CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-9640
High

A privilege escalation vulnerability in LXD versions 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 allows bypassing project-restriction policies during snapshot restoration. An authenticated project operator can import a malicious instance backup with restricted configuration keys in a snapshot, which are applied without validation upon restoration.

CVE-2026-9639
Medium

A nil-pointer dereference vulnerability exists in LXD up to versions 6.8 and 5.21 on Linux in the CreateCustomVolumeFromBackup function. An authenticated user with can_create_storage_volumes permissions can cause a denial of service (DoS) by submitting a specially crafted custom-volume backup tarball that omits the expires_at snapshot field.

CVE-2026-5757
High

An unauthenticated remote attacker can read and exfiltrate the heap memory of the Ollama server through the model quantization engine, leading to sensitive data exposure.

CVE-2026-47214
High

In Docling prior to version 2.94.0, unsafe URI and path handling was found in the HTML backend. This vulnerability could allow an attacker to perform unauthorized operations on files or network resources.

CVE-2026-45195
High

A vulnerability in kernel software running inside a Host VM allows sending improper commands to the GPU firmware, potentially causing memory read or write outside the permitted range. Addresses passed to the GPU firmware can be used to gain more privileged memory access than allowed by the system.

CVE-2026-44018
Medium

A vulnerability in the Docling library versions 2.45.0 through 2.91.0 involves missing security controls in XML parsing within the METS-GBS backend and input document format detection. An attacker can craft malicious METS-GBS archives that, when processed, could read sensitive files, exhaust system resources, or cause application crashes.

CVE-2026-21734
High

A vulnerability in the GPU shader compiler allows an out-of-bounds write by loading a web page with specially crafted GPU shader code. This can cause a segmentation fault in the compiler under certain conditions.

CVE-2026-12411
High

A Broken Access Control vulnerability in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled.

CVE-2026-0828
High

The kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64, versions 10.5.75.0 and 11.11.4.0, allows an unprivileged user to abuse the IOCTL path and terminate protected system processes.

CVE-2026-0685
Critical

Server side template injection (SSTI) in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution (RCE) via crafted template expressions.

CVE-2025-11919
Critical

The default JVM can access files and directories under `/tmp/` including the `$TemporaryDirectory` of other users on the same cloud instance. An attacker with access to the shared `/tmp/` space can preemptively create or replace `.jar` files or directories (via the `-init` file) that the victim JVM will resolve first in its classpath, leading to arbitrary code execution during JVM startup.

CVE-2023-20572
Medium

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity.

CVE-2023-20540
Low

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity.

CVE-2026-9699
Medium

The vulnerability in Mattermost Plugins versions up to 11.6, 10.18.11, 11.3.6, and 11.6.5.0 fails to sanitize error responses from the OpenAI API before logging, allowing a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries generated during authentication failures.

CVE-2026-57667
High

The Groundhogg plugin for WordPress versions 4.5 and earlier contains an SQL injection vulnerability in the Sales Representative module. An attacker can exploit this flaw to execute unauthorized database queries.

CVE-2026-57665
Medium

An Insecure Direct Object References (IDOR) vulnerability in GravityView versions up to 3.0.0 allows an unauthenticated attacker to access private data. The flaw is due to missing permission checks on object references.

CVE-2026-57664
Medium

The vulnerability in the Bopo – WooCommerce Product Bundle Builder plugin version 1.1.6 and earlier allows unauthenticated attackers to access sensitive data. The flaw is due to insufficient protection of API endpoints or data exposure mechanisms.

CVE-2026-57663
High

The Recipe Maker For Your Food Blog plugin by Zip Recipes version 8.2.7 and earlier contains a Contributor SQL Injection vulnerability.

CVE-2026-57662
High

SQL Injection vulnerability in the Contributor component of Contest Gallery plugin up to version 30.0.0. Allows an attacker to manipulate database queries through improperly sanitized input.

CVE-2026-57661
Medium

The WPComplete plugin versions up to 2.9.5.5 contain a vulnerability involving broken access control by a subscriber. A user with the subscriber role can gain unauthorized access to functions intended for higher roles.

PreviousPage 136 of 4531Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS