CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
A heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allows a remote attacker to perform out-of-bounds memory access via a crafted HTML page.
An inappropriate implementation in the V8 engine of Google Chrome prior to version 150.0.7871.46 allows a remote attacker to execute arbitrary code within a sandbox via a crafted HTML page. The vulnerability stems from a flaw in the V8 component.
In Wagtail, a Django-based CMS, versions prior to 7.0.8, 7.3.3, and 7.4.2 contain a reflected XSS vulnerability in the dynamic image URL generator view within the admin interface. A low-privileged editor can craft a malicious URL that, when viewed by an admin, executes actions with the admin's credentials.
A buffer overflow vulnerability in the UTT nv518G router running firmware version nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service (DoS) via the gohead/sub_448384 component.
An improper input validation in the gazebo_ros_diff_drive.cpp component of gazebo_plugins v3.9.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted geometry_msgs::Twist message.
A NULL pointer dereference vulnerability was found in the AP4_AtomSampleTable::GetSample() function of MPC-BE before commit 4341cb3. An attacker can exploit a crafted MP4 file to cause a Denial of Service (DoS) by crashing the application.
In Jodit Editor prior to version 4.12.28, a vulnerability allows bypassing the built-in clean-html sanitizer using a MathML/<style> carrier that hides a dangerous element from the sanitizer's element walk. This results in a no-interaction event handler surviving into the editor value, potentially causing Mutation XSS.
A vulnerability in the Tina headless CMS allows stored XSS and session takeover via unverified postMessage handlers and insufficient URL sanitization in rich-text content. An attacker can forge messages to hijack an authenticated editing session.
The mchange-commons-java library before version 0.6.0 has a vulnerability in its JNDI ObjectFactory implementation (JavaBeanObjectFactory) that allows constructing objects of arbitrary classes and initializing JavaBean-style properties. For certain classes like JEditorPane, this enables HTTP requests to arbitrary URLs, which can be exploited for JNDI injection and deserialization attacks.
A Remote Code Execution vulnerability exists in @tinacms/cli prior to version 2.4.3 during the Forestry-to-Tina migration. The addVariablesToCode helper unsafely processes user-supplied label and name fields from .forestry/**/*.yml, allowing arbitrary JavaScript injection into the generated tina/templates.{ts,js} file.
A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code remotely over a network.
A vulnerability in NodeBB allows a remote attacker to impersonate any local user, including the administrator, by forging posts and private messages via the ActivityPub protocol. The issue stems from missing validation that the authenticated remote actor matches the claimed author of the ActivityPub object.
Ladybird contains a dangling-reference memory-safety flaw in its WebAssembly ESM-integration module loader. A JavaScript function imported into a WASM module via ESM causes a stack-local FunctionType to be destroyed after the link-loop iteration ends, while the host callback still references it, leading to memory corruption.
A deserialization vulnerability in the RemoteQueryCachePlugin of AWS Advanced JDBC Wrapper versions 3.3.0 through 4.0.0 allows arbitrary code execution on application servers via untrusted data from Redis or Valkey cache. An attacker with write access to the shared cache can inject a crafted Java object that triggers gadget chains upon deserialization.
Gradio before version 6.16.0 contains a path traversal vulnerability in the FileExplorer component's preprocess() method. Unauthenticated attackers can bypass the configured root directory by supplying path segments with directory traversal sequences or absolute paths, leading to arbitrary file read or exposure of sensitive files outside the intended directory.
Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
OS command injection vulnerability in the NodejsFunction Docker bundling pipeline (OsCommand helper) in AWS aws-cdk-lib. An attacker controlling dependency version strings in package.json can execute arbitrary commands on the CDK toolchain host via injected shell metacharacters.
An insertion of sensitive information into sent data vulnerability in HubSpot allows retrieval of embedded sensitive data. This issue affects HubSpot from n/a through 11.3.51.
A CSRF vulnerability in VikBooking Hotel Booking Engine & PMS allows an attacker to perform operations leading to Path Traversal. This issue affects all versions up to and including 1.8.12.
A vulnerability in the HTTP/2 HPACK decoder in Apache HttpComponents Core (versions 5.4.2 and earlier, 5.5-beta1 and earlier) allows a remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2 SETTINGS acknowledgement applies the configured header list size limit.

