cve.li

Recent

CVE-2026-3291CWE-926

Samsung Print Service Plugin – Potential Information Disclosure

Published 2026-05-06 by hp

CVE-2026-41484CWE-770

OpenTelemetry.Exporter.OneCollector vulnerable to denial of service via unbounded HTTP error response body

Published 2026-05-06 by GitHub_M

CVE-2026-41483CWE-770

Unbounded HTTP response body read in OpenTelemetry.Resources.Azure

Published 2026-05-06 by GitHub_M

CVE-2026-41310CWE-770CWE-400

OpenTelemetry .NET Zipkin exporter has unbounded remote endpoint cache leading to memory growth

Published 2026-05-06 by GitHub_M

CVE-2026-41417CWE-93CWE-444

Netty vulnerable to HTTP request smuggling and RTSP request injection via DefaultHttpRequest.setUri()

Published 2026-05-06 by GitHub_M

CVE-2026-40296CWE-79

PhpSpreadsheet vulnerable to XSS in HTML writer via custom number format codes

Published 2026-05-06 by GitHub_M

CVE-2026-40281CWE-88

Gotenberg vulnerable to argument injection via newlines in ExifTool metadata values

Published 2026-05-06 by GitHub_M

CVE-2026-40251CWE-129

Incus out-of-bounds panic in snapshot metadata handling allows denial of service

Published 2026-05-06 by GitHub_M

CVE-2026-40243CWE-295

Incus OVN TLS verification accepts peer-supplied roots and permits endpoint impersonation

Published 2026-05-06 by GitHub_M

CVE-2026-40197CWE-476

Incus nil-pointer dereference in custom volume import allows denial of service

Published 2026-05-06 by GitHub_M

Load more ↓