CVE-2026-39399 - NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the

CVE-2026-39979 - jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the

CVE-2026-39956 - jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the

CVE-2026-6142 - A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf

CVE-2026-6141 - A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up to 2.3.0. Affected is

CVE-2026-29043 - HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file

CVE-2026-5972 - A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the funct

CVE-2026-34734 - HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the

CVE-2026-5831 - A security flaw has been discovered in Agions taskflow-ai up to 2.1.8. This impacts an unknown funct

CVE-2026-5803 - A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f38934

CVE-2026-5587 - A vulnerability was identified in wbbeyourself MAC-SQL up to 31a9df5e0d520be4769be57a4b9022e5e34a14f

CVE-2026-5470 - A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6

CVE-2026-31396 - In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free a

CVE-2026-23467 - In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely N

CVE-2026-23460 - In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dere

CVE-2026-23418 - In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Fix leak on xa_s

CVE-2026-34425 - OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in she

CVE-2026-5328 - A weakness has been identified in shsuishang modulithshop up to 829bac71f507e84684c782b9b062b8bf3b55

CVE-2026-5322 - A vulnerability has been found in AlejandroArciniegas mcp-data-vis bc597e391f184d2187062fd567599a3cb

CVE-2026-23407 - In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds ch

CVE-2026-23406 - In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug i

CVE-2026-5125 - A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is

CVE-2026-34247 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `plugin/Live

CVE-2026-4907 - A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db675105

CVE-2026-23382 - In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guar

CVE-2026-23353 - In the Linux kernel, the following vulnerability has been resolved: ice: fix crash in ethtool offli

CVE-2026-23327 - In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size

CVE-2026-23293 - In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL der

CVE-2026-33690 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `getRealIpAd

CVE-2026-33688 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the password rec

CVE-2026-33493 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `objects/imp

CVE-2026-33485 - WWBN AVideo is an open source video platform. In versions up to and including 26.0, the RTMP `on_pub

CVE-2026-33231 - NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials s

CVE-2026-32810 - Halloy is an IRC application written in Rust. In versions on \*nix and macOS prior to commit f180e41

CVE-2026-33061 - Jexactyl is a customisable game management panel and billing system. Commits after 025e8dbb0daaa0405

CVE-2026-23263 - In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix page array l

CVE-2026-23940 - Uncontrolled Resource Consumption vulnerability in hexpm hexpm/hexpm allows Excessive Allocation. Pu

CVE-2026-4015 - A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of th

CVE-2026-1776 - Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulne

CVE-2026-3789 - A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file

CVE-2026-3788 - A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getMod

CVE-2026-3749 - A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function hand

CVE-2026-3748 - A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of

CVE-2025-69654 - A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7

CVE-2026-21622 - Insufficient Session Expiration vulnerability in hexpm hexpm/hexpm ('Elixir.Hexpm.Accounts.PasswordR

CVE-2026-3484 - A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0

CVE-2026-3395 - A flaw has been found in MaxSite CMS up to 109.1. This impacts the function eval of the file applica

CVE-2026-3293 - A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function S

CVE-2026-3284 - A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the

CVE-2026-3283 - A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_

CVE-2026-3282 - A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_

CVE-2026-28230 - SteVe is an open-source EV charging station management system. In versions up to and including 3.11.

CVE-2026-23748 - Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bou

CVE-2026-23747 - Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based

CVE-2026-25701 - An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a d

CVE-2026-2492 - TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. T

CVE-2026-26200 - HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` f

CVE-2026-2676 - A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. A

CVE-2026-2658 - A vulnerability was found in newbee-ltd newbee-mall up to a069069b07027613bf0e7f571736be86f431faee.

CVE-2025-71235 - In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unl

CVE-2026-23215 - In the Linux kernel, the following vulnerability has been resolved: x86/vmware: Fix hypercall clobb

CVE-2026-2553 - A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1

CVE-2026-23126 - In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix a race issue rel

CVE-2026-1669 - Arbitrary file read in the model loading mechanism (HDF5 integration) in Keras versions 3.0.0 throug

CVE-2026-2246 - A security vulnerability has been detected in AprilRobotics apriltag up to 3.4.5. Affected by this v

CVE-2026-2241 - A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function os_strftime of

CVE-2026-2240 - A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted element is the functio

CVE-2026-2178 - A vulnerability was found in r-huijts xcode-mcp-server up to f3419f00117aa9949e326f78cc940166c88f18c

CVE-2026-2208 - A security vulnerability has been detected in WeKan up to 8.20. Impacted is an unknown function of t

CVE-2026-2206 - A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of

CVE-2026-2205 - A vulnerability was identified in WeKan up to 8.20. This affects an unknown part of the file server/

CVE-2026-2110 - A security flaw has been discovered in Tasin1025 SwiftBuy up to 0f5011372e8d1d7edfd642d57d721c9fadc5

CVE-2026-1964 - A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file mod

CVE-2026-1896 - A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function C

CVE-2026-22549 - A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive permissions

CVE-2026-1835 - A vulnerability was identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Thi

CVE-2025-67482 - Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability

CVE-2026-1739 - A vulnerability has been found in Free5GC pcf up to 1.4.1. This affects the function HandleCreateSmP

CVE-2025-15510 - The NEX-Forms – Ultimate Forms Plugin for WordPress is vulnerable to unauthorized access of data due

CVE-2026-25156 - HotCRP is conference review software. HotCRP versions from October 2025 through January 2026 deliver

CVE-2026-25130 - Cybersecurity AI (CAI) is a framework for AI Security. In versions up to and including 0.5.10, the C

CVE-2026-25117 - pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit e33da14449a5ab

CVE-2026-22977 - In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercop

CVE-2026-23878 - HotCRP is conference review software. Starting in commit aa20ef288828b04550950cf67c831af8a525f508 an

CVE-2026-1144 - A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of

CVE-2026-1136 - A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Aff

CVE-2025-15529 - A vulnerability was found in Open5GS up to 2.7.6. Affected by this issue is the function sgwc_s5c_ha

CVE-2025-14237 - Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printe

CVE-2025-14236 - Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) w

CVE-2025-14235 - Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Pr

CVE-2025-14234 - Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*)

CVE-2025-14233 - Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Print

CVE-2025-14232 - Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Print

CVE-2025-14231 - Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Prin

CVE-2026-0897 - Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google