CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-37534
Critical

CVE-2026-37534 describes an integer underflow vulnerability in Open-SAE-J1939, allowing attackers to write to arbitrary memory via a crafted sequence number from the CAN frame.

CVE-2026-37531
Critical

The AGL app framework in versions up to 17.1.12 contains a Zip Slip vulnerability allowing path traversal and a TOCTOU race condition in the widget installation process. The is_valid_filename function does not check for dot notation directory traversal sequences, allowing files to be written anywhere on the filesystem.

CVE-2026-42473
Critical

MixPHP Framework versions 2.x through 2.2.17 have an unsafe deserialization vulnerability. The session and cache handlers use unserialize() on data from the filesystem in the FileHandler object.

CVE-2026-42472
Critical

MixPHP Framework versions 2.x through 2.2.17 have an unsafe deserialization vulnerability. The session and cache handlers use unserialize() on data from Redis in the RedisHandler object.

CVE-2026-43039
Critical

A vulnerability has been identified in the Linux kernel that involves missing packet data copying from the XDP buffer to the skb structure, leading to kernel memory leakage to user space. Additionally, improper skb recycling marking may corrupt the page pool state.

CVE-2026-43038
Critical

In the Linux kernel, a vulnerability in ip6_err_gen_icmpv6_unreach() fails to clear the cb[] field in skb2, allowing an attacker to craft a malicious ICMPv4 packet with a CIPSO option, leading to out-of-bounds read and potential security compromise.

CVE-2026-43037
Critical

A vulnerability was found in the Linux kernel's ip4ip6_err() function in the IPv6-over-IPv4 tunnel. Failure to clear the cb[] buffer in a cloned skb (skb2) causes misinterpretation of data as an IPv4 structure, potentially leading to out-of-bounds read and stack buffer overflow.

CVE-2026-42484
Critical

Version 7.1.2 of hashcat contains a heap-based buffer overflow vulnerability in the hex_to_binary function in the PKZIP hash parser. An attacker can exploit this flaw to cause a denial of service or potentially execute arbitrary code via a crafted PKZIP hash file.

CVE-2026-42483
Critical

In version 7.1.2 of hashcat, there is a heap-based buffer overflow in the Kerberos hash parser, allowing an attacker to cause a denial of service or potentially execute arbitrary code via a crafted Kerberos hash file.

CVE-2026-42482
Critical

A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in hashcat v7.1.2 allows for denial of service or arbitrary code execution via a crafted rule file or the -j or -k options with password candidates of 128 or more characters.

CVE-2026-31718
Critical

A vulnerability has been identified in the Linux kernel related to use-after-free in the __ksmbd_close_fd() function. The issue arises when a durable file handle survives session disconnect, leading to improper management of byte-range locks.

CVE-2026-31705
Critical

W jądrze Linuksa naprawiono podatność, która pozwalała na zapis poza granicami bufora w funkcji smb2_get_ea(). Problem występował z powodu braku sprawdzenia długości bufora przed zastosowaniem wyrównania pamięci, co mogło prowadzić do nadpisania sąsiedniej pamięci jądra.

CVE-2026-42779
Critical

Apache MINA versions 2.1.0 to 2.1.11 and 2.2.0 to 2.2.6 are vulnerable to arbitrary code execution due to a lack of class verification in the AbstractIoBuffer.resolveClass() method. The fix was introduced in versions 2.1.12 and 2.2.7.

CVE-2026-42778
Critical

The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches of Apache MINA. The issue concerns an incomplete fix for CVE-2024-52046, where the classname allowlist for deserialization was applied too late.

CVE-2026-7567
Critical

The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, allowing authentication without a valid token.

CVE-2026-42996
Critical

JS8Call versions 2.3.1 and earlier, as well as JS8Call-improved before version 3.0, have a stack-based buffer overflow vulnerability that occurs during a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This issue occurs in the grid2deg function in APRSISClient.cpp.

CVE-2026-42994
Critical

Bitwarden CLI version 2026.4.0, obtained from npm on April 22, 2026, contained embedded malicious code. This incident is related to a Checkmarx supply chain issue.

CVE-2026-7546
Critical

A security vulnerability has been detected in Totolink NR1800X version 9.1.0u.6279_B20210910 in the function find_host_ip of the lighttpd component. Manipulation of the Host argument leads to stack-based buffer overflow.

CVE-2026-7538
Critical

A vulnerability was identified in the Totolink A8000RU device version 7.1cu.643_b20200521, affecting the function in the file /cgi-bin/cstecgi.cgi of the CGI Handler component. Manipulation of the argument proto leads to OS command injection.

CVE-2026-39858
Critical

In Traefik prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in ForwardAuth and snippet-based authentication middleware. The header sanitization logic does not strip alias variants with underscores (e.g., X_Forwarded_Proto), which are forwarded intact to the authentication backend, allowing an attacker to inject spoofed trust context.

PreviousPage 91 of 559Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS