cve.li

Recent

CVE-2026-11374CWE-340CWE-330CWE-287

Account Takeover via Predictable SSO Ticket Generation

Published 2026-06-23 by Zohocorp

CVE-2026-10521CWE-425

Authenticated unintended access to critical program parameters

Published 2026-06-23 by CERTVDE

CVE-2026-9733CWE-340CWE-338

Mojolicious::Plugin::Web::Auth::OAuth2 versions through 0.17 for Perl have an insecure default state parameter

Published 2026-06-23 by CPANSec

CVE-2026-8379

Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Download

Published 2026-06-23 by WPScan

CVE-2026-8378

Frontend File Manager Plugin <= 23.6 - Subscriber+ Stored Cross-Site Scripting via File Rename

Published 2026-06-23 by WPScan

CVE-2026-8172

Simple Basic Contact Form <= 20250114 - Reflected XSS

Published 2026-06-23 by WPScan

CVE-2026-8163

Infility Global < 2.15.19 - Subscriber+ SQL Injection via order Parameter

Published 2026-06-23 by WPScan

CVE-2026-7842

Infility Global < 2.15.20 - Editor+ SQL Injection via orderby Parameter

Published 2026-06-23 by WPScan

CVE-2026-12866CWE-94

Published 2026-06-23 by snyk

CVE-2026-55654CWE-125

Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination

Published 2026-06-23 by redhat

CVE-2026-55655CWE-923

Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions

Published 2026-06-23 by redhat

CVE-2026-55653CWE-415

Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of service

Published 2026-06-23 by redhat

CVE-2026-11833CWE-319

Published 2026-06-23 by YokogawaGroup

CVE-2026-10658

Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS

Published 2026-06-22 by zephyr

CVE-2026-10651CWE-20CWE-617

Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read

Published 2026-06-22 by zephyr

CVE-2026-10645CWE-125

fs: ext2: Missing structural validation of directory entries can cause out-of-bounds read and zero-progress directory traversal

Published 2026-06-22 by zephyr

CVE-2026-47155CWE-345

vLLM: Artifact Pin Decay in vLLM allows pinned deployments to load unpinned code, weights, and processors

Published 2026-06-22 by GitHub_M

CVE-2026-41523CWE-94CWE-617

vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution

Published 2026-06-22 by GitHub_M

CVE-2026-54232CWE-427

vLLM: Dependency Confusion Vulnerability in vLLM Dockerfile

Published 2026-06-22 by GitHub_M

CVE-2026-54233CWE-409

vLLM: OOM Denial of Service via Audio Decompression Bomb

Published 2026-06-22 by GitHub_M

Load more ↓