CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.13)

CVE-2026-49859
Medium

In Deno prior to version 2.8.1, the fetch() function checked the destination hostname against --deny-net rules but did not re-check the resolved IP addresses. An attacker-controlled script could use a specially crafted domain name that passes the hostname check yet resolves to a denied IP, bypassing network restrictions entirely.

CVE-2026-49440
High

In Deno prior to version 2.8.1, the `node:crypto.checkPrime` and `crypto.checkPrimeSync` functions performed no Miller-Rabin rounds when the `options.checks` parameter was left at its default value of 0. In this mode, the only test applied was trial division by primes up to 17,863, causing composite numbers whose smallest prime factor exceeds that bound to be incorrectly reported as probably prime.

CVE-2026-49411
Medium

In Deno prior to version 2.8.0, the Node.js compatibility TCP path checked the permission against the original hostname string before resolution and then did not re-check after resolution. A caller could pass a numeric alias of an IP address (e.g., the decimal integer 2130706433 or the hex form 0x7f000001, both resolving to 127.0.0.1) and bypass the restriction using the { host, port } options in node:net.connect or node:http.request.

CVE-2026-49406
Medium

In BYONM mode (nodeModulesDir: "manual") in Deno before version 2.7.12, the module resolver did not validate that a package's resolved entrypoint stayed within its node_modules/<pkg>/ directory. A malicious package.json whose main field contained .. segments was able to resolve to an arbitrary path on disk, and the resolver then read that file without consulting the --allow-read allowlist. This let a require("evil-pkg") call return the contents of a file that a direct Deno.readTextFileSync(...) call would have been blocked from reading.

CVE-2026-49402
High

In Deno before version 2.7.10, the escapeShellArg() function in the node:child_process implementation improperly handled cmd.exe special characters on Windows. An attacker controlling part of an argument passed to spawn() or exec() with shell:true could inject additional commands.

CVE-2026-49401
High

In Deno before version 2.7.14, the permission system compared paths at the raw-byte level while the APFS filesystem on macOS treats different Unicode spellings of the same name as the same file. This allows a program to bypass deny rules by using alternative Unicode spellings.

CVE-2026-45692
Medium

A vulnerability in Caddy server versions 2.4.0 through 2.11.3 arises from a mismatch between the authorization layer and the /config path traversal layer. The authorization layer uses string prefix matching, while the traversal layer parses array indices numerically using strconv.Atoi(), leading to incorrect resolution of configuration objects. The issue is fixed in version 2.11.3.

CVE-2026-45135
High

Caddy versions 2.7.0 through 2.11.3 contain a vulnerability in the FastCGI mechanism that allows an attacker to misidentify a non-PHP file as a script. The issue stems from improper use of case-insensitive search functions when handling paths containing non-ASCII bytes. In environments where an attacker can place content into a file served via FastCGI (uploads, file storage, etc.), this can lead to remote code execution.

CVE-2026-44726
High

In Deno from version 2.0.0 to 2.7.8, a vulnerability in the Node.js tls compatibility layer was found. When autoSelectFamily is enabled and the first address-family attempt fails, the reconnection may not be upgraded to TLS, causing application data to be transmitted in plaintext.

CVE-2026-0864
Medium

A vulnerability in the configparser module allows injection of unexpected keys and values into configuration files when writing multi-line text values containing carriage return characters ( ). An attacker can control the written value, leading to file content manipulation.

CVE-2025-71382
Medium

A vulnerability in MuPDF before version 1.27.0-rc1 allows a remote attacker to cause a denial of service (DoS) by supplying a crafted EPUB file with deeply nested HTML elements and inline CSS styles. The issue stems from uncontrolled recursion in the value_from_inheritable_property() function in css-apply.c, which traverses the CSS property inheritance chain without a depth limit, exhausting the process stack and crashing any application using MuPDF for EPUB rendering.

CVE-2025-61029
High

An issue in the sqlo_untry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61024
High

An issue in the sqlo_try_in_loop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2020-9713
Medium

A vulnerability in Adobe Acrobat and Reader allows out-of-bounds memory read, potentially leading to disclosure of sensitive data. An attacker can exploit this flaw to access confidential information, but it requires the victim to open a specially crafted file.

CVE-2020-9711
Medium

An out-of-bounds read vulnerability in Acrobat Reader that could lead to disclosure of sensitive memory. Exploitation requires user interaction to open a malicious file.

CVE-2020-9695
High

A vulnerability in Acrobat Reader allows an out-of-bounds write that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction by opening a malicious file.

CVE-2026-56968
Low

In GNU SASL before version 2.2.4, there is a lack of sanitization of a short challenge in the _gsasl_ntlm_client_step function in the NTLM client, which could result in memory disclosure via a crafted server.

CVE-2026-56117
Medium

A heap use-after-free vulnerability in dhcpcd through version 10.3.2, fixed in commit 78ea09e, exists in the control socket handling within src/control.c. Local unprivileged attackers can trigger memory corruption when privilege separation is disabled by sending a privileged command (e.g., -x) via the control socket.

CVE-2026-56116
Medium

A memory leak vulnerability in dhcpcd through version 10.3.2, fixed in commit 708b4a5, exists in IPv6 Router Advertisement route information handling. An unauthenticated same-link attacker can cause denial of service by sending crafted Router Advertisements, leading to linear memory exhaustion and daemon crash.

CVE-2026-56115
High

A broken access control vulnerability in Bootimus through version 0.1.70 allows authenticated low-privileged users to perform administrative actions due to missing role enforcement in the JWTMiddleware function in internal/auth/auth.go. Attackers can create new administrator accounts or reset administrator passwords, gaining full control over the server and the ability to modify boot menus and installation scripts served to PXE clients.

PreviousPage 217 of 4552Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS