CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-10134
Critical

IBM Langflow OSS versions 1.0.0 through 1.9.3 contain a critical vulnerability allowing an attacker to read all secrets available to the Langflow process, read and modify all flows, conversations, messages, file uploads, and saved components in the Langflow database. The attacker can also connect to internal services, abuse cloud metadata endpoints, laterally move to other tenants on the same Langflow instance, and establish persistence by modifying the public flow's `tool_code` so that normal `/api/v1/build/...` calls by any user re-execute attacker code at each build.

CVE-2026-10109
CriticalEPSS 54%

IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 are vulnerable to remote code execution due to improper handling of DRDA handshake before authentication.

CVE-2026-58138
CriticalEPSS 56%

Orkes Conductor versions 3.21.21 through 3.30.2 contain an unauthenticated remote code execution vulnerability. Attackers can submit malicious workflow definitions with JavaScript or Python expressions to the API before authentication, allowing arbitrary OS command execution.

CVE-2026-58172
Critical

A vulnerability in Ocelot through version 24.1.0 (fixed in commit f156fd4) allows bypassing IP-based access controls by sending WebSocket upgrade requests. The WebSocket upgrade pipeline branch configured via MapWhen in OcelotPipelineExtensions.cs omits SecurityMiddleware, causing requests from blocked IP addresses to be proxied to downstream services without enforcing the allow/block list.

CVE-2026-58166
Critical

OpenBMB ChatDev through version 2.2.0, fixed in commit 4fd4da6, contains a path traversal vulnerability that allows unauthenticated remote attackers to write or delete arbitrary files by supplying a malicious multipart filename in the file upload endpoint. Attackers can send a crafted filename containing path traversal sequences or an absolute path to the POST uploads session endpoint, which constructs the destination path without sanitization in save_upload_file, causing file write and cleanup operations to target attacker-chosen paths on the server filesystem.

CVE-2026-48315
Critical

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session. Exploitation of this issue requires user interaction in that a victim must open a malicious file, and the scope is changed.

CVE-2026-48313
Critical

A Path Traversal vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier allows unauthorized file system read and limited write access outside the intended directory. An attacker can exploit this without user interaction, gaining access to sensitive files.

CVE-2026-48286
Critical

Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation does not require user interaction and the scope is changed.

CVE-2026-48283
Critical

A vulnerability in ColdFusion allows unrestricted upload of files with dangerous types, potentially leading to arbitrary code execution in the context of the current user. Exploitation does not require user interaction, and the scope is changed.

CVE-2026-48282
CriticalEPSS 59%

A Path Traversal vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier allows a remote attacker to execute arbitrary code in the context of the current user without requiring user interaction. The issue stems from improper limitation of a pathname to a restricted directory.

CVE-2026-48281
CriticalEPSS 54%

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.

CVE-2026-48277
CriticalEPSS 54%

A vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier is caused by improper input validation, potentially leading to remote arbitrary code execution in the context of the current user. Exploitation requires no user interaction and the scope is changed.

CVE-2026-48276
CriticalEPSS 56%

A vulnerability in ColdFusion allows unrestricted upload of files with dangerous types, potentially leading to arbitrary code execution in the context of the current user. Exploitation requires no user interaction and the scope is changed.

CVE-2026-14241
Critical

Memory safety bugs were found in Firefox 152.0.3, some showing evidence of memory corruption that could potentially be exploited to run arbitrary code. This vulnerability was fixed in Firefox 152.0.4.

CVE-2026-8655
Critical

Multiple memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway can lead to unpredictable or erroneous behavior and Denial of Service (DoS). The vulnerability occurs when NetScaler ADC is configured as an Oracle load balancer, DNS proxy, or DNS recursive resolver.

CVE-2026-8452
Critical

A memory overflow vulnerability in NetScaler ADC and NetScaler Gateway can lead to unpredictable or erroneous behavior and Denial of Service (DoS) if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

CVE-2026-6556
Critical

In @fastify/express versions 4.0.6 and earlier, plugin prefixes are not applied to middleware mount paths when they are arrays or regular expressions. Consequently, middleware registered this way is not executed for requests to prefixed routes, allowing security mechanisms to be bypassed.

CVE-2026-58116
Critical

LLaMA-Factory through version 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or Training interfaces. The application passes user-supplied model path input unvalidated into AutoTokenizer.from_pretrained() and AutoModel.from_pretrained() with a hardcoded trust_remote_code=True parameter, causing the Hugging Face transformers library to fetch and execute arbitrary code from a remote or local model repository with the privileges of the server process.

CVE-2026-8402
Critical

A Blind SQL Injection vulnerability was found in Eksagate SYSGUARD 6001 due to improper neutralization of special elements in SQL commands. The issue affects versions from 2.0.2 before 6.1.16.0, and the vendor no longer supports the product.

CVE-2026-53690
Critical

An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize user input and directly interpolates it into SQL queries without using prepared statements, allowing unauthenticated remote attackers to execute arbitrary SQL commands and extract sensitive database information.

PreviousPage 9 of 534Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS