DEV Community

CVE Reports profile picture

CVE Reports

CVEReports provides daily, automated deep-dives into the latest vulnerabilities, transforming emerging threats into comprehensive technical intelligence.

Joined Joined on  Personal website https://www.cvereports.com
CVE-2026-27654: CVE-2026-27654: Heap-based Buffer Overflow in NGINX ngx_http_dav_module via Integer Underflow
cverports profile

CVE-2026-27654: CVE-2026-27654: Heap-based Buffer Overflow in NGINX ngx_http_dav_module via Integer Underflow

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40097: CVE-2026-40097: Index Out-of-Bounds Panic in Step CA TPM Attestation
cverports profile

CVE-2026-40097: CVE-2026-40097: Index Out-of-Bounds Panic in Step CA TPM Attestation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40109: CVE-2026-40109: Improper Authentication in Flux notification-controller GCR Receiver
cverports profile

CVE-2026-40109: CVE-2026-40109: Improper Authentication in Flux notification-controller GCR Receiver

#security #cve #cybersecurity
Comments
2 min read
GHSA-6V7Q-WJVX-W8WG: GHSA-6V7Q-WJVX-W8WG: Arbitrary FTP Command Execution via CRLF Injection in basic-ftp
cverports profile

GHSA-6V7Q-WJVX-W8WG: GHSA-6V7Q-WJVX-W8WG: Arbitrary FTP Command Execution via CRLF Injection in basic-ftp

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FFQ7-898W-9JC4: GHSA-FFQ7-898W-9JC4: Stored Cross-Site Scripting via SVG Upload in DotNetNuke
cverports profile

GHSA-FFQ7-898W-9JC4: GHSA-FFQ7-898W-9JC4: Stored Cross-Site Scripting via SVG Upload in DotNetNuke

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-40194: CVE-2026-40194: Observable Timing Discrepancy in phpseclib SSH2 HMAC Verification
cverports profile

CVE-2026-40194: CVE-2026-40194: Observable Timing Discrepancy in phpseclib SSH2 HMAC Verification

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40242: CVE-2026-40242: Unauthenticated Server-Side Request Forgery in Arcane Template Fetch Mechanism
cverports profile

CVE-2026-40242: CVE-2026-40242: Unauthenticated Server-Side Request Forgery in Arcane Template Fetch Mechanism

#security #cve #cybersecurity
Comments
2 min read
GHSA-75HX-XJ24-MQRW: GHSA-75HX-XJ24-MQRW: Unauthenticated Access and Information Exposure in n8n-mcp HTTP Transport
cverports profile

GHSA-75HX-XJ24-MQRW: GHSA-75HX-XJ24-MQRW: Unauthenticated Access and Information Exposure in n8n-mcp HTTP Transport

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-5412: CVE-2026-5412: Broken Access Control in Juju API Leads to Cloud Credential Leak
cverports profile

CVE-2026-5412: CVE-2026-5412: Broken Access Control in Juju API Leads to Cloud Credential Leak

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-5774: CVE-2026-5774: Race Condition and Denial of Service in Canonical Juju API Server
cverports profile

CVE-2026-5774: CVE-2026-5774: Race Condition and Denial of Service in Canonical Juju API Server

#security #cve #cybersecurity
Comments
2 min read
GHSA-8F24-V5VV-GM5J: GHSA-8f24-v5vv-gm5j: Open Redirect in next-intl Middleware via URL Parsing Discrepancy
cverports profile

GHSA-8F24-V5VV-GM5J: GHSA-8f24-v5vv-gm5j: Open Redirect in next-intl Middleware via URL Parsing Discrepancy

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FPJ4-9QHX-5M6M: GHSA-FPJ4-9QHX-5M6M: Improper Authorization in DNN Platform Friend Request Flow
cverports profile

GHSA-FPJ4-9QHX-5M6M: GHSA-FPJ4-9QHX-5M6M: Improper Authorization in DNN Platform Friend Request Flow

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-2RHW-GW3F-477J: GHSA-2RHW-GW3F-477J: Predictable HostGUID Assignment in DNN Platform New Installations
cverports profile

GHSA-2RHW-GW3F-477J: GHSA-2RHW-GW3F-477J: Predictable HostGUID Assignment in DNN Platform New Installations

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-93VF-569F-22CQ: GHSA-93VF-569F-22CQ: CSS Injection in PHP rhukster/dom-sanitizer via SVG Style Tags
cverports profile

GHSA-93VF-569F-22CQ: GHSA-93VF-569F-22CQ: CSS Injection in PHP rhukster/dom-sanitizer via SVG Style Tags

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-68QG-G8MG-6PR7: GHSA-68QG-G8MG-6PR7: Unauthenticated Remote Code Execution in Paperclip via Authorization Bypass Chain
cverports profile

GHSA-68QG-G8MG-6PR7: GHSA-68QG-G8MG-6PR7: Unauthenticated Remote Code Execution in Paperclip via Authorization Bypass Chain

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-55V6-G8PM-PW4C: GHSA-55V6-G8PM-PW4C: Server-Side Request Forgery and CORS Misconfiguration in rembg API
cverports profile

GHSA-55V6-G8PM-PW4C: GHSA-55V6-G8PM-PW4C: Server-Side Request Forgery and CORS Misconfiguration in rembg API

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-X7MM-9VVV-64W8: GHSA-X7MM-9VVV-64W8: Reflected Cross-Site Scripting in unhead Streaming SSR
cverports profile

GHSA-X7MM-9VVV-64W8: GHSA-X7MM-9VVV-64W8: Reflected Cross-Site Scripting in unhead Streaming SSR

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-JVFF-X2QM-6286: GHSA-jvff-x2qm-6286: Arbitrary JavaScript Execution via Sandbox Bypass in mathjs
cverports profile

GHSA-JVFF-X2QM-6286: GHSA-jvff-x2qm-6286: Arbitrary JavaScript Execution via Sandbox Bypass in mathjs

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-9CP7-J3F8-P5JX: GHSA-9CP7-J3F8-P5JX: Unauthenticated Path Traversal and Zip Slip in Daptin
cverports profile

GHSA-9CP7-J3F8-P5JX: GHSA-9CP7-J3F8-P5JX: Unauthenticated Path Traversal and Zip Slip in Daptin

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-40189: CVE-2026-40189: Critical Authorization Bypass in goshs State-Changing Routes
cverports profile

CVE-2026-40189: CVE-2026-40189: Critical Authorization Bypass in goshs State-Changing Routes

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40162: CVE-2026-40162: Authenticated Arbitrary File Write in Bugsink Artifact Assembly
cverports profile

CVE-2026-40162: CVE-2026-40162: Authenticated Arbitrary File Write in Bugsink Artifact Assembly

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39961: CVE-2026-39961: Cross-Namespace Secret Exfiltration via Confused Deputy in Aiven Operator
cverports profile

CVE-2026-39961: CVE-2026-39961: Cross-Namespace Secret Exfiltration via Confused Deputy in Aiven Operator

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40074: CVE-2026-40074: Denial of Service via Unhandled Exceptions in SvelteKit Redirects
cverports profile

CVE-2026-40074: CVE-2026-40074: Denial of Service via Unhandled Exceptions in SvelteKit Redirects

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40077: CVE-2026-40077: Insecure Direct Object Reference in Beszel Hub API
cverports profile

CVE-2026-40077: CVE-2026-40077: Insecure Direct Object Reference in Beszel Hub API

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40073: CVE-2026-40073: Unrestricted Resource Allocation in SvelteKit adapter-node via Chunked Transfer Encoding
cverports profile

CVE-2026-40073: CVE-2026-40073: Unrestricted Resource Allocation in SvelteKit adapter-node via Chunked Transfer Encoding

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40103: CVE-2026-40103: Authorization Bypass via Method Confusion in Vikunja API
cverports profile

CVE-2026-40103: CVE-2026-40103: Authorization Bypass via Method Confusion in Vikunja API

#security #cve #cybersecurity
Comments
2 min read
CVE-2024-23653: CVE-2024-23653: Build-Time Container Escape in Moby BuildKit via GRPC API Authorization Bypass
cverports profile

CVE-2024-23653: CVE-2024-23653: Build-Time Container Escape in Moby BuildKit via GRPC API Authorization Bypass

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40046: CVE-2026-40046: Integer Overflow and Protocol Smuggling in Apache ActiveMQ MQTT Decoder
cverports profile

CVE-2026-40046: CVE-2026-40046: Integer Overflow and Protocol Smuggling in Apache ActiveMQ MQTT Decoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34941: CVE-2026-34941: Heap Out-of-bounds Read in Wasmtime Component String Transcoding
cverports profile

CVE-2026-34941: CVE-2026-34941: Heap Out-of-bounds Read in Wasmtime Component String Transcoding

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34942: CVE-2026-34942: Denial of Service via Unaligned Memory Allocation in Wasmtime Component Model
cverports profile

CVE-2026-34942: CVE-2026-34942: Denial of Service via Unaligned Memory Allocation in Wasmtime Component Model

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34943: CVE-2026-34943: Host-Side Panic and Denial of Service in Wasmtime Dynamic Lifting
cverports profile

CVE-2026-34943: CVE-2026-34943: Host-Side Panic and Denial of Service in Wasmtime Dynamic Lifting

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34944: CVE-2026-34944: Out-of-bounds Read and Denial of Service in Wasmtime Cranelift Backend
cverports profile

CVE-2026-34944: CVE-2026-34944: Out-of-bounds Read and Denial of Service in Wasmtime Cranelift Backend

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34945: CVE-2026-34945: Host Stack Memory Leak via Type Confusion in Wasmtime Winch Compiler
cverports profile

CVE-2026-34945: CVE-2026-34945: Host Stack Memory Leak via Type Confusion in Wasmtime Winch Compiler

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34946: CVE-2026-34946: Host Panic Denial of Service in Wasmtime Winch Compiler
cverports profile

CVE-2026-34946: CVE-2026-34946: Host Panic Denial of Service in Wasmtime Winch Compiler

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-23226: CVE-2026-23226: Use-After-Free in Linux Kernel ksmbd Multi-Channel Sessions
cverports profile

CVE-2026-23226: CVE-2026-23226: Use-After-Free in Linux Kernel ksmbd Multi-Channel Sessions

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34971: CVE-2026-34971: Critical Sandbox Escape via Cranelift Miscompilation on AArch64
cverports profile

CVE-2026-34971: CVE-2026-34971: Critical Sandbox Escape via Cranelift Miscompilation on AArch64

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34983: CVE-2026-34983: Use-After-Free in Wasmtime Linker StringPool
cverports profile

CVE-2026-34983: CVE-2026-34983: Use-After-Free in Wasmtime Linker StringPool

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34988: CVE-2026-34988: Cross-Guest Memory Leak in Wasmtime Pooling Allocator
cverports profile

CVE-2026-34988: CVE-2026-34988: Cross-Guest Memory Leak in Wasmtime Pooling Allocator

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-35195: CVE-2026-35195: Out-of-Bounds Write in Wasmtime Component Model Transcoding
cverports profile

CVE-2026-35195: CVE-2026-35195: Out-of-Bounds Write in Wasmtime Component Model Transcoding

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39315: CVE-2026-39315: Cross-Site Scripting Filter Bypass in Unhead useHeadSafe()
cverports profile

CVE-2026-39315: CVE-2026-39315: Cross-Site Scripting Filter Bypass in Unhead useHeadSafe()

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40070: CVE-2026-40070: Improper Verification of Cryptographic Signature in bsv-ruby-sdk
cverports profile

CVE-2026-40070: CVE-2026-40070: Improper Verification of Cryptographic Signature in bsv-ruby-sdk

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40069: CVE-2026-40069: Integrity Verification Failure in BSV Ruby SDK ARC Broadcaster
cverports profile

CVE-2026-40069: CVE-2026-40069: Integrity Verification Failure in BSV Ruby SDK ARC Broadcaster

#security #cve #cybersecurity
Comments
2 min read
GHSA-CM8V-2VH9-CXF3: GHSA-cm8v-2vh9-cxf3: Remote Code Execution via Incomplete Environment Variable Denylist in OpenClaw
cverports profile

GHSA-CM8V-2VH9-CXF3: GHSA-cm8v-2vh9-cxf3: Remote Code Execution via Incomplete Environment Variable Denylist in OpenClaw

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-9GJV-JVM7-VV2V: GHSA-9GJV-JVM7-VV2V: Improper Access Control Exposes Private Sub-Object Data in Gramps Web API
cverports profile

GHSA-9GJV-JVM7-VV2V: GHSA-9GJV-JVM7-VV2V: Improper Access Control Exposes Private Sub-Object Data in Gramps Web API

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-33439: CVE-2026-33439: Pre-Authentication Remote Code Execution in OpenAM via JATO clientSession Deserialization
cverports profile

CVE-2026-33439: CVE-2026-33439: Pre-Authentication Remote Code Execution in OpenAM via JATO clientSession Deserialization

#security #cve #cybersecurity
Comments
2 min read
GHSA-3VVQ-Q2QC-7RMP: GHSA-3VVQ-Q2QC-7RMP: Remote Code Execution via Missing Integrity Check in OpenClaw Package Manager
cverports profile

GHSA-3VVQ-Q2QC-7RMP: GHSA-3VVQ-Q2QC-7RMP: Remote Code Execution via Missing Integrity Check in OpenClaw Package Manager

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-CCX3-FW7Q-RR2R: GHSA-ccx3-fw7q-rr2r: Unbounded Base64 Decoding Leading to Denial of Service in OpenClaw
cverports profile

GHSA-CCX3-FW7Q-RR2R: GHSA-ccx3-fw7q-rr2r: Unbounded Base64 Decoding Leading to Denial of Service in OpenClaw

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-35041: CVE-2026-35041: Regular Expression Denial of Service in fast-jwt
cverports profile

CVE-2026-35041: CVE-2026-35041: Regular Expression Denial of Service in fast-jwt

#security #cve #cybersecurity
Comments
2 min read
GHSA-JF56-MCCX-5F3F: GHSA-JF56-MCCX-5F3F: Indirect Prompt Injection and Agent Compromise in OpenClaw Webhooks
cverports profile

GHSA-JF56-MCCX-5F3F: GHSA-JF56-MCCX-5F3F: Indirect Prompt Injection and Agent Compromise in OpenClaw Webhooks

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-7437-7HG8-FRRW: GHSA-7437-7HG8-FRRW: Remote Code Execution via Build Tool Environment Injection in OpenClaw
cverports profile

GHSA-7437-7HG8-FRRW: GHSA-7437-7HG8-FRRW: Remote Code Execution via Build Tool Environment Injection in OpenClaw

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-21413: CVE-2026-21413: Heap-Based Buffer Overflow in LibRaw Lossless JPEG Decoder
cverports profile

CVE-2026-21413: CVE-2026-21413: Heap-Based Buffer Overflow in LibRaw Lossless JPEG Decoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-20911: CVE-2026-20911: Remote Code Execution via Heap-Based Buffer Overflow in LibRaw HuffTable::initval
cverports profile

CVE-2026-20911: CVE-2026-20911: Remote Code Execution via Heap-Based Buffer Overflow in LibRaw HuffTable::initval

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-20889: CVE-2026-20889: Heap-based Buffer Overflow in LibRaw X3F Thumbnail Parser
cverports profile

CVE-2026-20889: CVE-2026-20889: Heap-based Buffer Overflow in LibRaw X3F Thumbnail Parser

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39882: CVE-2026-39882: Memory Exhaustion Denial of Service in OpenTelemetry-Go OTLP HTTP Exporters
cverports profile

CVE-2026-39882: CVE-2026-39882: Memory Exhaustion Denial of Service in OpenTelemetry-Go OTLP HTTP Exporters

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39883: CVE-2026-39883: PATH Hijacking via Insecure kenv Execution in OpenTelemetry Go SDK
cverports profile

CVE-2026-39883: CVE-2026-39883: PATH Hijacking via Insecure kenv Execution in OpenTelemetry Go SDK

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39885: CVE-2026-39885: Server-Side Request Forgery and Local File Inclusion in FrontMCP mcp-from-openapi
cverports profile

CVE-2026-39885: CVE-2026-39885: Server-Side Request Forgery and Local File Inclusion in FrontMCP mcp-from-openapi

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39901: CVE-2026-39901: Authorization Bypass and Transaction Integrity Flaw in monetr
cverports profile

CVE-2026-39901: CVE-2026-39901: Authorization Bypass and Transaction Integrity Flaw in monetr

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39892: CVE-2026-39892: Out-of-bounds Read in Python Cryptography via Non-Contiguous Buffers
cverports profile

CVE-2026-39892: CVE-2026-39892: Out-of-bounds Read in Python Cryptography via Non-Contiguous Buffers

#security #cve #cybersecurity
Comments
2 min read
GHSA-XRW6-GWF8-VVR9: GHSA-XRW6-GWF8-VVR9: Signal Spoofing and Resource Exhaustion in Tmds.DBus
cverports profile

GHSA-XRW6-GWF8-VVR9: GHSA-XRW6-GWF8-VVR9: Signal Spoofing and Resource Exhaustion in Tmds.DBus

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-HWR4-MQ23-WCV5: GHSA-HWR4-MQ23-WCV5: Cache Key Collision and Authorization Bypass in Mercure Hub
cverports profile

GHSA-HWR4-MQ23-WCV5: GHSA-HWR4-MQ23-WCV5: Cache Key Collision and Authorization Bypass in Mercure Hub

#security #cve #cybersecurity #ghsa
Comments
2 min read
loading...