CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
CVE-2026-37534 describes an integer underflow vulnerability in Open-SAE-J1939, allowing attackers to write to arbitrary memory via a crafted sequence number from the CAN frame.
The AGL app framework in versions up to 17.1.12 contains a Zip Slip vulnerability allowing path traversal and a TOCTOU race condition in the widget installation process. The is_valid_filename function does not check for dot notation directory traversal sequences, allowing files to be written anywhere on the filesystem.
MixPHP Framework versions 2.x through 2.2.17 have an unsafe deserialization vulnerability. The session and cache handlers use unserialize() on data from the filesystem in the FileHandler object.
MixPHP Framework versions 2.x through 2.2.17 have an unsafe deserialization vulnerability. The session and cache handlers use unserialize() on data from Redis in the RedisHandler object.
A vulnerability has been identified in the Linux kernel that involves missing packet data copying from the XDP buffer to the skb structure, leading to kernel memory leakage to user space. Additionally, improper skb recycling marking may corrupt the page pool state.
In the Linux kernel, a vulnerability in ip6_err_gen_icmpv6_unreach() fails to clear the cb[] field in skb2, allowing an attacker to craft a malicious ICMPv4 packet with a CIPSO option, leading to out-of-bounds read and potential security compromise.
A vulnerability was found in the Linux kernel's ip4ip6_err() function in the IPv6-over-IPv4 tunnel. Failure to clear the cb[] buffer in a cloned skb (skb2) causes misinterpretation of data as an IPv4 structure, potentially leading to out-of-bounds read and stack buffer overflow.
Version 7.1.2 of hashcat contains a heap-based buffer overflow vulnerability in the hex_to_binary function in the PKZIP hash parser. An attacker can exploit this flaw to cause a denial of service or potentially execute arbitrary code via a crafted PKZIP hash file.
In version 7.1.2 of hashcat, there is a heap-based buffer overflow in the Kerberos hash parser, allowing an attacker to cause a denial of service or potentially execute arbitrary code via a crafted Kerberos hash file.
A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in hashcat v7.1.2 allows for denial of service or arbitrary code execution via a crafted rule file or the -j or -k options with password candidates of 128 or more characters.
A vulnerability has been identified in the Linux kernel related to use-after-free in the __ksmbd_close_fd() function. The issue arises when a durable file handle survives session disconnect, leading to improper management of byte-range locks.
W jądrze Linuksa naprawiono podatność, która pozwalała na zapis poza granicami bufora w funkcji smb2_get_ea(). Problem występował z powodu braku sprawdzenia długości bufora przed zastosowaniem wyrównania pamięci, co mogło prowadzić do nadpisania sąsiedniej pamięci jądra.
Apache MINA versions 2.1.0 to 2.1.11 and 2.2.0 to 2.2.6 are vulnerable to arbitrary code execution due to a lack of class verification in the AbstractIoBuffer.resolveClass() method. The fix was introduced in versions 2.1.12 and 2.2.7.
The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches of Apache MINA. The issue concerns an incomplete fix for CVE-2024-52046, where the classname allowlist for deserialization was applied too late.
The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, allowing authentication without a valid token.
JS8Call versions 2.3.1 and earlier, as well as JS8Call-improved before version 3.0, have a stack-based buffer overflow vulnerability that occurs during a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This issue occurs in the grid2deg function in APRSISClient.cpp.
Bitwarden CLI version 2026.4.0, obtained from npm on April 22, 2026, contained embedded malicious code. This incident is related to a Checkmarx supply chain issue.
A security vulnerability has been detected in Totolink NR1800X version 9.1.0u.6279_B20210910 in the function find_host_ip of the lighttpd component. Manipulation of the Host argument leads to stack-based buffer overflow.
A vulnerability was identified in the Totolink A8000RU device version 7.1cu.643_b20200521, affecting the function in the file /cgi-bin/cstecgi.cgi of the CGI Handler component. Manipulation of the argument proto leads to OS command injection.
In Traefik prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in ForwardAuth and snippet-based authentication middleware. The header sanitization logic does not strip alias variants with underscores (e.g., X_Forwarded_Proto), which are forwarded intact to the authentication backend, allowing an attacker to inject spoofed trust context.

