CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-54530
Medium

pypdf is a free and open-source pure-python PDF library. Prior to version 6.13.0, an attacker could exploit this vulnerability to craft a PDF that leads to an infinite loop when extracting text in layout mode.

CVE-2026-49461
Medium

pypdf is a free and open-source pure-python PDF library. Prior to version 6.12.2, an attacker could craft a PDF that leads to large memory usage by extracting text from a page containing a form XObject with self-references.

CVE-2026-47242
Medium

The Net::IMAP library in Ruby has a vulnerability that allows arbitrary IMAP command injection due to improper validation of arguments in the #id and #enable methods. This issue affects versions prior to 0.6.5 and 0.5.15.

CVE-2026-47240
Medium

The Net::IMAP library in Ruby has a vulnerability that allows arbitrary IMAP command injection if the server does not support non-synchronizing literals. Versions prior to 0.6.5 and 0.5.15 are susceptible to an attack that may lead to unauthorized command execution.

CVE-2026-44727
Medium

A vulnerability in Jupyter Server before version 2.20 allows stored XSS via malicious HTML in notebook display_data output. Missing sandbox directive in Content-Security-Policy for nbconvert endpoints enables script execution under Jupyter origin, leading to session hijacking and remote code execution.

CVE-2026-41479
Medium

The Authlib library before versions 1.6.10 and 1.7.1 contains an unauthenticated open redirect vulnerability in the OAuth 2.0 authorization endpoint. By sending a request with an unsupported response_type and an attacker-controlled redirect_uri, an HTTP 302 response redirecting to an arbitrary URL can be obtained.

CVE-2026-39904
Medium

Gophish through version 0.12.1 contains a denial of service vulnerability that allows authenticated users with the User role to exhaust server memory by uploading a crafted Office document as an email template attachment. The ApplyTemplate() function processes Office documents as ZIP archives, allowing a zip bomb payload to be exploited.

CVE-2026-44273
Medium

A vulnerability in Dell Wyse Management Suite (WMS) prior to version 2605 involves the use of default credentials. It allows an attacker with high privileges and local access to disclose sensitive information.

CVE-2026-10852
Medium

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component. An attacker can send crafted requests to the web server, causing overload.

CVE-2026-55443
Medium

LangChain prior to version 1.3.9 contains a vulnerability where several components that resolve filesystem paths or expand search patterns do not consistently confine the resolved path to the intended root directory. Affected behaviors include file-search middleware, configuration loaders, and path-prefix authorization checks that can allow access to files outside the configured root via glob patterns, symlinks, or path segment boundary bypass.

CVE-2026-54300
Medium

A vulnerability in @astrojs/netlify prior to version 7.0.13 allows for improper matching of image patterns, potentially leading to unauthorized access to resources. Patterns using wildcards can match more paths and hosts than intended.

CVE-2026-54298
Medium

In versions prior to 6.4.6 of the Astro framework, the spreadAttributes function in the server-side rendering pipeline did not sanitize object keys against injection, allowing attackers to add arbitrary HTML attributes, including event handlers.

CVE-2026-54288
Medium

The Hono framework prior to version 4.12.25 has a vulnerability in the Body Limit middleware, which trusts the request's Content-Length header to determine if the body is within the allowed limit. On AWS Lambda, a client can declare a smaller Content-Length while sending a larger body, allowing them to bypass the limit.

CVE-2026-56109
Medium

The Advanced Linux Sound Architecture (ALSA) library before version 1.2.16.1 contains a double-free vulnerability in the parse_def() function, allowing attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. The issue occurs when parsing nested configuration blocks, where return values are not checked, leading to snd_config_delete() being called twice on the same already-freed node.

CVE-2026-54289
Medium

Hono is a web application framework that prior to version 4.12.25 on AWS Lambda@Edge had an issue with repeated request headers. The adapter wrote header values using Headers.set, causing earlier values to be overwritten, and only the last one reached the application.

CVE-2026-54287
Medium

Hono is a web application framework that supports any JavaScript runtime. Prior to version 4.12.25, on AWS Lambda, ALB single-header responses and VPC Lattice v2 responses join multiple Set-Cookie headers into one comma-separated value, leading to issues with proper processing by clients.

CVE-2026-54286
Medium

In Hono framework before version 4.12.25 on Windows hosts, an encoded backslash (%5C) in the request path decodes to a separator, allowing an attacker to read static files protected by prefix-mounted middleware.

CVE-2026-54285
Medium

In versions prior to 2.8.0 of the opentelemetry-js library, the W3CBaggagePropagator.extract() method in @opentelemetry/core does not enforce size limits when parsing HTTP headers. The W3C Baggage specification recommends a maximum size of 8,192 bytes and 180 entries, which was not enforced for incoming headers.

CVE-2026-54276
Medium

In AIOHTTP before version 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. The attack requires an open redirect vulnerability on the target domain, and the attacker only receives the digest, allowing credential extraction only if cryptography is weak or passwords are reused.

CVE-2026-54270
Medium

Versions of protobufjs from 8.2.0 to 8.4.2 lacked options to discard unknown fields during decoding, which could lead to excessive memory usage by decoded messages. Version 8.5.0 introduced options to disable unknown field retention, and version 8.6.2 defaults to discarding unknown fields.

PreviousPage 74 of 533Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS