CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-55443
Medium

LangChain prior to version 1.3.9 contains a vulnerability where several components that resolve filesystem paths or expand search patterns do not consistently confine the resolved path to the intended root directory. Affected behaviors include file-search middleware, configuration loaders, and path-prefix authorization checks that can allow access to files outside the configured root via glob patterns, symlinks, or path segment boundary bypass.

CVE-2026-54300
Medium

A vulnerability in @astrojs/netlify prior to version 7.0.13 allows for improper matching of image patterns, potentially leading to unauthorized access to resources. Patterns using wildcards can match more paths and hosts than intended.

CVE-2026-54298
Medium

In versions prior to 6.4.6 of the Astro framework, the spreadAttributes function in the server-side rendering pipeline did not sanitize object keys against injection, allowing attackers to add arbitrary HTML attributes, including event handlers.

CVE-2026-54288
Medium

The Hono framework prior to version 4.12.25 has a vulnerability in the Body Limit middleware, which trusts the request's Content-Length header to determine if the body is within the allowed limit. On AWS Lambda, a client can declare a smaller Content-Length while sending a larger body, allowing them to bypass the limit.

CVE-2026-56109
Medium

The Advanced Linux Sound Architecture (ALSA) library before version 1.2.16.1 contains a double-free vulnerability in the parse_def() function, allowing attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. The issue occurs when parsing nested configuration blocks, where return values are not checked, leading to snd_config_delete() being called twice on the same already-freed node.

CVE-2026-54289
Medium

Hono is a web application framework that prior to version 4.12.25 on AWS Lambda@Edge had an issue with repeated request headers. The adapter wrote header values using Headers.set, causing earlier values to be overwritten, and only the last one reached the application.

CVE-2026-54287
Medium

Hono is a web application framework that supports any JavaScript runtime. Prior to version 4.12.25, on AWS Lambda, ALB single-header responses and VPC Lattice v2 responses join multiple Set-Cookie headers into one comma-separated value, leading to issues with proper processing by clients.

CVE-2026-54286
Medium

In Hono framework before version 4.12.25 on Windows hosts, an encoded backslash (%5C) in the request path decodes to a separator, allowing an attacker to read static files protected by prefix-mounted middleware.

CVE-2026-54285
Medium

In versions prior to 2.8.0 of the opentelemetry-js library, the W3CBaggagePropagator.extract() method in @opentelemetry/core does not enforce size limits when parsing HTTP headers. The W3C Baggage specification recommends a maximum size of 8,192 bytes and 180 entries, which was not enforced for incoming headers.

CVE-2026-54276
Medium

In AIOHTTP before version 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. The attack requires an open redirect vulnerability on the target domain, and the attacker only receives the digest, allowing credential extraction only if cryptography is weak or passwords are reused.

CVE-2026-54270
Medium

Versions of protobufjs from 8.2.0 to 8.4.2 lacked options to discard unknown fields during decoding, which could lead to excessive memory usage by decoded messages. Version 8.5.0 introduced options to disable unknown field retention, and version 8.6.2 defaults to discarding unknown fields.

CVE-2026-54269
Medium

In versions prior to 8.6.0 and 7.6.3, protobufjs accepted certain schema-derived names that could collide with properties used by protobufjs runtime helpers. This could lead to deterministic exceptions or recursive calls in various operations related to decoding and serialization.

CVE-2026-53632
Medium

The launch-editor package allows users to open files with line numbers in the editor from Node.js. Prior to version 2.14.1, this package accesses arbitrary paths, including Windows UNC paths, leading to the leakage of the user's NTLMv2 password hash.

CVE-2026-11994
Medium

Akaunting version 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report.

CVE-2026-9320
Medium

IBM WebSphere Application Server versions 9.0, 8.5, and IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service attack caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.

CVE-2026-8934
Medium

CVE-2026-8934 is a Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console, allowing an unauthenticated remote attacker to leak sensitive App Engine request logs from other projects using a specially crafted request.

CVE-2026-8636
Medium

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allow an attacker to retrieve user passwords and cryptographic keys from memory. The attacker can use the same keys to decrypt passwords, gain access to the application, and access sensitive data in the database.

CVE-2026-8059
Medium

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 are vulnerable to cross-site scripting (XSS). An unauthenticated attacker can embed arbitrary JavaScript code in the Web UI, altering intended functionality and potentially leading to credential disclosure within a trusted session.

CVE-2026-7253
Medium

An SSRF vulnerability in IBM Watson Speech Services Cartridge allows an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. The issue affects the Sterling File Gateway component used in speech runtimes.

CVE-2026-53655
Medium

Vulnerability in node-tar (before 7.5.16) involves incorrect processing of PAX extended headers. The library erroneously applies the size override from a PAX header to intermediate metadata headers (e.g., GNU long-name), causing stream desynchronization compared to other tar implementations. This allows crafting an archive that is interpreted differently by different tools.

PreviousPage 75 of 511Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS