CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-58170
High

A path traversal vulnerability in Vibe-Trading before version 0.1.10 allows an attacker to load a controlled JSON file as an authoritative trading mandate by manipulating the proposal identifier. Combined with the file upload endpoint, an admitted caller can fully control the committed mandate, bypassing ceilings validation.

CVE-2026-58169
High

A DNS rebinding vulnerability in Vibe-Trading before 0.1.10 allows bypassing bearer-token authentication. The attacker exploits the server's trust of TCP peer addresses for loopback clients and missing Host header validation while binding to 0.0.0.0 with credentialed CORS. This leads to remote code execution and credential exfiltration.

CVE-2026-58168
High

An authorization bypass vulnerability in DeepTutor before version 1.4.10 allows low-privilege users to invoke unrestricted MCP tools. The allowed_mcp_tools function returns None instead of a denied result when mcp_tools is omitted from a user's grant.

CVE-2026-58165
High

In OpenZiti through version 2.0.0 (fixed in commit 3027fdf), a privilege escalation vulnerability exists. An authenticated non-admin identity with fine-grained enrollment management permissions can create an enrollment token for any identity, including the default administrator, because the ApplyCreate function in controller/model/enrollment_manager.go only verifies the target identity exists without performing authorization checks binding the caller to the target identity.

CVE-2026-49451
High

A vulnerability in the Microsoft.OpenApi library (OpenAPI.NET SDK) can cause process termination due to stack overflow when parsing an OpenAPI document with a circular schema reference. The issue affects versions from 2.0.0-preview11 to 2.7.5 and 3.5.4, confirmed for both JSON and YAML readers.

CVE-2026-48307
High

Reflected XSS vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier. An attacker can inject malicious scripts into a web page, potentially leading to arbitrary code execution in the context of the current user. User interaction (clicking a malicious link) is required.

CVE-2026-48285
High

An SSRF vulnerability in ColdFusion allows bypassing security measures and unauthorized read access. Exploitation requires no user interaction and the scope is changed.

CVE-2026-44949
High

A vulnerability in Rancher FleetWorkspace allows an unauthenticated attacker with network access to the in-cluster rancher-webhook service to create workspace-related Kubernetes objects with attacker-chosen identity data. Affected versions are 0.7.0 to 0.7.10, 0.8.0 to 0.8.7, 0.9.0 to 0.9.6, and 0.10.0 to 0.10.7.

CVE-2026-27957
High

In Coolify prior to version 4.0.0-beta.464, an authenticated command injection vulnerability in the CA Certificate management feature allows any authenticated user to execute arbitrary commands as the configured SSH user on the managed server host.

CVE-2026-8451
High

Insufficient input validation in NetScaler ADC and NetScaler Gateway leads to memory overread when the device is configured as a SAML IDP.

CVE-2026-58016
High

A flaw was found in GLib where a state confusion issue in g_dbus_node_info_new_for_xml() when processing malformed D-Bus introspection XML, specifically with a <node> element nested within other elements like <method>, <signal>, <property> or <arg>, can cause an unsigned integer overflow and out-of-bounds read, leading to a denial of service.

CVE-2026-58014
High

An off-by-one error was found in GLib's g_key_file_get_locale_string_list function in gkeyfile.c when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundary.

CVE-2026-53433
High

A vulnerability in fzf's --listen mode causes a Denial of Service (DoS) due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity (O(n²)). A crafted POST request with many small segments can trigger excessive CPU usage, monopolizing the single-threaded HTTP server and blocking all other clients.

CVE-2026-53432
High

An integer overflow vulnerability was discovered in the fzf tool within the FuzzyMatchV2 function. When the input line length is approximately 2,200,000 bytes and the pattern length is 999 bytes, an overflow occurs, leading to invalid slice bounds. The Go runtime detects this and immediately terminates the process with a non-recoverable panic.

CVE-2026-44946
High

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing person-in-the-middle attacks. Affects Rancher 2.14.0 before 2.14.3.

CVE-2026-13474
High

The vulnerability allows a DoS attack via malformed HTTP/2 requests to NetScaler ADC and NetScaler Gateway. It occurs when HTTP/2 is enabled in the HTTP profile and associated with a virtual server (LB, CS, VPN) or a service configured on the device.

CVE-2026-10817
High

Insufficient input validation in NetScaler ADC and NetScaler Gateway leads to memory overread if the TCP Timestamp is enabled in the TCP Profile and associated with a virtual server (type LB, CS, VPN) or a configured service.

CVE-2026-10816
High

An unauthenticated attacker can read arbitrary files on NetScaler ADC and NetScaler Gateway if access to NSIP, Cluster Management IP, or SNIP with management access is enabled.

CVE-2026-57081
High

A vulnerability in the Net::BitTorrent library for Perl (up to version 2.0.1) allows remote memory exhaustion via deeply nested bencoded input. The decoder has no recursion depth limit, causing O(N^2) memory consumption.

CVE-2026-57080
High

A vulnerability in the Net::BitTorrent library for Perl (up to version 2.0.1) allows remote memory exhaustion via an uncapped peer-wire message-length prefix. An attacker peer can send a length prefix up to 4 GiB followed by a byte stream, causing uncontrolled growth of the input buffer.

PreviousPage 27 of 3331Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS