CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.13)

CVE-2026-48513
High

In the MessagePack library for C# prior to versions 2.5.301 and 3.1.7, a vulnerability exists related to union deserialization that does not enforce object depth limits. Runtime-generated deserializers do not call necessary security steps, leading to potential security issues.

CVE-2026-48512
High

MessagePack for C# prior to versions 2.5.301 and 3.1.7 contains multiple recursion paths in the JSON conversion components that do not enforce a depth limit. These paths can lead to process stack exhaustion and trigger an uncatchable StackOverflowException.

CVE-2026-48511
High

MessagePack for C# has a vulnerability in the ExpandoObjectFormatter's Deserialize method that can lead to significant CPU and memory overhead when handling large attacker-controlled maps. This issue exists prior to versions 2.5.301 and 3.1.7.

CVE-2026-48510
High

MessagePack for C# has a vulnerability that allows improper memory allocations during the decompression of Lz4Block or Lz4BlockArray data. Prior to versions 2.5.301 and 3.1.7, the validity of compressed data was not checked before allocating output buffers.

CVE-2026-48509
Critical

MessagePack for C# prior to versions 2.5.301 and 3.1.7 uses default serialization options that can lead to denial-of-service attacks. The default MessagePackInputFormatter() constructor is insecure as it may expose applications to hash-collision attacks against dictionary-like model properties.

CVE-2026-48506
High

MessagePack for C# has a vulnerability that allows recursive descent into nested arrays and maps without proper depth checks. This can lead to unbounded recursion and a StackOverflowException.

CVE-2026-48505
High

In versions 4.0.0 to 4.11.5 and 5.6.5, Filament has a flaw in handling recovery codes for app-based multi-factor authentication that allows the same recovery code to be reused via concurrent submission. This issue does not affect email-based MFA and only applies when recovery codes are enabled.

CVE-2026-48502
High

In the MessagePack library for C# prior to versions 2.5.301 and 3.1.7, the MessagePackReader.ReadDateTime() method can allocate stack memory based on an attacker-controlled extension length. In the slow path for timestamp extension parsing, the extension body length is not validated before memory allocation, potentially leading to a StackOverflowException.

CVE-2026-48500
Medium

Filament, a collection of components for accelerated Laravel development, has a vulnerability that allows unauthenticated users to upload files in certain forms, such as the login form. This could lead to unauthorized access to the application's temporary storage.

CVE-2026-48167
Medium

Filament is a collection of components for accelerated Laravel development. From versions 4.0.0 to 4.11.5 and 5.6.5, the ImageColumn and ImageEntry components render raw database values without escaping HTML, potentially leading to XSS attacks.

CVE-2026-48166
Medium

Filament, a collection of components for accelerated Laravel development, has a vulnerability in the login page from versions 4.0.0 to 4.11.5 and 5.6.5 that allows unauthenticated attackers to enumerate registered email addresses.

CVE-2026-48109
High

The MessagePack library for C# has a vulnerability in the optional LZ4 decompression path that can lead to out-of-bounds reads. An attacker can send a crafted MessagePack payload, potentially causing process termination.

CVE-2026-48067
Medium

In Filament components for Laravel, the recordSelectOptionsQuery() method did not apply proper validation for Select fields in AttachAction and AssociateAction. This allows users to tamper with the Livewire component's state and submit out-of-scope values.

CVE-2026-44889
Medium

WebOb before version 1.8.10 is vulnerable to an open redirect due to improper normalization of the Location header during a redirect. An attacker can use ASCII tab, carriage return, and newline characters to reinterpret the target URL as a protocol-relative URL, leading to redirection to an external attacker-controlled site. This vulnerability bypasses the CVE-2024-42353 fix.

CVE-2026-44311
Medium

A vulnerability in Fabric.js before version 7.4.0 allows XSS attacks due to improper escaping of user input during SVG serialization via the toSVG() method. The color field in the colorStops array of a fabric.Gradient object is not properly sanitized, enabling injection of arbitrary HTML/SVG and JavaScript execution in the victim's browser.

CVE-2025-71358
High

Picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete.get_entity function in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims using pickle.load().

CVE-2025-71344
High

Picklescan before 0.0.30 (affected versions 0.0.26 and earlier) fails to detect the ensurepip._run_pip built-in function when scanning pickle files, allowing attackers to execute arbitrary code. Malicious pickle files embedding ensurepip._run_pip calls in __reduce__ methods bypass picklescan detection and achieve remote code execution upon pickle.load() invocation.

CVE-2025-71339
High

Picklescan before version 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded by victims who trust Picklescan's safety validation.

CVE-2026-55603
High

The http-proxy-middleware library in versions 3.0.4 to 3.0.7 and 4.1.1 has a vulnerability related to the fixRequestBody() method. When sending data in multipart/form-data format, an attacker can inject new form parts, leading to data desynchronization between the proxy and the backend.

CVE-2026-55599
Medium

The phpseclib library up to versions 1.0.30, 2.0.55, and 3.0.54 by default fetches a URL from the Authority Information Access (AIA) extension of an untrusted X.509 certificate during validation. An attacker can supply a certificate with a controlled host, port, and path, leading to a server-side request forgery (SSRF) vulnerability.

PreviousPage 224 of 4550Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS