CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-47162
High

In Vim prior to version 9.2.0495, a Vimscript code injection vulnerability exists in the s:NetrwBookHistSave() function of the netrw plugin. A directory name from the filesystem is interpolated into a single-quoted Vimscript string without escaping embedded single quotes, allowing arbitrary Vimscript execution, including shell commands, when the history file is sourced.

CVE-2026-46519
High

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, this server exposes three environment variables intended for access control to Kubernetes operations, but these controls were only effective at the tool discovery layer, not at the execution layer.

CVE-2026-45178
High

Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authenticated attacker possessing standard node-level credentials could leverage these endpoints to potentially retrieve unauthorized secrets or cause a denial of service (DoS).

CVE-2026-45176
High

Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation.

CVE-2026-11774
High

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). Adding sizeof(uint32_t) to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer overflow of up to approximately 2 megabytes of attacker-controlled data.

CVE-2025-46315
High

A permissions issue was addressed with additional restrictions. An app may be able to access protected user data.

CVE-2025-31272
High

The issue was addressed with improved checks. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.

CVE-2025-24284
High

This issue was addressed with improved checks to prevent unauthorized actions. An app may be able to break out of its sandbox.

CVE-2026-48546
High

KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code. This is exploited by passing the global require function into a Node.js vm.runInNewContext() sandbox context in the issue-auto-respond.yml workflow.

CVE-2026-46697
High

The Fediverse Embeds plugin prior to version 1.5.8 registered an unauthenticated REST route that accepted a base64-encoded URL and forwarded it to wp_remote_get without enforcing an allowlist. Version 1.5.7 did not validate the request, leading to the potential for full data read by anonymous users.

CVE-2026-3329
High

A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.

CVE-2026-49982
High

In version 0.2.6 of the tmp library for node.js, there is a vulnerability that allows bypassing the _assertPath guard. This enables an attacker to create a file or directory in a location controlled by them, using incorrect type values that are not strings.

CVE-2026-44705
High

The tmp package for node.js prior to version 0.2.6 contained a path traversal vulnerability that allowed escaping the intended temporary directory. Attackers could exploit traversal sequences or path separators to create files in attacker-controlled locations.

CVE-2026-44496
High

A vulnerability in Axios versions before 0.32.0 (0.x line) and before 1.16.0 (1.x line) builds a regular expression from the configured XSRF cookie name without escaping regex metacharacters. An attacker who can influence the cookie name passed to Axios can cause expensive regex backtracking while Axios reads document.cookie, leading to client-side availability degradation.

CVE-2026-44495
High

Axios versions from 0.19.0 to before 0.31.1 and 1.15.2 contain prototype-pollution gadgets in request config processing. If another vulnerability in the same JavaScript process has already polluted Object.prototype.transformResponse, affected Axios versions may treat that inherited value as request configuration or as an option validator.

CVE-2026-44494
HighEPSS 60%

The Axios library versions 1.0.0 through 1.15.0 are vulnerable to a Prototype Pollution gadget attack that can escalate Object.prototype pollution into a full Man-in-the-Middle (MITM) attack. An attacker can intercept, read, and modify all HTTP traffic, including authentication credentials.

CVE-2026-44492
HighEPSS 56%

Axios does not normalize IPv4-mapped IPv6 addresses, allowing bypass of the NO_PROXY list. Requests to internal services (e.g., 127.0.0.1, 169.254.169.254) in ::ffff: format may be routed through the proxy instead of being blocked.

CVE-2026-44488
High

A vulnerability in Axios versions 1.7.0 through 1.15.x causes configured request and response size limits (maxContentLength, maxBodyLength) to be ignored when using the fetch adapter. Applications using the fetch adapter may process oversized data, leading to resource exhaustion.

CVE-2026-44487
High

A vulnerability in the Axios library for Node.js causes the Proxy-Authorization header to be forwarded to the destination server during proxy-to-direct redirect flows. This affects versions prior to 0.32.0 and 1.16.0.

CVE-2026-44486
High

A vulnerability in the Axios library for Node.js leaks proxy credentials to a redirect target. When a request is sent through an authenticated proxy, the Proxy-Authorization header may persist in the redirected request and be sent to the new destination.

PreviousPage 155 of 3365Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS