Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
CVE-2026-39847
  • github.com/emmett-framework/emmett
 Emmett has a path traversal in internal assets handler 21 hours ago
  • Fix available
  • Severity - 9.1 (Critical)
CVE-2026-39846
  • github.com/siyuan-note/siyuan
 SiYuan affected by Remote Code Execution in the Electron desktop client via stored XSS in synced table captions 21 hours ago
  • Fix available
  • Severity - 9.0 (Critical)
CVE-2026-35406
  • github.com/containers/aardvark-dns
 Aardvark-dns has incorrect error handling for malformed tcp packets 21 hours ago
  • Fix available
  • Severity - 6.2 (Medium)
CVE-2026-34079
  • github.com/flatpak/flatpak
 Flatpak affected by arbitrary file deletion on the host filesystem 21 hours ago
  • Fix available
  • Severity - 8.7 (High)
CVE-2026-34078
  • github.com/flatpak/flatpak
 Flatpak has a complete sandbox escape leading to host file access and code execution in the host context 21 hours ago
  • Fix available
  • Severity - 9.3 (Critical)
CVE-2026-34781
  • github.com/electron/electron
 Electron crashes in clipboard.readImage() on malformed clipboard image data 22 hours ago
  • Fix available
  • Severity - 2.8 (Low)
CVE-2026-34765
  • github.com/electron/electron
 Electron named window.open targets not scoped to the opener's browsing context 22 hours ago
  • Fix available
  • Severity - 6.0 (Medium)
CVE-2026-34582
  • github.com/randombit/botan
 Botan has a TLS 1.3 certificate authentication bypass 22 hours ago
  • Fix available
  • Severity - 8.7 (High)
CVE-2026-34580
  • github.com/randombit/botan
 Botan has a certificate authentication bypass due to trust anchor confusion 22 hours ago
  • Fix available
  • Severity - 9.3 (Critical)
CVE-2026-34371
  • github.com/danny-avila/librechat
 LibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename Traversal 22 hours ago
  • Fix available
  • Severity - 6.3 (Medium)
CVE-2026-35568
  • github.com/modelcontextprotocol/java-sdk
 MCP Java-SDK has a DNS Rebinding Vulnerability 22 hours ago
  • Fix available
  • Severity - 7.6 (High)
CVE-2026-35533
  • github.com/jdx/mise
 mise has a local settings bypass config trust checks 22 hours ago
  • No fix available
  • Severity - 7.7 (High)
CVE-2026-34080
  • github.com/flatpak/xdg-dbus-proxy
 xdg-dbus-proxy has an eavesdrop filter bypass allowing message interception 22 hours ago
  • Fix available
  • Severity - 6.8 (Medium)
CVE-2026-34045
  • github.com/podman-desktop/podman-desktop
 Podman Desktop WebView Server Exposed 22 hours ago
  • Fix available
  • Severity - 8.2 (High)
CVE-2026-33439
  • github.com/openidentityplatform/openam
 Pre-Authentication Remote Code Execution via `jato.clientSession` Deserialization in OpenAM 22 hours ago
  • Fix available
  • Severity - 9.3 (Critical)
CVE-2026-29181
  • github.com/open-telemetry/opentelemetry-go
 OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) 22 hours ago
  • Fix available
  • Severity - 7.5 (High)
Load more...