cve.li

Recent

CVE-2026-6062CWE-639

IDOR in Jira plugin subscription edit endpoint

Published 2026-06-22 by Mattermost

CVE-2026-6673CWE-306

Mattermost Jira plugin had unauthenticated {{/ac/installed}} lifecycle callback during pending Jira Cloud install

Published 2026-06-22 by Mattermost

CVE-2026-8074CWE-863

Improper Permission Check Allows User Manager to Deactivate Bot Accounts

Published 2026-06-22 by Mattermost

CVE-2026-9162CWE-613

Global session revocation does not invalidate active WebSocket connections

Published 2026-06-22 by Mattermost

CVE-2026-5139CWE-862

GitLab Plugin Allows Non-Admin Users to Modify Default Instance Configuration

Published 2026-06-22 by Mattermost

CVE-2026-10561CWE-94

Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection

Published 2026-06-22 by ibm

CVE-2026-28381

Local File Read/Write to Potential Privilege Escalation via Snowflake GET/PUT

Published 2026-06-22 by GRAFANA

CVE-2025-33128CWE-79

IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities HTML / XSS Injection observed

Published 2026-06-22 by ibm

CVE-2025-2669CWE-295

Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data.

Published 2026-06-22 by ibm

CVE-2026-9029

Stored XSS via Geomap Panel Template Variable Attribution Injection

Published 2026-06-22 by GRAFANA

Load more ↓