cfs cfe_tbl_passthru_codec.c cfe_tbl_validatecodecloadsize integer overflow in Nasa cFS, fixed by the same patch as
CVE-2026-5772 is a matchdomainname 1-byte stack buffer over-read in hostname validation in wolfSSL, fixed by the same patch as CVE-2026-5446
CVE-2026-5778 is a integer underflow leads to out-of-bounds access in sniffer chacha decrypt path. in wolfSSL, fixed by the same patch as CV
CVE-2026-5958 is a time-of-check time-of-use (toctou) race condition in Sed. This page lists verified fix commands and short-term mitigation
CVE-2026-6019 - CWE-150 Improper neutralization of escape, meta, or control sequences in CPython. Runnable patch commands, mitigation, and v
CVE-2026-6312 is an access control in Chrome. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6313 is an access control in Chrome. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-6333 is a server-side request forgery (SSRF) in Mattermost. Verified patched version, official vendor advisory, and how to confirm
CVE-2026-6334 is an authentication bypass in Mattermost. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-6392 - Exposure of Sensitive Information to an Unauthorized Actor in Threat Response. Runnable patch commands, mitigation, and veri
CVE-2026-6408 - Insufficiently Protected Credentials in Tanium Server. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6416 - Uncontrolled Resource Consumption in Interact. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-6499 incorrect permission assignment for critical resource in OpenConcerto. Runnable upgrade commands and verification steps for sy
CVE-2026-6611 is an use of hard-coded cryptographic key in DjangoBlog. This page lists verified fix commands and short-term mitigations you
CVE-2026-6638 is a SQL injection in PostgreSQL. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6737 exposed ioctl with insufficient access control in AsusPTPFilter. Runnable upgrade commands and verification steps for sysadmin
CVE-2026-6842 - Incorrect Permission Assignment for Critical Resource in Red Hat Enterprise Linux 10. Runnable patch commands, mitigation, a
CVE-2026-6883 is a missing authorization in GitLab. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6923 is an information disclosure in NPCT7xx. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-7085 - Path Traversal in Toonflow-app. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7259 is a null pointer dereference in PHP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7262 is a null pointer dereference in PHP. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7317 - Deserialization in CMS. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7351 - Race in Chrome. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7360 - Insufficient validation of untrusted input in Chrome. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7429 - CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in SSCMS. Runnable patch command
CVE-2026-7471 is a server-side request forgery (SSRF) in GitLab. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-7688 - SQL Injection in ERP CRM. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-7724 is a time-of-check time-of-use in prefect. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7835 is a format string vulnerability in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-7836 is a vulnerability in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-7837 is a race condition in Netatalk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-7845 is a use of weak hash in Langchain-Chatchat. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7846 is a time-of-check time-of-use in Langchain-Chatchat. Patched version, runnable upgrade commands, and how to verify the fix la
CVE-2026-7847 is a insufficiently random values in Langchain-Chatchat. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-7860 is a vulnerability in flow. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-7882: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-7886: an insecure direct object reference (IDOR) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-7887 is an authentication bypass in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-7890: a server-side request forgery (SSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-7909 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7937 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7944 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7945 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7949 is a out of bounds read in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7954 is a race in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7959 is a protection mechanism failure in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-7965 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7966 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-7968 is a insufficient validation of untrusted input in Chrome. Patched version, runnable upgrade commands, and how to verify the f
CVE-2026-8017 is a side-channel information leakage in Chrome. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8022 improper restriction of rendered ui layers or frames in Chrome. Runnable upgrade commands and verification steps for sysadmins
CVE-2026-8139 is a cross-site scripting (XSS) in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8233 is a improper access controls in XproUPF. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-8340: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8347: an insecure direct object reference (IDOR) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8353 is a cross-site scripting (XSS) in Concrete CMS. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8409: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8410: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8411: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8412: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8413: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8414: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8415: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8416: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8427: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8432: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8433: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8434: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8435: a cross-site request forgery (CSRF) in Concrete CMS. Patched version and vendor advisory inside.
CVE-2026-8736 is a path traversal in Pamirs. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8741 is a race condition in EMQX. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8767 is an OS command injection in ai. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0106 is a vulnerability in Android. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0610 is a SQL injection in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0612 is a vulnerability in TheLibrarian.io. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0613 is a vulnerability in TheLibrarian.io. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0615 is a vulnerability in TheLibrarian.io. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0616 is a vulnerability in TheLibrarian.io. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0618 is a vulnerability in PowerShell Universal. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-0622 is a hard-coded credentials in open5GS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0628 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0658: a vulnerability in Five Star Restaurant Reservations. Patched version and vendor advisory inside.
CVE-2026-0668: a vulnerability in MediaWiki - VisualData Extension. Patched version and vendor advisory inside.
CVE-2026-0669 is a path traversal in MediaWiki - CSS extension. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-0670: a vulnerability in MediaWiki - ProofreadPage Extension. Patched version and vendor advisory inside.
CVE-2026-0671: a vulnerability in MediaWiki - UploadWizard extension. Patched version and vendor advisory inside.
CVE-2026-0677 is an unsafe deserialization in TotalContest Lite. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-0747: an information disclosure in Remote Desktop Manager. Patched version and vendor advisory inside.
CVE-2026-0798: an access control bypass in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-0817: a vulnerability in MediaWiki - CampaignEvents extension. Patched version and vendor advisory inside.
CVE-2026-0818 is a vulnerability in Thunderbird. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0829 is a vulnerability in Frontend File Manager Plugin. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-0861 is a vulnerability in glibc. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0877 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0878 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0879 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0880 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0881 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0882 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0883 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0884 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0885 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0886 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0887 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0888 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0889 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0890 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0891 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0892 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0899 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0900 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0901 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0902 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0903 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0904 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0905 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0906 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0907 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0908 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0915 is a vulnerability in glibc. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0929 is a vulnerability in RegistrationMagic. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-0943 is a code injection in HarfBuzz::Shaper. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-0944 is a denial of service in Group invite. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-0945 is a local privilege escalation in Role Delegation. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-0946 is a vulnerability in AT Internet SmartTag. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-0947 is a vulnerability in AT Internet Piano Analytics. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-0948: an authentication bypass in Microsoft Entra ID SSO Login. Patched version and vendor advisory inside.
CVE-2026-1007 is an access control bypass in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1207 is a SQL injection in Django. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1235 is an unsafe deserialization in WP eCommerce. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-1245 is a code injection in binary-parser. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1285 is a vulnerability in Django. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1287 is a SQL injection in Django. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1312 is a SQL injection in Django. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1368: an authentication bypass in Video Conferencing with Zoom. Patched version and vendor advisory inside.
CVE-2026-1430 is a vulnerability in WP Lightbox 2. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1504 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1513 is a vulnerability in billboard.js. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1553 is an access control bypass in Drupal Canvas. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-1554: a vulnerability in Central Authentication System (CAS) Serv. Patched version and vendor advisory inside.
CVE-2026-1631: a missing authorization in Feeds for YouTube (YouTube video. Patched version and vendor advisory inside.
CVE-2026-1774 is a vulnerability in CASL Ability. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1861 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1862 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1890 is a vulnerability in LeadConnector. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1917 is an authentication bypass in Login Disable. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-1969 is a vulnerability in trx_addons. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-1995: a vulnerability in IDrive Cloud Backup Client for Windows. Patched version and vendor advisory inside.
CVE-2026-20188 uncontrolled resource consumption in Cisco Crosswork Network Change Automation. Runnable upgrade commands and verification st
CVE-2026-2032 is a vulnerability in Firefox for iOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20401 is a vulnerability in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-20402 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20403 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20404 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20405 is a vulnerability in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-20406 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20407 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20408 is a path traversal in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-20409 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20410 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20411 is an use-after-free in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-20412 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20413 is an access control bypass in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-20414 is an use-after-free in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-20415 is a vulnerability in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-20417 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20418 is an OS command injection in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-20419 is a denial of service in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-20420 is a path traversal in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-20421 is a path traversal in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-20422 is a vulnerability in MediaTek chipset. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-20601 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20602 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20603 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20605 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20606 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20607 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20608 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20609 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20610 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20611 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20612 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20613 is a vulnerability in Container. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20614 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20615 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20616 is an out-of-bounds write in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-20617 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20618 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20619 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20620 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20621 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20622 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20623 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20624 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20625 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20626 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20627 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20628 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20629 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20630 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20631 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20632 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20633 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20634 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20635 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20636 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20637 is an use-after-free in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-20638 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20639 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20640 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20641 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20642 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20644 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20645 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20646 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20647 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20648 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20649 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20650 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20651 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20652 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20653 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20654 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20655 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20656 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20657 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20658 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20660 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20661 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20662 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20663 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20664 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20665 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20666 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20667 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20668 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20669 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20670 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20671 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20673 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20674 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20675 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20676 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20677 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20678 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20680 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20681 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20682 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20684 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20685: a vulnerability in Private Cloud Compute Server Software. Patched version and vendor advisory inside.
CVE-2026-20686 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20687 is an use-after-free in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-20688 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20690 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20691 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20692 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20693 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20694 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20695 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20697 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20698 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20699 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20701 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-20736: an access control bypass in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-20750: an access control bypass in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-20800: an information disclosure in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-20883: an access control bypass in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-20888: an access control bypass in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-20897: an access control bypass in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-20904: an access control bypass in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-20912: an access control bypass in Gitea Open Source Git Server. Patched version and vendor advisory inside.
CVE-2026-21639 is a vulnerability in airMAX AC. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-21732 is an out-of-bounds write in Graphics DDK. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-22022 is an access control bypass in Apache Solr. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-22163 is a vulnerability in Graphics DDK. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22254 is a vulnerability in winter. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22444 is an improper input validation in Apache Solr. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-22582 is a vulnerability in Marketing Cloud Engagement. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-22583 is a vulnerability in Marketing Cloud Engagement. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-22584 is a code injection in Uni2TS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22585 is a vulnerability in Marketing Cloud Engagement. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-22586: a hard-coded credentials in Marketing Cloud Engagement. Patched version and vendor advisory inside.
CVE-2026-2275 is a vulnerability in CrewAI. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22795 is a denial of service in OpenSSL. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22796 is a denial of service in OpenSSL. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2285 is a path traversal in CrewAI. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2286 is a vulnerability in CrewAI. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2287 is a vulnerability in CrewAI. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22922 is a vulnerability in Apache Airflow. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22976 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22977 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22978 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22979 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2298 is a vulnerability in Marketing Cloud Engagement. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-22981 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22982 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22983 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22985 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22986 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22987 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22989 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22993 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22994 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22995 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-22996 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23000 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23002 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23005 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23006 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23007 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23008 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23009 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23011 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23012 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23015 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23016 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23017 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23018 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23019 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23020 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23021 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23022 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23023 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23024 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23025 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23026 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23027 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23028 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23029 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23030 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23031 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23032 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23033 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23034 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23035 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23036 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23037 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23038 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23039 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23040 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23041 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23042 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23043 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23044 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23045 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23046 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23047 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23048 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23049 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23050 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23051 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23052 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23053 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23054 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23055 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23056 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23057 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23058 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23059 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23060 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23061 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23062 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23063 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23064 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23065 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23067 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23068 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23069 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23070 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23071 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23072 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23073 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23075 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23076 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23078 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23079 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23080 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23081 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23082 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23083 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23084 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23085 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23086 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23087 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23088 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23089 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23090 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23091 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23092 is an out-of-bounds write in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23093 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23094 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23096 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23097 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23099 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23100 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23101 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23102 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23104 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23106 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23107 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23108 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23109 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23110 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23113 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23114 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23115 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23116 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23117 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23118 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23119 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23120 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23121 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23122 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23123 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23124 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23125 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23126 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23127 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23128 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23129 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2313 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23130 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23131 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23132 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23133 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23134 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23135 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23137 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23138 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2314 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23140 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23141 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23142 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23143 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23144 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23145 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23146 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23147 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23149 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2315 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23150 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23151 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23152 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23153 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23154 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23155 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23156 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23157 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23158 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23159 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2316 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23160 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23162 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23163 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23164 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23165 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23166 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23167 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23168 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2317 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23170 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23173 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23174 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23176 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23177 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23179 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2318 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23181 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23182 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23183 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23186 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23187 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23188 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23189 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2319 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23190 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23194 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23196 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23197 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23199 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2320 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23200 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23201 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23202 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23203 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23205 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23206 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23207 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23208 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2321 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23210 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23211 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23212 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23213 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23214 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23215 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23216 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23217 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23218 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23219 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2322 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23220 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23221 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23223 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23228 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23229 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2323 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23232 is a security vulnerability in Linux Linux. This page lists the verified fix and inline mitigations.
CVE-2026-23233 is a security vulnerability in Linux Linux. This page lists the verified fix and inline mitigations.
CVE-2026-23234 is a security vulnerability in Linux Linux. This page lists the verified fix and inline mitigations.
CVE-2026-23235 is a security vulnerability in Linux Linux. This page lists the verified fix and inline mitigations.
CVE-2026-23237 is a security vulnerability in Linux Linux. This page lists the verified fix and inline mitigations.
CVE-2026-23238 is a security vulnerability in Linux Linux. This page lists the verified fix and inline mitigations.
CVE-2026-23241 is a audit: add missing syscalls to read class in Linux. Patch commands, mitigations, and verification.
CVE-2026-23244 is a nvme: fix memory allocation in nvme_pr_read_keys() in Linux. Patch commands, mitigations, and verification.
CVE-2026-23247 is a tcp: secure_seq: add back ports to ts offset in Linux. Patch commands, mitigations, and verification.
CVE-2026-23249 is a xfs: check for deleted cursors when revalidating two btrees in Linux. Patch commands, mitigations, and verification.
CVE-2026-23250 is a xfs: check return value of xchk_scrub_create_subord in Linux. Patch commands, mitigations, and verification.
CVE-2026-23251 is a xfs: only call xf{array, blob}_destroy if we have a valid pointer in Linux. Patch commands, mitigations, and verificatio
CVE-2026-23252 is a xfs: get rid of the xchk_xfile_*_descr calls in Linux. Patch commands, mitigations, and verification.
CVE-2026-23254 is a net: gro: fix outer network offset in Linux. Patch commands, mitigations, and verification.
CVE-2026-23255 is a net: add proper rcu protection to /proc/net/ptype in Linux. Patch commands, mitigations, and verification.
CVE-2026-23256 is a net: liquidio: fix off-by-one error in vf setup_nic_devices() cleanup in Linux. Patch commands, mitigations, and verific
CVE-2026-23257 is a net: liquidio: fix off-by-one error in pf setup_nic_devices() cleanup in Linux. Patch commands, mitigations, and verific
CVE-2026-23258 is a net: liquidio: initialize netdev pointer before queue setup in Linux. Patch commands, mitigations, and verification.
CVE-2026-23259 is a io_uring/rw: free potentially allocated iovec on cache put failure in Linux. Patch commands, mitigations, and verificati
CVE-2026-23260 is a regmap: maple: free entry on mas_store_gfp() failure in Linux. Patch commands, mitigations, and verification.
CVE-2026-23261 is a nvme-fc: release admin tagset if init fails in Linux. Patch commands, mitigations, and verification.
CVE-2026-23262 is a gve: fix stats report corruption on queue count change in Linux. Patch commands, mitigations, and verification.
CVE-2026-23263 is a io_uring/zcrx: fix page array leak in Linux. Patch commands, mitigations, and verification.
CVE-2026-23264 is a revert "drm/amd: check if aspm is enabled from pcie subsystem" in Linux. Patch commands, mitigations, and verification.
CVE-2026-23265 is a f2fs: fix to do sanity check on node footer in {read, write}_end_io in Linux. Patch commands, mitigations, and verificat
CVE-2026-23266 is a fbdev: rivafb: fix divide error in nv3_arb() in Linux. Patch commands, mitigations, and verification.
CVE-2026-23267 is a security vulnerability in Linux. Patch commands, mitigations, and verification.
CVE-2026-23276 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23277 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23279 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23281 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23282 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23283 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23284 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23285 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23286 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23287 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23289 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23290 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23291 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23292 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23293 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23295 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23296 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23297 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23298 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23299 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23300 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23301 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23302 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23303 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23304 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23305 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23307 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23308 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23309 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23310 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23311 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23312 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23313 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23314 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23315 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23316 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23318 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23319 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23321 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23322 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23323 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23324 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23325 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23326 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23327 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23328 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23329 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23330 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23331 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23332 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23334 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23335 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23337 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23338 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23339 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23341 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23342 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23343 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23344 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23345 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23346 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23347 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23348 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23349 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23352 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23353 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23354 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23355 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23356 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23357 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23358 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23359 is an out-of-bounds write in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23360 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23361 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23362 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23363 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23365 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23366 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23367 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23368 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23369 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23370 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23371 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23373 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23374 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23375 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23376 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23377 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23379 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23380 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23381 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23382 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23384 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23385 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23386 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23387 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23388 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23389 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23390 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23394 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23396 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23397 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23398 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23399 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23400 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23401 is a kvm: x86/mmu: drop/zap existing present spte even when creating an mmio spte in Linux. Patch commands, mitigations, and
CVE-2026-23402 is a kvm: x86/mmu: only warn in direct mmus when overwriting shadow-present spte in Linux, fixed by the same patch as CVE-202
CVE-2026-23403 is a apparmor: fix memory leak in verify_header in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23404 is a apparmor: replace recursive profile removal with iterative approach in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23405 is a apparmor: fix: limit the number of levels of policy namespaces in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23409 is a apparmor: fix differential encoding verification in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23416 is a mm/mseal: update vma end correctly on merge in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23417 is a bpf: fix constant blinding for probe_mem32 stores in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23418 is a drm/xe/reg_sr: fix leak on xa_store failure in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23420 is a wifi: wlcore: fix a locking bug in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23421 is a drm/xe/configfs: free ctx_restore_mid_bb in release in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23422 is a dpaa2-switch: fix interrupt storm after receiving bad if_id in irq handler in Linux, fixed by the same patch as CVE-2026
CVE-2026-23423 is a btrfs: free pages on error in btrfs_uring_read_extent() in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23426 is a drm/logicvc: fix device node reference leak in logicvc_drm_config_parse() in Linux, fixed by the same patch as CVE-2026-
CVE-2026-2343 is a vulnerability in PeproDev Ultimate Invoice. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-23430 is a drm/vmwgfx: don't overwrite kms surface dirty tracker in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23431 is a spi: amlogic-spisg: fix memory leak in aml_spisg_probe() in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23433 is a arm_mpam: fix null pointer dereference when restoring bandwidth counters in Linux, fixed by the same patch as CVE-2026-2
CVE-2026-23435 is a perf/x86: move event pointer setup earlier in x86_pmu_enable() in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23436 is a net: shaper: protect from late creation of hierarchy in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23438 is a net: mvpp2: guard flow control update with global_tx_fc in buffer switching in Linux, fixed by the same patch as CVE-202
CVE-2026-23439 is a udp_tunnel: fix null deref caused by udp_sock_create6 when config_ipv6=n in Linux, fixed by the same patch as CVE-2026-2
CVE-2026-23441 is a net/mlx5e: prevent concurrent access to ipsec aso context in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23442 is a ipv6: add null checks for idev in srv6 paths in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23443 is a acpi: processor: fix previous acpi_processor_errata_piix4() fix in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23446 is a net: usb: aqc111: do not perform pm inside suspend callback in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23447 is a net: usb: cdc_ncm: add ndpoffset to ndp32 nframes bounds check in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23448 is a net: usb: cdc_ncm: add ndpoffset to ndp16 nframes bounds check in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23452 is a pm: runtime: fix a race condition related to device removal in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23454 is a net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown in Linux, fixed by the same patch as
CVE-2026-23460 is a net/rose: fix null pointer dereference in rose_transmit_link on reconnect in Linux, fixed by the same patch as CVE-2026-
CVE-2026-23463 is a soc: fsl: qbman: fix race condition in qman_destroy_fq in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23464 is a soc: microchip: mpfs: fix memory leak in mpfs_sys_controller_probe() in Linux, fixed by the same patch as CVE-2026-23401
CVE-2026-23465 is a btrfs: log new dentries when logging parent dir of a conflicting inode in Linux, fixed by the same patch as CVE-2026-234
CVE-2026-23467 is a drm/i915/dmc: fix an unlikely null pointer deference at probe in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23468 is a drm/amdgpu: limit bo list entry count to prevent resource exhaustion in Linux, fixed by the same patch as CVE-2026-23401
CVE-2026-23469 is a drm/imagination: synchronize interrupts before suspending the gpu in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23470 is a drm/imagination: fix deadlock in soft reset sequence in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23472 is a serial: core: fix infinite loop in handle_tx() for port_unknown in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23474 is a mtd: avoid boot crash in redboot partition table parser in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-23475 is a spi: fix statistics allocation in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-2348 is a vulnerability in Quick Edit. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2349 is a vulnerability in UI Icons. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23553 is a vulnerability in Xen. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23554 is a vulnerability in Xen. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23555 is a vulnerability in Xen. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23557 is a vulnerability in Xen. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23558 is a vulnerability in Xen. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23634 is a vulnerability in pepr. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23740 is a vulnerability in asterisk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23741 is a vulnerability in asterisk. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23768 is a vulnerability in lucy-xss-filter. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23769 is a vulnerability in lucy-xss-filter. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23794 is a vulnerability in Apache Syncope. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23795 is a XML external entity (XXE) in Apache Syncope. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-23864: an unsafe deserialization in react-server-dom-webpack. Patched version and vendor advisory inside.
CVE-2026-23903 is a vulnerability in Apache Shiro. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-23906 is an authentication bypass in Apache Druid. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-24005 is a SSRF in openkruise kruise. This page lists the verified fix and inline mitigations.
CVE-2026-24068 is an authentication bypass in Vienna Assistant. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-24070 is a vulnerability in Native Access. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24071 is a vulnerability in Native Access. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24098 is an information disclosure in Apache Airflow. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-24343 is a vulnerability in Apache HertzBeat. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-2439 is a vulnerability in Concierge::Sessions. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-24408 is a vulnerability in sigstore-python. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2447 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24516 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24656 is an unsafe deserialization in Apache Karaf. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-24710 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24711 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24712 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24733 is an improper input validation in Apache Tomcat. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-24734: an improper input validation in Apache Tomcat Native. Patched version and vendor advisory inside.
CVE-2026-24735 is a vulnerability in Apache Answer. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2474 is a path traversal in Crypt::URandom. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24868 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-24869 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25087 is an use-after-free in Apache Arrow. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-25680 is a denial of service in golang.org/x/net/html. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-25681: a cross-site scripting (XSS) in golang.org/x/net/html. Patched version and vendor advisory inside.
CVE-2026-25828 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26462 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2648 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2649 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-2650 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26721 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26722 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26723 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26724 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26725 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26731 is a stack-based buffer overflow in n/a. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-26732 is a stack-based buffer overflow in n/a. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-26736 is a stack-based buffer overflow in n/a. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-26744 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26745 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26746 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26747 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26828 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26829 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26831 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26833 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-26979 is a missing authorization in discourse discourse. This page lists the verified fix and inline mitigations.
CVE-2026-27099 is a vulnerability in Jenkins. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-27100 is a vulnerability in Jenkins. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-27136: a cross-site scripting (XSS) in golang.org/x/net/html. Patched version and vendor advisory inside.
CVE-2026-27167 is a hardcoded credentials in gradio-app gradio. This page lists the verified fix and inline mitigations.
CVE-2026-27173: a vulnerability in Apache Airflow CNCF Kubernetes provider. Patched version and vendor advisory inside.
CVE-2026-28816 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28817 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28818 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28820 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28821 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28822 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28823 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28824 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28825 is an out-of-bounds write in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28826 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28827 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28828 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28829 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28831 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28832 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28833 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28834 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28835 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28837 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28838 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28839 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28841 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28842 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28844 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28845 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28852 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28855 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28856 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28857 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28858 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28859 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28861 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28862 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28863 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28864 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28865 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28866 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28867 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28868 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28870 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28871 is a vulnerability in Safari. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28874 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28875 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28876 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28877 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28878 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28879 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28880 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28881 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28882 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28886 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28888 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28889 is a vulnerability in Xcode. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28890 is a vulnerability in Xcode. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28891 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28892 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28893 is a vulnerability in macOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28894 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-28895 is a vulnerability in iOS and iPadOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29207 is a server-side template injection in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-29220 is a path traversal in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29226: a server-side request forgery (SSRF) in Apache OFBiz. Patched version and vendor advisory inside.
CVE-2026-29597 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29828 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29839 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29840 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29871 is a path traversal in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29872 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29905 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29909 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29924 is a XML external entity (XXE) in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29925 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29933 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29934 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29953 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29954 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29962 is a path traversal in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29963 is a path traversal in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29964 is a cross-site scripting (XSS) in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-29965 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29969 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-29976 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30006 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30007 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30077 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30082 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30117 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30118 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30162 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30302 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30303 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30304 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30305 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30306 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30307 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30308 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30313 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30457 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30458 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30463 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30527 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30529 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30530 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30531 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30532 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30533 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30534 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30556 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30557 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30558 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30559 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30560 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30561 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30562 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30563 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30564 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30565 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30566 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30567 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30568 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30569 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30570 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30571 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30574 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30575 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30576 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30578 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30579 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30580 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30587 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30637 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30653 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30655 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30661 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30662 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30689 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-30691 is a cross-site scripting (XSS) in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-30825 is a authorization bypass through user-controlled key in hoppscotch hoppscotch. This page lists the verified fix and inline m
CVE-2026-30892 is a vulnerability in crun. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31069 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31070 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31071 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31072 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31156 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31214 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31215 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31216 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31217 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31218 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31219 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31220 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31221 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31222 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31223 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31224 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31225 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31226 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31228 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31229 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31230 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31231 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31232 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31233 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31234 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31235 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31236 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31237 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31238 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31239 is an unsafe deserialization in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31240 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31241 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31242 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31243 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31244 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31245 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31378 is an improper input validation in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-31379 is a cross-site scripting (XSS) in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-31380 is a vulnerability in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-31387 is an authentication bypass in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-31388 is an access control bypass in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-31390 is a drm/xe: fix memory leak in xe_vm_madvise_ioctl in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-31391 is a crypto: atmel-sha204a - fix oom ->tfm_count leak in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-31394 is a mac80211: fix crash in ieee80211_chan_bw_change for ap_vlan stations in Linux, fixed by the same patch as CVE-2026-23401
CVE-2026-31395 is a bnxt_en: fix oob access in dbg_buf_producer async event handler in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-31399 is a nvdimm/bus: fix potential use after free in asynchronous initialization in Linux, fixed by the same patch as CVE-2026-23
CVE-2026-31400 is a sunrpc: fix cache_request leak in cache_release in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-31410 is a ksmbd: use volume uuid in fs_object_id_information in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-31411 is a net: atm: fix crash due to unvalidated vcc pointer in sigd_send() in Linux, fixed by the same patch as CVE-2026-23401.
CVE-2026-31412 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31415 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31416 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31418 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31420 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31421 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31422 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31423 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31424 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31425 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31427 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31428 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31429 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31430 is a security vulnerability in Linux. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-31434 - btrfs: fix leak of kobject name for sub-group space_info in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31437 - netfs: Fix NULL pointer dereference in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31438 - netfs: Fix kernel BUG in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31439 - dmaengine: xilinx: xdma: Fix regmap init error handling in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31440 - dmaengine: idxd: Fix leaking event log memory in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31441 - dmaengine: idxd: Fix memory leak when a wq is reset in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31443 - dmaengine: idxd: Fix crash when the event log is disabled in Linux. Runnable patch commands, mitigation, and verification o
CVE-2026-31445 - mm/damon/core: avoid use of half-online-committed context in Linux. Runnable patch commands, mitigation, and verification o
CVE-2026-31451 - ext4: replace BUG_ON with proper error handling in Linux. Runnable patch commands, mitigation, and verification on this pag
CVE-2026-31452 - ext4: convert inline data to extents when truncate exceeds inline size in Linux. Runnable patch commands, mitigation, and v
CVE-2026-31455 - xfs: stop reclaim before pushing AIL during unmount in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31456 - mm/pagewalk: fix race between concurrent split and refault in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31457 - mm/damon/sysfs: check contexts->nr in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31458 - mm/damon/sysfs: check contexts->nr before accessing contexts_arr[0] in Linux. Runnable patch commands, mitigation, and veri
CVE-2026-31459 - mm/damon/sysfs: fix param_ctx leak on damon_sysfs_new_test_ctx() failure in Linux. Runnable patch commands, mitigation, and
CVE-2026-31460 - drm/amd/display: check if ext_caps is valid in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31461 - drm/amd/display: Fix drm_edid leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31462 - drm/amdgpu: prevent immediate PASID reuse case in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31465 - writeback: don't block sync for filesystems with no data integrity guarantees in Linux. Runnable patch commands, mitigation
CVE-2026-31466 - mm/huge_memory: fix folio isn't locked in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31472 - xfrm: iptfs: validate inner IPv4 header length in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31480 - tracing: Fix potential deadlock in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31481 - tracing: Drain deferred trigger frees if kthread creation fails in Linux. Runnable patch commands, mitigation, and verifica
CVE-2026-31482 - s390/entry: Scrub r12 register on kernel entry in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31483 - s390/syscalls: Add spectre boundary for syscall dispatch table in Linux. Runnable patch commands, mitigation, and verificat
CVE-2026-31485 - spi: spi-fsl-lpspi: fix teardown order issue (UAF) in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31487 - spi: use generic driver_override infrastructure in Linux. Runnable patch commands, mitigation, and verification on this pag
CVE-2026-31489 - spi: meson-spicc: Fix double-put in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31491 - RDMA/irdma: Harden depth calculation functions in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31492 - RDMA/irdma: Initialize free_qp completion before using it in Linux. Runnable patch commands, mitigation, and verification o
CVE-2026-31493 - RDMA/efa: Fix use of completion ctx after free in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31495 - netfilter: ctnetlink: use netlink policy range checks in Linux. Runnable patch commands, mitigation, and verification on th
CVE-2026-31496 - netfilter: nf_conntrack_expect: skip expectations in Linux. Runnable patch commands, mitigation, and verification on this p
CVE-2026-31497 - Bluetooth: btusb: clamp SCO altsetting table indices in Linux. Runnable patch commands, mitigation, and verification on thi
CVE-2026-31498 - Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop in Linux. Runnable patch commands, mitigation, and verifi
CVE-2026-31499 - Bluetooth: L2CAP: Fix deadlock in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31500 - Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock in Linux. Runnable patch commands, mitigation, and
CVE-2026-31503 - udp: Fix wildcard bind conflict check when using hash2 in Linux. Runnable patch commands, mitigation, and verification on t
CVE-2026-31506 - net: bcmasp: fix double free of WoL irq in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31509 - nfc: nci: fix circular locking dependency in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31510 - Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31512 - Bluetooth: L2CAP: Validate PDU length before reading SDU length in Linux. Runnable patch commands, mitigation, and verifica
CVE-2026-31514 - erofs: set fileio bio failed in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31515 - af_key: validate families in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31517 - xfrm: iptfs: fix skb_put() panic on non-linear skb during reassembly in Linux. Runnable patch commands, mitigation, and ver
CVE-2026-31518 - esp: fix skb leak with espintcp and async crypto in Linux. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-31519 - btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create in Linux. Runnable patch commands, mitigation, and verification o
CVE-2026-31520 - HID: apple: avoid memory leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31521 - module: Fix kernel panic when a symbol st_shndx is out of bounds in Linux. Runnable patch commands, mitigation, and verific
CVE-2026-31522 - HID: magicmouse: avoid memory leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31523 - nvme-pci: ensure we're polling a polled queue in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31524 - HID: asus: avoid memory leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31526 - bpf: Fix exception exit lock checking for subprogs in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31527 - driver core: platform: use generic driver_override infrastructure in Linux. Runnable patch commands, mitigation, and verifi
CVE-2026-31529 - cxl/region: Fix leakage in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31530 - cxl/port: Fix use after free of parent_port in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31531 - ipv4: nexthop: allocate skb dynamically in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31535 - smb: client: make use of smbdirect_socket.recv_io.credits.available in Linux. Runnable patch commands, mitigation, and veri
CVE-2026-31537 - smb: server: make use of smbdirect_socket.send_io.bcredits in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31540 - drm/i915/gt: Check set_default_submission() before deferencing in Linux. Runnable patch commands, mitigation, and verificat
CVE-2026-31541 - tracing: Fix trace_marker copy link list updates in Linux. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-31542 - x86/platform/uv: Handle deconfigured sockets in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31543 - crash_dump: don't log dm-crypt key bytes in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31544 - firmware: arm_scmi: Fix NULL dereference on notify error path in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31545 - NFC: nxp-nci: allow GPIOs to sleep in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31546 - net: bonding: fix NULL deref in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31547 - drm/xe: Fix missing runtime PM reference in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31549 - i2c: cp2615: fix serial string NULL-deref at probe in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31550 - pmdomain: bcm: bcm2835-power: Increase ASB control timeout in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31551 - wifi: mac80211: Fix static_branch_dec() underflow for aql_disable. in Linux. Runnable patch commands, mitigation, and verif
CVE-2026-31555 - futex: Clear stale exiting pointer in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31556 - xfs: scrub: unlock dquot before early return in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31559 - LoongArch: Fix missing NULL checks for kstrdup() in Linux. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-31560 - spi: spi-dw-dma: fix print error log when wait finish transaction in Linux. Runnable patch commands, mitigation, and verifi
CVE-2026-31561 - x86/cpu: Remove X86_CR4_FRED from the CR4 pinned bits mask in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31562 - drm/mediatek: dsi: Store driver data before invoking mipi_dsi_host_register in Linux. Runnable patch commands, mitigation,
CVE-2026-31564 - LoongArch: KVM: Fix base address calculation in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31565 - RDMA/irdma: Fix deadlock during netdev reset with active connections in Linux. Runnable patch commands, mitigation, and ver
CVE-2026-31567 - PM: sleep: Drop spurious WARN_ON() from pm_restore_gfp_mask() in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31568 - s390/mm: Add missing secure storage access fixups for donated memory in Linux. Runnable patch commands, mitigation, and ver
CVE-2026-31571 - drm/i915: Unlink NV12 planes earlier in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31572 - i2c: designware: amdisp: Fix resume-probe race condition issue in Linux. Runnable patch commands, mitigation, and verificat
CVE-2026-31573 - media: verisilicon: Fix kernel panic due to __initconst misuse in Linux. Runnable patch commands, mitigation, and verificat
CVE-2026-31574 - clockevents: Add missing resets of the next_event_forced flag in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31575 - mm/userfaultfd: fix hugetlb fault mutex hash calculation in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31576 - media: hackrf: fix to not free memory after the device is registered in Linux. Runnable patch commands, mitigation, and ver
CVE-2026-31577 - nilfs2: fix NULL i_assoc_inode dereference in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31578 - media: as102: fix to not free memory after the device is registered in Linux. Runnable patch commands, mitigation, and veri
CVE-2026-31579 - wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in Linux. Runnable patch commands, mitigation, and ve
CVE-2026-31580 - bcache: fix cached_dev.sb_bio use-after-free and crash in Linux. Runnable patch commands, mitigation, and verification on t
CVE-2026-31581 - ALSA: 6fire: fix use-after-free on disconnect in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31582 - hwmon: (powerz) Fix use-after-free on USB disconnect in Linux. Runnable patch commands, mitigation, and verification on thi
CVE-2026-31583 - media: em28xx: fix use-after-free in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31585 - media: vidtv: fix nfeeds state corruption on start_streaming failure in Linux. Runnable patch commands, mitigation, and ver
CVE-2026-31590 - KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION in Linux. Runnable patch commands, mitigation, and veri
CVE-2026-31591 - KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish in Linux. Runnable patch commands, mitigation, and v
CVE-2026-31592 - KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock in Linux. Runnable patch commands, mitigation, and
CVE-2026-31593 - KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU in Linux. Runnable patch commands, mitigation,
CVE-2026-31594 - PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown in Linux. Runnable patch commands, mitigation, and verifica
CVE-2026-31595 - PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31596 - ocfs2: handle invalid dinode in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31599 - media: vidtv: fix NULL pointer dereference in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31601 - vfio/xe: Reorganize the init to decouple migration from reset in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31603 - staging: sm750fb: fix division by zero in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31604 - wifi: rtw88: fix device leak on probe failure in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31605 - fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO in Linux. Runnable patch commands, mitigation, and verification o
CVE-2026-31606 - usb: gadget: f_hid: don't call cdev_init while cdev in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31610 - ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc in Linux. Runnable patch commands, mitigation, and ver
CVE-2026-31614 - smb: client: fix off-by-8 bounds check in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31615 - usb: gadget: renesas_usb3: validate endpoint index in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31616 - usb: gadget: f_phonet: fix skb frags[] overflow in Linux. Runnable patch commands, mitigation, and verification on this pag
CVE-2026-31617 - usb: gadget: f_ncm: validate minimum block_len in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31618 - fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31619 - ALSA: fireworks: bound device-supplied status before string array lookup in Linux. Runnable patch commands, mitigation, and
CVE-2026-31620 - ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31621 - bnge: return after auxiliary_device_uninit() in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31623 - net: usb: cdc-phonet: fix skb frags[] overflow in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31624 - HID: core: clamp report_size in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31625 - HID: alps: fix NULL pointer dereference in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31628 - x86/CPU: Fix FPDSS on Zen1 in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31632 - rxrpc: Fix leak of rxgk context in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31634 - rxrpc: fix reference count leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31639 - rxrpc: Fix key reference count leak from call->key in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31642 - rxrpc: Fix call removal to use RCU safe deletion in Linux. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-31643 - rxrpc: Fix key parsing memleak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31645 - net: lan966x: fix page pool leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31646 - net: lan966x: fix page_pool error handling in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31647 - idpf: fix PREEMPT_RT raw/bh spinlock nesting for async VC handling in Linux. Runnable patch commands, mitigation, and verif
CVE-2026-31650 - mmc: vub300: fix use-after-free on disconnect in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31651 - mmc: vub300: fix NULL-deref on disconnect in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31652 - mm/damon/stat: deallocate damon_call() failure leaking damon_ctx in Linux. Runnable patch commands, mitigation, and verific
CVE-2026-31653 - mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails in Linux. Runnable patch commands, mitigation, and verifi
CVE-2026-31654 - mm/vma: fix memory leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31655 - pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31658 - net: altera-tse: fix skb leak on DMA mapping error in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31660 - nfc: pn533: allocate rx skb before consuming bytes in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31661 - wifi: brcmsmac: Fix dma_free_coherent() size in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31664 - xfrm: clear trailing padding in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31670 - net: rfkill: prevent unlimited numbers of rfkill events from being created in Linux. Runnable patch commands, mitigation, a
CVE-2026-31671 - xfrm_user: fix info leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31672 - wifi: rt2x00usb: fix devres lifetime in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31677 - crypto: af_alg - limit RX SG extraction by receive buffer budget in Linux. Runnable patch commands, mitigation, and verific
CVE-2026-31681 - netfilter: xt_multiport: validate range encoding in Linux. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-31684 - net: sched: act_csum: validate nested VLAN headers in Linux. Runnable patch commands, mitigation, and verification on this
CVE-2026-31686 - mm/kasan: fix double free for kasan pXds in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31687 - gpio: omap: do not register driver in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31688 - driver core: enforce device_lock for driver_match_device() in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31689 - EDAC/mc: Fix error path ordering in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31690 - firmware: thead: Fix buffer overflow and use standard endian macros in Linux. Runnable patch commands, mitigation, and veri
CVE-2026-31691 - igb: remove napi_synchronize() in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31692 - rtnetlink: add missing netlink_ns_capable() check for peer netns in Linux. Runnable patch commands, mitigation, and verific
CVE-2026-31696 - rxrpc: Fix missing validation of ticket length in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31701 - ALSA: caiaq: take a reference on the USB device in Linux. Runnable patch commands, mitigation, and verification on this pag
CVE-2026-31702 - f2fs: fix use-after-free of sbi in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31704 - ksmbd: use check_add_overflow() to prevent u16 DACL size overflow in Linux. Runnable patch commands, mitigation, and verifi
CVE-2026-31710 - smb: client: fix dir separator in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31713 - fuse: abort on fatal signal during sync init in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31714 - f2fs: fix to avoid memory leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31715 - f2fs: fix UAF caused by decrementing sbi->nr_pages[] in Linux. Runnable patch commands, mitigation, and verification on thi
CVE-2026-31720 - usb: gadget: f_uac1_legacy: validate control request size in Linux. Runnable patch commands, mitigation, and verification o
CVE-2026-31721 - usb: gadget: f_hid: move list and spinlock inits from bind to alloc in Linux. Runnable patch commands, mitigation, and veri
CVE-2026-31722 - usb: gadget: f_rndis: Fix net_device lifecycle with device_move in Linux. Runnable patch commands, mitigation, and verifica
CVE-2026-31723 - usb: gadget: f_subset: Fix net_device lifecycle with device_move in Linux. Runnable patch commands, mitigation, and verific
CVE-2026-31724 - usb: gadget: f_eem: Fix net_device lifecycle with device_move in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31725 - usb: gadget: f_ecm: Fix net_device lifecycle with device_move in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31726 - usb: gadget: uvc: fix NULL pointer dereference during unbind race in Linux. Runnable patch commands, mitigation, and verifi
CVE-2026-31727 - usb: gadget: u_ether: Fix NULL pointer deref in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31728 - usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop in Linux. Runnable patch commands, mitigation, and ve
CVE-2026-31729 - usb: typec: ucsi: validate connector number in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31732 - gpio: Fix resource leaks on errors in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31733 - sched_ext: Fix stale direct dispatch state in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31734 - sched_ext: Fix is_bpf_migration_disabled() false negative on non-PREEMPT_RCU in Linux. Runnable patch commands, mitigation,
CVE-2026-31736 - net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled in Linux. Runnable patch commands, mitigation, and verifica
CVE-2026-31737 - net: ftgmac100: fix ring allocation unwind on open failure in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31738 - vxlan: validate ND option lengths in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31740 - counter: rz-mtu3-cnt: do not use struct rz_mtu3_channel's dev member in Linux. Runnable patch commands, mitigation, and ver
CVE-2026-31741 - counter: rz-mtu3-cnt: prevent counter from being toggled multiple times in Linux. Runnable patch commands, mitigation, and
CVE-2026-31744 - PM: EM: Fix NULL pointer dereference when perf domain ID is not found in Linux. Runnable patch commands, mitigation, and ve
CVE-2026-31745 - reset: gpio: fix double free in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31746 - s390/zcrypt: Fix memory leak with CCA cards used as accelerator in Linux. Runnable patch commands, mitigation, and verifica
CVE-2026-31747 - comedi: me4000: Fix potential overrun of firmware buffer in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31748 - comedi: me_daq: Fix potential overrun of firmware buffer in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31749 - comedi: ni_atmio16d: Fix invalid clean-up after failed attach in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31750 - comedi: runflags cannot determine whether to reclaim chanlist in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-31751 - comedi: dt2815: add hardware detection to prevent crash in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31752 - bridge: br_nd_send: validate ND option lengths in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31753 - auxdisplay: line-display: fix NULL dereference in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31754 - usb: cdns3: gadget: fix state inconsistency on gadget init failure in Linux. Runnable patch commands, mitigation, and verif
CVE-2026-31755 - usb: cdns3: gadget: fix NULL pointer dereference in Linux. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-31756 - usb: dwc2: gadget: Fix spin_lock/unlock mismatch in Linux. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-31757 - usb: misc: usbio: Fix URB memory leak on submit failure in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31759 - usb: ulpi: fix double free in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31760 - gpib: lpvo_usb: fix memory leak on disconnect in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31762 - iio: gyro: mpu3050: Fix irq resource leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31763 - iio: gyro: mpu3050: Fix incorrect free_irq() variable in Linux. Runnable patch commands, mitigation, and verification on th
CVE-2026-31764 - iio: imu: st_lsm6dsx: Set buffer sampling frequency for accelerometer only in Linux. Runnable patch commands, mitigation, a
CVE-2026-31765 - drm/amdgpu: Change AMDGPU_VA_RESERVED_TRAP_SIZE to 64KB in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31767 - drm/i915/dsi: Don't do DSC horizontal timing adjustments in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31770 - hwmon: (occ) Fix division by zero in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31775 - ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-31776 - ALSA: ctxfi: Fix missing SPDIFI1 index handling in Linux. Runnable patch commands, mitigation, and verification on this pag
CVE-2026-31777 - ALSA: ctxfi: Check the error for index mapping in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31778 - ALSA: caiaq: fix stack out-of-bounds read in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31781 - drm/ioc32: stop speculation on the drm_compat_ioctl path in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-31783 - spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove() callback in Linux. Runnable patch commands, mit
CVE-2026-31784 - drm/xe/pxp: Clear restart flag in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-31785 - drm/xe/xe_pagefault: Disallow writes to read-only VMAs in Linux. Runnable patch commands, mitigation, and verification on t
CVE-2026-31787 - xen/privcmd: fix double free via VMA splitting in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-31873: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in unhead. Patch commands and v
CVE-2026-31897: FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar` in FreeRDP. Patch commands and verification.
CVE-2026-31906 is a cross-site scripting (XSS) in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-31909 is an information disclosure in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-31910: a server-side request forgery (SSRF) in Apache OFBiz. Patched version and vendor advisory inside.
CVE-2026-31954 is a emlog asynchronous media file deletion missing csrf protection in emlog. CVSS 0 None. Patch commands, mitigations, and v
CVE-2026-31986 is a hard-coded credentials in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-3210 is an access control bypass in Material Icons. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-3211 is a vulnerability in Theme Negotiation by Rules. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-3212 is a vulnerability in Tagify. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3213 is a vulnerability in Anti-Spam by CleanTalk. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-3214 is an authentication bypass in CAPTCHA. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3215 is a vulnerability in Islandora. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3216 is a vulnerability in Drupal Canvas. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3217 is a vulnerability in SAML SSO - Service Provider. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-3218 is a vulnerability in Responsive Favicons. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-3220 is a cross-site scripting (XSS) in Autoptimize. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-32284 is a vulnerability in github.com/shamaton/msgpack. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-32285 is a vulnerability in github.com/buger/jsonparser. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-32286 is a vulnerability in github.com/jackc/pgproto3/v2. Verified patched version, official vendor advisory, and how to confirm th
CVE-2026-32287 is a denial of service in github.com/antchfx/xpath. Verified patched version, official vendor advisory, and how to confirm th
CVE-2026-3256 is a vulnerability in HTTP::Session. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-32732 is a xss in @leanprover/unicode-input-component in Leanprover vscode-lean4. CVSS 0 None. Patch commands, mitigations, and ver
CVE-2026-32752 is a cwe-284: improper access control in Freescout-help-desk freescout. CVSS 0 None. Patch commands, mitigations, and verific
CVE-2026-32794: a code injection in Apache Airflow Provider for Databricks. Patched version and vendor advisory inside.
CVE-2026-33343 is an access control bypass in etcd. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33373 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33554 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33637 is a server-side request forgery (SSRF) in faraday. Verified patched version, official vendor advisory, and how to confirm th
CVE-2026-33643 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-33809 is a vulnerability in golang.org/x/image/tiff. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-34095 is a exposure of resource to wrong sphere in MediaWiki. Patched version, runnable upgrade commands, and how to verify the fix
CVE-2026-34253 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-34472 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3479: pkgutil.get_data() does not enforce documented restrictions in CPython. Patch commands and verification.
CVE-2026-34883 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-35086 is a code injection in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-35194 is a code injection in Apache Flink. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3525: an access control bypass in File Access Fix (deprecated). Patched version and vendor advisory inside.
CVE-2026-3526: an access control bypass in File Access Fix (deprecated). Patched version and vendor advisory inside.
CVE-2026-3527 is an authentication bypass in AJAX Dashboard. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-3528 is a vulnerability in Calculation Fields. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-3529 is a vulnerability in Google Analytics GA4. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-3530 is a vulnerability in OpenID Connect / OAuth client. Verified patched version, official vendor advisory, and how to confirm th
CVE-2026-3531: an authentication bypass in OpenID Connect / OAuth client. Patched version and vendor advisory inside.
CVE-2026-3532: an OS command injection in OpenID Connect / OAuth client. Patched version and vendor advisory inside.
CVE-2026-3573: an access control bypass in AI (Artificial Intelligence). Patched version and vendor advisory inside.
CVE-2026-36189 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36226 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36227 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36228 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36738 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36741 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36742 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36827 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36828 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-36829 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-37281 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-37428 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-37429 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-37430 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-37470 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-38719 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-38728 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-38740 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-3889 is a vulnerability in Thunderbird. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-39047 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-39052 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-39053 is a XML external entity (XXE) in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-39054 is an OS command injection in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-39079 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-39250 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-39461 is a stack-based buffer overflow in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-39821 is a vulnerability in golang.org/x/net/idna. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-39824 is a vulnerability in golang.org/x/sys/windows. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-39827 is a vulnerability in golang.org/x/crypto/ssh. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-39828: an access control bypass in golang.org/x/crypto/ssh. Patched version and vendor advisory inside.
CVE-2026-39829 is a vulnerability in golang.org/x/crypto/ssh. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-39830 is a vulnerability in golang.org/x/crypto/ssh. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-39831: an authentication bypass in golang.org/x/crypto/ssh. Patched version and vendor advisory inside.
CVE-2026-39832 is a vulnerability in golang.org/x/crypto/ssh/agent. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-39833 is a vulnerability in golang.org/x/crypto/ssh/agent. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-39834 is a vulnerability in golang.org/x/crypto/ssh. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-39835 is a denial of service in golang.org/x/crypto/ssh. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-4046 is a vulnerability in glibc. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-41085 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-41144 is an integer overflow in fprime. This page lists verified fix commands and short-term mitigations you can run today.
CVE-2026-41284 is a denial of service in Apache Tomcat. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-41293 is an improper input validation in Apache Tomcat. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-41517 is a unrestricted upload of file with dangerous type in emlog. Patched version, runnable upgrade commands, and how to verify
CVE-2026-4176 is a code injection in perl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-41919 is a vulnerability in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4247 is a vulnerability in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-42498 is an information disclosure in Apache Tomcat. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-42502: a cross-site scripting (XSS) in golang.org/x/net/html. Patched version and vendor advisory inside.
CVE-2026-42506: a cross-site scripting (XSS) in golang.org/x/net/html. Patched version and vendor advisory inside.
CVE-2026-42508: an authentication bypass in golang.org/x/crypto/ssh/knownhosts. Patched version and vendor advisory inside.
CVE-2026-42526: an access control bypass in Apache Airflow Amazon provider. Patched version and vendor advisory inside.
CVE-2026-42626 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-42627 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-42873 exposure of sensitive information to an unauthorized actor in WeGIA. Runnable upgrade commands and verification steps for sys
CVE-2026-43004 - spi: stm32-ospi: Fix resource leak in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43005 - hwmon: (tps53679) Fix array access with zero-length block read in Linux. Runnable patch commands, mitigation, and verificat
CVE-2026-43007 - accel/qaic: Handle DBC deactivation if the owner went away in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-43008 - gpio: qixis-fpga: Fix error handling for devm_regmap_init_mmio() in Linux. Runnable patch commands, mitigation, and verific
CVE-2026-43010 - bpf: Reject sleepable kprobe_multi programs at attach time in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-43012 - net/mlx5: Fix switchdev mode rollback in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43013 - net/mlx5: lag: Check for LAG device before creating debugfs in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-43014 - net: macb: properly unregister fixed rate clocks in Linux. Runnable patch commands, mitigation, and verification on this pa
CVE-2026-43015 - net: macb: fix clk handling on PCI glue driver removal in Linux. Runnable patch commands, mitigation, and verification on t
CVE-2026-43017 - Bluetooth: MGMT: validate mesh send advertising payload length in Linux. Runnable patch commands, mitigation, and verificat
CVE-2026-43020 - Bluetooth: MGMT: validate LTK enc_size on load in Linux. Runnable patch commands, mitigation, and verification on this page
CVE-2026-43021 - Bluetooth: hci_sync: fix leaks when hci_cmd_sync_queue_once fails in Linux. Runnable patch commands, mitigation, and verifi
CVE-2026-43022 - Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists in Linux. Runnable patch commands, mitigation, and
CVE-2026-43024 - netfilter: nf_tables: reject immediate NF_QUEUE verdict in Linux. Runnable patch commands, mitigation, and verification on
CVE-2026-43026 - netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent in Linux. Runnable patch commands, mitigation, and
CVE-2026-43027 - netfilter: nf_conntrack_helper: pass helper to expect cleanup in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-43032 - NFC: pn533: bound the UART receive buffer in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43034 - bnxt_en: set backing store type from query type in Linux. Runnable patch commands, mitigation, and verification on this pag
CVE-2026-43035 - net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak in Linux. Runnable patch
CVE-2026-43036 - net: use skb_header_pointer() for TCPv4 GSO frag_off check in Linux. Runnable patch commands, mitigation, and verification
CVE-2026-43040 - net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak in Linux. Runnab
CVE-2026-43041 - net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak in Linux. Runnable patch commands, mitigation, an
CVE-2026-43043 - crypto: af-alg - fix NULL pointer dereference in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43045 - mshv: Fix error handling in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43046 - btrfs: reject root items with drop_progress and zero drop_level in Linux. Runnable patch commands, mitigation, and verifica
CVE-2026-43049 - HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure in Linux. Runnable patch commands, mit
CVE-2026-43050 - atm: lec: fix use-after-free in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43052 - wifi: mac80211: check tdls flag in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43053 - xfs: close crash window in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43054 - scsi: target: tcm_loop: Drain commands in Linux. Runnable patch commands, mitigation, and verification on this page.
CVE-2026-43058 - media: vidtv: fix pass-by-value structs causing MSAN warnings in Linux. Runnable patch commands, mitigation, and verificati
CVE-2026-43059 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43061 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43064 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43065 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43066 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43068 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43069 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43072 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43073 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43077 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43079 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43080 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43081 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43082 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43085 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43086 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43087 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43088 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43089 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43090 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43092 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43094 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43095 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43096 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43097 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43098 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43100 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43102 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43103 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43104 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43105 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43107 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43108 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43109 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43115 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43118 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43119 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43121 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43122 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43123 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43124 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43127 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43129 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43130 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43131 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43132 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43135 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43136 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43137 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43138 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43140 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43141 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43142 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43143 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43144 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43145 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43146 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43147 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43148 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43149 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43151 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43152 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43154 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43155 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43156 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43157 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43159 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43160 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43161 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43162 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43163 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43165 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43167 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43168 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43169 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43170 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43171 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43173 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43174 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43175 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43177 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43179 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43181 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43182 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43183 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43188 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43189 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43191 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43192 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43193 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43195 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43196 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43200 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43201 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43202 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43204 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43205 is a out-of-bounds write in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43209 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43210 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43216 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43217 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43218 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43219 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43220 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43221 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43223 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43224 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43225 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43227 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43228 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43229 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43231 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43234 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43235 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43238 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43240 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43241 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43242 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43243 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43244 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43246 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43247 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43250 is a memory corruption in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43251 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43252 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43255 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43257 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43259 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43260 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43261 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43262 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43264 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43265 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43266 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43267 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43268 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43269 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43270 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43271 is a race condition in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43272 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43273 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43275 is a race condition in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43276 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43277 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43281 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43282 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43285 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43286 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43287 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43288 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43289 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43292 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43293 is a race condition in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43294 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43295 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43297 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43298 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43299 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43300 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43301 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43302 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43305 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43306 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43308 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43309 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43310 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43311 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43312 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43313 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43314 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43315 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43316 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43317 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43318 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43319 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43320 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43323 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43325 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43326 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43327 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43328 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43331 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43333 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43335 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43337 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43338 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43340 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43342 is a race condition in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43343 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43344 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43346 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43348 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43349 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43351 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43354 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43355 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43356 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43357 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43358 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43359 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43360 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43361 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43363 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43364 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43367 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43369 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43371 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43372 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43375 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43381 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43382 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43386 is a out-of-bounds read in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43387 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43388 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43389 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43390 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43392 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43393 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43394 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43395 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43396 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43397 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43398 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43399 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43400 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43401 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43404 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43409 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43410 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43411 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43412 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43413 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43415 is a race condition in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43416 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43417 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43418 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43419 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43420 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43421 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43422 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43423 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43424 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43425 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43426 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43427 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43428 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43429 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43430 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43431 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43432 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43435 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43436 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43439 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43440 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43443 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43444 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43445 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43446 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43448 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43449 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43450 is a out-of-bounds read in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43451 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43453 is a out-of-bounds read in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43455 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43457 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43458 is a use-after-free in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43460 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43463 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43467 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43468 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43470 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43471 is a null pointer dereference in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43472 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43473 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43474 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43475 is a security vulnerability in Linux. Patched version, runnable upgrade commands, and how to verify the fix landed.
CVE-2026-43477 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43478 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43479 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43480 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43482 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43483 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43484 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43485 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43486 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43487 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43488 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43489 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43491 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43492 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43494 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43495 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43496 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43497 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43498 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43499 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43501 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43502 is a vulnerability in Linux. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43512 is a vulnerability in Apache Tomcat. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43513 is an OS command injection in Apache Tomcat. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-43514 is a vulnerability in Apache Tomcat. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43515 is an access control bypass in Apache Tomcat. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-43680 is a vulnerability in FileMaker Cloud. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-43685 is a vulnerability in FileMaker Cloud. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4371 is a vulnerability in Thunderbird. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4393 is a vulnerability in Automated Logout. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4404 is a hard-coded credentials in Harbor. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44283 is an access control bypass in etcd. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44417 is an improper input validation in Apache CXF. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-44427 is an open redirect in registry. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44618 is a XML external entity (XXE) in Apache CXF. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-44923 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44924 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44925 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44926 is a vulnerability in n/a. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-44930 is a vulnerability in Apache CXF. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-45187 is an access control bypass in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-45205 is a vulnerability in Apache Commons Configuration. Verified patched version, official vendor advisory, and how to confirm th
CVE-2026-45250 is a stack-based buffer overflow in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-45251 is an use-after-free in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-45252 is a path traversal in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-45253 is an OS command injection in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-45254 is a local privilege escalation in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-45255 is an OS command injection in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-45434 is an authentication bypass in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-45760: a server-side request forgery (SSRF) in Apache Camel K. Patched version and vendor advisory inside.
CVE-2026-45772 is a vulnerability in turborepo. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-46473 is a vulnerability in Authen::TOTP. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-46474 is a vulnerability in Trog::TOTP. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4652 is a vulnerability in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-46586 is a code injection in Apache OFBiz. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-46595: an access control bypass in golang.org/x/crypto/ssh. Patched version and vendor advisory inside.
CVE-2026-46597 is a vulnerability in golang.org/x/crypto/ssh. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-46598 is a vulnerability in golang.org/x/crypto/ssh/agent. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-46719 is a vulnerability in Net::Statsd::Lite. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-46720 is a vulnerability in Net::Statsd::Tiny. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-4673 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4674 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4675 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4676 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4677 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4678 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4679 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4680 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4684 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4685 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4686 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4687 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4688 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4689 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4690 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4691 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4692 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4693 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4694 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4695 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4696 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4697 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4698 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4699 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4700 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4701 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4702 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4704 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4705 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4706 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4707 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4708 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4709 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4710 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4711 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4712 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4713 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4714 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4715 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4716 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4717 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4718 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4719 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4720 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4721 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4722 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4723 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4724 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4725 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4726 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4727 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4728 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4729 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-47323 is an OS command injection in Apache Camel. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-47372 is a vulnerability in Crypt::SaltedHash. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-47373 is a vulnerability in Crypt::SaltedHash. Verified patched version, official vendor advisory, and how to confirm the fix lande
CVE-2026-4747 is a stack-based buffer overflow in FreeBSD. Verified patched version, official vendor advisory, and how to confirm the fix la
CVE-2026-4789 is a vulnerability in Kyverno. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-48207 is an unsafe deserialization in Apache Fory. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-4851 is an unsafe deserialization in GRID::Machine. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-4873 is an information disclosure in curl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-4933: an access control bypass in Unpublished Node Permissions. Patched version and vendor advisory inside.
CVE-2026-5072 is a vulnerability in Zephyr. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-5090: a cross-site scripting (XSS) in Template::Plugin::HTML. Patched version and vendor advisory inside.
CVE-2026-5091: a vulnerability in Catalyst::Plugin::Authentication. Patched version and vendor advisory inside.
CVE-2026-5171 is an access control bypass in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-5545 is a vulnerability in curl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-5773 is a vulnerability in curl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-5776 is a cross-site scripting (XSS) in Email Encoder. Verified patched version, official vendor advisory, and how to confirm the f
CVE-2026-5883 is a use after free in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-5890 is a race in Google Chrome, fixed by the same patch as CVE-2026-5272.
CVE-2026-6095 is a cross-site scripting (XSS) in Orejime. Verified patched version, official vendor advisory, and how to confirm the fix lan
CVE-2026-6253 is a vulnerability in curl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6276 is a vulnerability in curl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6365 is a cross-site scripting (XSS) in Drupal core. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-6366 is a vulnerability in Drupal core. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6367 is a cross-site scripting (XSS) in Drupal core. Verified patched version, official vendor advisory, and how to confirm the fix
CVE-2026-6379 is a vulnerability in WP Photo Album Plus. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-6381 is a path traversal in WP Maps. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6429 is an information disclosure in curl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-6495 is a cross-site scripting (XSS) in Ajax Load More. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-6871 is a cross-site scripting (XSS) in Obfuscate. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-7009 is an authentication bypass in curl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-7168 is a vulnerability in curl. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-7301 is an unsafe deserialization in SGLang. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-7302 is a path traversal in SGLang. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-7304 is an unsafe deserialization in SGLang. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-7325 is a server-side request forgery (SSRF) in Server. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-7385 is a vulnerability in Decent Comments. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8454 is an OS command injection in Imager::File::GIF. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8463 is a vulnerability in Crypt::Argon2. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8477 is a vulnerability in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8491 is a denial of service in Node View Permissions. Verified patched version, official vendor advisory, and how to confirm the fi
CVE-2026-8492: a vulnerability in Translate Drupal with GTranslate. Patched version and vendor advisory inside.
CVE-2026-8493 is a cross-site scripting (XSS) in Colorbox Inline. Verified patched version, official vendor advisory, and how to confirm the
CVE-2026-8495 is a missing authorization in Date iCal. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-8496 is a cross-site scripting (XSS) in SOGo. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-8500 is an OS command injection in Web::Passwd. Verified patched version, official vendor advisory, and how to confirm the fix land
CVE-2026-8503: a vulnerability in Apache::Session::Generate::SHA256. Patched version and vendor advisory inside.
CVE-2026-8507 is an OS command injection in Crypt::OpenSSL::PKCS12. Verified patched version, official vendor advisory, and how to confirm t
CVE-2026-8509 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8510 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8511 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8512 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8513 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8514 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8515 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8516 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8517 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8518 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8519 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8520 is a race condition in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8521 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8522 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8523 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8524 is an OS command injection in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8525 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8526 is an OS command injection in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8527 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8528 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8529 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8530 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8531 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8532 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8533 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8534 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8535 is an out-of-bounds read in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8536 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8537 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8538 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8539 is a code injection in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8540 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8541 is an out-of-bounds read in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8542 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8543 is an out-of-bounds read in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8544 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8545 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8546 is an out-of-bounds read in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8547 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8548 is an OS command injection in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8549 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8550 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8551 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8552 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8553 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8554 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8555 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8556 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8557 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8558 is an OS command injection in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8559 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8560 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8561 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8562 is an information disclosure in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8563 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8564 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8565 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8566 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8567 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8568 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8569 is an OS command injection in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8570 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8571 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8572 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8573 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8574 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8575 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8576 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8577 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8578 is an out-of-bounds read in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8579 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8580 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8581 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8582 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8583 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8584 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8585 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8586 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8587 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8612: an unsafe deserialization in WWW::Mechanize::Cached. Patched version and vendor advisory inside.
CVE-2026-8669 is an OS command injection in Imager. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8700 is a vulnerability in Crypt::DSA. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8704 is a vulnerability in Crypt::DSA. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8706 is a vulnerability in Firefox for iOS. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8721 is a vulnerability in Crypt::OpenSSL::PKCS12. Verified patched version, official vendor advisory, and how to confirm the fix l
CVE-2026-8788 is a vulnerability in Net::Statsd::Lite. Verified patched version, official vendor advisory, and how to confirm the fix landed
CVE-2026-8945 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8946 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8947 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8948 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8949 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8950 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8951 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8952 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8953 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8954 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8955 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8956 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8957 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8958 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8959 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8960 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8961 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8962 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8963 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8964 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8965 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8966 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8967 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8968 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8969 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8970 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8971 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8972 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8973 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8974 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-8975 is a vulnerability in Firefox. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9047 is an authentication bypass in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9110 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9111 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9112 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9113 is an out-of-bounds read in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9114 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9115 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9116 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9117 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9118 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9119 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9120 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9121 is an out-of-bounds read in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9122 is an out-of-bounds read in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9123 is a path traversal in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9124 is a vulnerability in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9126 is an use-after-free in Chrome. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9223 is an access control bypass in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9224 is a missing authorization in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9245 is an open redirect in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9246 is a missing authorization in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9247 is an OS command injection in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9248: an insecure direct object reference (IDOR) in Server. Patched version and vendor advisory inside.
CVE-2026-9249 is a vulnerability in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9251 is a missing authorization in Server. Verified patched version, official vendor advisory, and how to confirm the fix landed.
CVE-2026-9264 is a cross-site scripting (XSS) in SketchUp. Verified patched version, official vendor advisory, and how to confirm the fix la