CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.15)

CVE-2026-48584
Critical

A vulnerability in Azure Synapse allows execution with unnecessary privileges. An authorized attacker can remotely elevate privileges over a network.

CVE-2026-48582
Critical

Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

CVE-2026-48129
Medium

Kestra is an event-driven orchestration platform that, prior to versions 1.3.19, 1.2.19, 1.1.19, and 1.0.43, had an issue with the `inputFiles` task. This allowed file names to be written directly in the task working directory, potentially leading to overwriting files outside of that directory.

CVE-2026-47645
High

A vulnerability in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to redirect users to an untrusted external site (open redirect), potentially leading to privilege escalation over a network.

CVE-2026-47203
Low

Versions of Authelia from 4.38.0 to 4.39.19 have an issue with case sensitivity in usernames during Basic Auth authentication. As a result, different case variations can lead to the creation of separate ban buckets for the same user.

CVE-2026-45480
Critical

Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-42895
Medium

A vulnerability in Microsoft Copilot allows an unauthorized attacker to perform command injection over a network. The issue stems from improper neutralization of special elements used in a command.

CVE-2026-32208
High

A Cross-Site Scripting (XSS) vulnerability in Microsoft Entra ID allows an authorized attacker to perform spoofing attacks over a network. The flaw is caused by improper neutralization of input during web page generation.

CVE-2026-49345
Medium

In the Mercator application prior to version 2025.05.19, a Server-Side Request Forgery (SSRF) vulnerability exists in the CVE configuration panel. The `testProvider()` method in `ConfigurationController` does not validate user input, allowing authenticated users with the right permissions to force arbitrary outbound network requests.

CVE-2026-49344
High

Mercator is a web application that, prior to version 2025.05.19, had a vulnerability in the query engine allowing authenticated users, including those with limited access roles, to execute queries on models beyond their intended scope. Additionally, the `password` column, although marked as `$hidden`, could be used in `LIKE` conditions in filters.

CVE-2026-49342
Medium

YARD is a documentation generation tool for the Ruby programming language. Prior to version 0.9.44, YARD's static cache lookup reads a request path before the router's path cleanup runs, which can lead to the disclosure of HTML files outside the intended static tree.

CVE-2026-48787
High

In version 2.9.1 of the gin-vue-admin platform, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code, leading to the execution of arbitrary operating system commands on the server.

CVE-2026-48774
High

In versions 3.0.0 to 3.0.8, the `run_sql_readonly` tool in ProxySQL violates the read-only contract for MySQL targets, allowing the execution of data-modifying commands. A caller can submit a read-only first statement followed by a second statement that has side effects, such as `RENAME TABLE`.

CVE-2026-48773
Critical

ProxySQL, a proxy for MySQL and PostgreSQL, has a pre-authentication heap memory corruption vulnerability in versions 2.0.18 through 3.0.8. A remote unauthenticated client can declare an oversized first packet length, potentially leading to exploitation of this vulnerability.

CVE-2026-48772
Critical

ProxySQL in versions 2.0.0 through 3.0.8 incorrectly accepts a malformed PROXY protocol header, allowing attackers to spoof source addresses. This leads to a bypass of routing and access control rules, enabling attackers to manipulate queries as if they were trusted users.

CVE-2026-48715
High

In the `radvdump` utility shipped with radvd prior to version 2.21, there is a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, the `print_ff()` function copies up to 2032 bytes of attacker-controlled packet data into a 16-byte `struct in6_addr` on the stack, overflowing by up to 2016 bytes. The main `radvd` daemon is not affected by this vulnerability.

CVE-2026-48089
High

DevGuard prior to version 1.4.2 allows unauthorized modifications of VEX rules by authenticated users, including those from other organizations, on public assets. Users can create, update, reapply, and delete VEX rules and other related vulnerability events.

CVE-2026-9375
High

Version 2.6.3 of the urllib3 library is vulnerable to a decompression bomb bypass in its streaming API (`preload_content=False`) when using Brotli support. The issue arises from three independent code paths that bypass the `max_length` protection, allowing a malicious HTTP server to trigger an out-of-memory (OOM) condition.

CVE-2026-49340
High

In gonic, a music streaming server, prior to version 0.21.0, there is a logic error in the `ServeCreateOrUpdatePlaylist` function that allows any authenticated Subsonic user (including non-admins) to write M3U playlist content to an attacker-controlled absolute filesystem path on the gonic host.

CVE-2026-49339
High

Gonic, a music streaming server, has a vulnerability that allows authenticated Subsonic users to bypass playlist ownership checks. Users can read and delete other users' playlists and probe arbitrary file paths on the server.

PreviousPage 256 of 4501Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS