CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-56213
Medium

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.upsert_version_meta SECURITY DEFINER function exposed via PostgREST RPC. This allows unauthenticated attackers to insert arbitrary rows into version_meta for any app_id.

CVE-2026-56080
Medium

Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature. After a Super Admin enables the policy and successfully changes their password to a compliant one, the backend does not update the password-compliance state, leading to repeated password-reset prompts.

CVE-2026-56079
Medium

Capgo before version 12.128.2 contains a cross-tenant authorization bypass vulnerability in PostgREST endpoints that allows org-scoped read API keys to access other tenants' webhook secrets and delivery logs.

CVE-2026-50519
Medium

The vulnerability in GitHub Copilot and Visual Studio Code is caused by initializing a resource with an insecure default, allowing an unauthorized attacker to disclose information over a network.

CVE-2026-49337
Medium

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes `decoder_context::read_slice_NAL()` to attach slice headers to a finished picture object that has no active image unit, resulting in attacker-controlled unbounded heap growth.

CVE-2026-48129
Medium

Kestra is an event-driven orchestration platform that, prior to versions 1.3.19, 1.2.19, 1.1.19, and 1.0.43, had an issue with the `inputFiles` task. This allowed file names to be written directly in the task working directory, potentially leading to overwriting files outside of that directory.

CVE-2026-42895
Medium

A vulnerability in Microsoft Copilot allows an unauthorized attacker to perform command injection over a network. The issue stems from improper neutralization of special elements used in a command.

CVE-2026-49345
Medium

In the Mercator application prior to version 2025.05.19, a Server-Side Request Forgery (SSRF) vulnerability exists in the CVE configuration panel. The `testProvider()` method in `ConfigurationController` does not validate user input, allowing authenticated users with the right permissions to force arbitrary outbound network requests.

CVE-2026-49342
Medium

YARD is a documentation generation tool for the Ruby programming language. Prior to version 0.9.44, YARD's static cache lookup reads a request path before the router's path cleanup runs, which can lead to the disclosure of HTML files outside the intended static tree.

CVE-2026-49336
Medium

In versions 1.0.0-preview.97 through 1.0.0-preview.101, the @microsoft/kiota-http-fetchlibrary incorrectly handles `Authorization` and `Cookie` headers in cross-origin redirects. The default `scrubSensitiveHeaders` function does not remove these headers, allowing them to be forwarded to malicious hosts.

CVE-2026-49288
Medium

Statamic is a Laravel and Git powered content management system. Prior to versions 5.73.23 and 6.20.0, an authenticated Control Panel user could view metadata and content for resources they don't have permission to view, potentially exposing sensitive information.

CVE-2026-27878
Medium

A vulnerability in Grafana Tempo allows an authenticated user to execute a TraceQL query with a large exemplars hint value, causing excessive memory allocation and crashing the Tempo instance due to out-of-memory.

CVE-2026-12726
Medium

A flaw was found in the AWX GitHub webhook integration. The controller stores the statuses_url value from the webhook payload without validating that it points to a trusted GitHub API endpoint.

CVE-2026-12238
Medium

The WP Go Maps – Most Popular Map Plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 10.1.01. This is due to improper verification of user authorization, allowing unauthenticated attackers to create arbitrary records in the plugin's database tables.

CVE-2026-49359
Medium

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, the library fetched the content of option values server-side, leading to the possibility of Server-Side Request Forgery attacks and local file disclosure.

CVE-2026-49271
Medium

Prior to version 1.22.1 of the libheif library, the uncompressed HEIF decoder incorrectly validated explicit icef compressed-unit offsets using unit_offset + unit_size. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector from iterators outside the compressed item buffer, producing an out-of-bounds heap read and crash.

CVE-2019-25760
Medium

The Joomla! Component Easy Shop version 1.2.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by supplying base64-encoded file paths. Attackers can send GET requests to index.php with the appropriate parameters to access sensitive files.

CVE-2026-3196
Medium

An integer overflow vulnerability was found in the virtio-snd device via PCM_INFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition.

CVE-2026-12621
Medium

A cross-site scripting (XSS) vulnerability was found in the password reset form of GridTime 3000 due to improper input neutralization during page generation. Affected versions are from 1.0r0.03 before 1.2r0.0.

CVE-2026-12620
Medium

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This affects versions from 1.0r0.03 through 1.1r0.0.

PreviousPage 89 of 543Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS