CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-25712
Low risk· EPSS 5%

In Gitea versions before 1.25.5, insufficient visibility checks in organization permission APIs allow disclosure of hidden members and private organizations.

CVE-2026-25038
Low risk· EPSS 10%

In Gitea 1.26.2, unauthorized users can access labels of private organizations. This vulnerability allows information disclosure of labels that should be restricted to organization members.

CVE-2026-24690
Low risk· EPSS 5%

The vulnerability in Gitea versions before 1.25.5 is due to insufficient permission checks when updating or rebasing pull request branches. This allows unauthorized users to modify branches without proper permissions.

CVE-2026-24451
Low risk· EPSS 10%

A vulnerability in Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to unauthorized forks.

CVE-2026-22874
Critical

CVE-2026-22874 affects Gitea versions up to and including 1.26.2. The SSRF protection in webhook and migration allow-list filtering is incomplete, potentially allowing an attacker to bypass security controls.

CVE-2026-22555
High

A vulnerability in Gitea before version 1.26.0 allows API users to fork a repository into an organization without passing the CanCreateOrgRepo check, potentially exposing organization secrets.

CVE-2026-22547
Low risk· EPSS 6%

In Gitea versions before 1.25.5, validation constraints for repository creation fields are missing, including length-limited template fields and trust model or object format values.

CVE-2026-20909
Low risk· EPSS 5%

Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries. An attacker may gain access to time data of other users without proper authorization.

CVE-2026-20896
CriticalEPSS 52%

Gitea Docker image versions up to and including 1.26.2 set REVERSE_PROXY_TRUSTED_PROXIES=* by default, allowing any source IP to impersonate a user when reverse-proxy authentication headers such as X-WEBAUTH-USER are enabled.

CVE-2026-20779
High

A vulnerability in Gitea versions 1.5.0 through 1.26.2 allows a valid TOTP code to be reused multiple times in two-factor authentication flows via web and Basic Auth with the X-Gitea-OTP header.

CVE-2026-20706
Low risk· EPSS 17%

A vulnerability in Gitea up to version 1.26.1 allows repository archive downloads to bypass token scope checks on the web archive download endpoint.

CVE-2026-14611
Medium

A vulnerability in the Per-Project Auto-Memory Handler component of DeepMyst Mysti up to version 0.4.0 exposes resources via manipulation of the workspacePath argument in the initProjectMemory function of MemoryManager.ts. The attack can be performed remotely.

CVE-2026-14610
Medium

A vulnerability has been found in Open Asset Import Library Assimp up to version 6.0.5 in the function Assimp::CSMImporter::InternReadFile in CSMLoader.cpp. The flaw causes a heap-based buffer overflow when processing CSM files. The attack requires local access and an exploit has been published.

CVE-2026-14609
Medium

A session fixation vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The issue stems from improper data processing, allowing an attacker to fixate a user's session. The attack is remote but requires high complexity and is assessed as difficult to exploit.

CVE-2026-12481
High

A vulnerability in Keras version 3.14.0 allows arbitrary code execution due to improper deserialization handling in the `Lambda` layer. The `_raise_for_lambda_deserialization()` function fails to enforce safe-mode when `safe_mode` is `None` (default), bypassing the guard and allowing attacker-controlled `marshal` bytecode to be deserialized.

CVE-2026-14608
Medium

A security vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0, allowing authorization bypass. The issue is in the /index.php?action=view_student file, where manipulation of the ID argument leads to unauthorized access.

CVE-2026-14607
Medium

A weakness has been identified in RT-Thread up to version 5.0.2 in the function sys_getaddrinfo in file components/lwp/lwp_syscall.c. Manipulation of the ai_addr argument can lead to memory corruption. The attack requires local access and the exploit is publicly available.

CVE-2026-14606
High

A stack-based buffer overflow vulnerability was discovered in RT-Thread up to version 5.0.2 in the CAN_Receive function within the SWM341.h file of the SWM341 CAN Handler component. A local attacker can trigger the overflow through manipulation. A public exploit is available.

CVE-2026-14605
High

A vulnerability was found in RT-Thread up to version 5.0.2 in the recvmsg function of the ls1c_can.h file within the ls1c CAN Handler component. This issue leads to a stack-based buffer overflow, potentially allowing a local attacker to execute code or crash the system. The exploit is publicly available, and the vendor did not respond to the disclosure.

CVE-2026-58379
High

A heap buffer overflow vulnerability was found in GIMP's Paint Shop Pro (PSP) file format parser. The flaw occurs due to incorrect buffer size calculations when processing low bit-depth images, allowing a remote attacker to execute arbitrary code or cause a denial of service (DoS) by tricking a user into opening a specially crafted PSP file.

PreviousPage 6 of 4426Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS