close

DEV Community

CVE Reports profile picture

CVE Reports

CVEReports provides daily, automated deep-dives into the latest vulnerabilities, transforming emerging threats into comprehensive technical intelligence.

Joined Joined on  Personal website https://www.cvereports.com
CVE-2026-2332: CVE-2026-2332: HTTP Request Smuggling in Eclipse Jetty via Chunked Extension Quoted-String Parsing
cverports profile

CVE-2026-2332: CVE-2026-2332: HTTP Request Smuggling in Eclipse Jetty via Chunked Extension Quoted-String Parsing

#security #cve #cybersecurity
Comments
2 min read
GHSA-2X79-GWQ3-VXXM: GHSA-2x79-gwq3-vxxm: Infinite Loop Denial of Service in facil.io and iodine JSON Parser
cverports profile

GHSA-2X79-GWQ3-VXXM: GHSA-2x79-gwq3-vxxm: Infinite Loop Denial of Service in facil.io and iodine JSON Parser

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2023-2640: CVE-2023-2640: Local Privilege Escalation in Ubuntu Kernel OverlayFS (GameOver(lay))
cverports profile

CVE-2023-2640: CVE-2023-2640: Local Privilege Escalation in Ubuntu Kernel OverlayFS (GameOver(lay))

#security #cve #cybersecurity
Comments
2 min read
GHSA-G4VJ-CJJJ-V7HG: GHSA-G4VJ-CJJJ-V7HG: Defense in Depth Update for NuGet Client Handling Resource Consumption and Log Disclosure
cverports profile

GHSA-G4VJ-CJJJ-V7HG: GHSA-G4VJ-CJJJ-V7HG: Defense in Depth Update for NuGet Client Handling Resource Consumption and Log Disclosure

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-34621: CVE-2026-34621: Prototype Pollution to Arbitrary Code Execution in Adobe Acrobat EScript Engine
cverports profile

CVE-2026-34621: CVE-2026-34621: Prototype Pollution to Arbitrary Code Execution in Adobe Acrobat EScript Engine

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34457: CVE-2026-34457: Authentication Bypass via User-Agent Spoofing in OAuth2 Proxy
cverports profile

CVE-2026-34457: CVE-2026-34457: Authentication Bypass via User-Agent Spoofing in OAuth2 Proxy

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40310: CVE-2026-40310: Heap-Based Out-of-Bounds Write in ImageMagick JP2 Encoder
cverports profile

CVE-2026-40310: CVE-2026-40310: Heap-Based Out-of-Bounds Write in ImageMagick JP2 Encoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40312: CVE-2026-40312: Off-by-One Heap Memory Corruption in ImageMagick MSL Decoder
cverports profile

CVE-2026-40312: CVE-2026-40312: Off-by-One Heap Memory Corruption in ImageMagick MSL Decoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40311: CVE-2026-40311: Heap Use-After-Free in ImageMagick XMP Profile Parsing
cverports profile

CVE-2026-40311: CVE-2026-40311: Heap Use-After-Free in ImageMagick XMP Profile Parsing

#security #cve #cybersecurity
Comments
2 min read
CVE-2023-36424: CVE-2023-36424: Windows Common Log File System (CLFS) Driver Elevation of Privilege
cverports profile

CVE-2023-36424: CVE-2023-36424: Windows Common Log File System (CLFS) Driver Elevation of Privilege

#security #cve #cybersecurity
Comments
2 min read
CVE-2025-0520: CVE-2025-0520: Unauthenticated Remote Code Execution via Unrestricted File Upload in ShowDoc
cverports profile

CVE-2025-0520: CVE-2025-0520: Unauthenticated Remote Code Execution via Unrestricted File Upload in ShowDoc

#security #cve #cybersecurity
Comments
2 min read
GHSA-CMXV-58FP-FM3G: GHSA-cmxv-58fp-fm3g: Cross-Domain Credential Leakage in AsyncHttpClient
cverports profile

GHSA-CMXV-58FP-FM3G: GHSA-cmxv-58fp-fm3g: Cross-Domain Credential Leakage in AsyncHttpClient

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-527G-3W9M-29HV: GHSA-527g-3w9m-29hv: LDAP Injection in mitmproxy proxyauth Addon
cverports profile

GHSA-527G-3W9M-29HV: GHSA-527g-3w9m-29hv: LDAP Injection in mitmproxy proxyauth Addon

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-R4Q5-VMMM-2653: GHSA-R4Q5-VMMM-2653: Information Exposure via Sensitive Header Leak in follow-redirects
cverports profile

GHSA-R4Q5-VMMM-2653: GHSA-R4Q5-VMMM-2653: Information Exposure via Sensitive Header Leak in follow-redirects

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-76HW-P97H-883F: GHSA-76hw-p97h-883f: Arbitrary File Write via Path Traversal in gdown Archive Extraction
cverports profile

GHSA-76HW-P97H-883F: GHSA-76hw-p97h-883f: Arbitrary File Write via Path Traversal in gdown Archive Extraction

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-32270: CVE-2026-32270: Information Disclosure in Craft Commerce Payments Controller
cverports profile

CVE-2026-32270: CVE-2026-32270: Information Disclosure in Craft Commerce Payments Controller

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34069: CVE-2026-34069: Remote Denial of Service via Reachable Assertion in Nimiq Albatross Consensus
cverports profile

CVE-2026-34069: CVE-2026-34069: Remote Denial of Service via Reachable Assertion in Nimiq Albatross Consensus

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-5724: CVE-2026-5724: Missing Authentication in Temporal gRPC Streaming Endpoint
cverports profile

CVE-2026-5724: CVE-2026-5724: Missing Authentication in Temporal gRPC Streaming Endpoint

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33900: CVE-2026-33900: Heap-Based Buffer Overflow via Integer Truncation in ImageMagick VIFF Encoder
cverports profile

CVE-2026-33900: CVE-2026-33900: Heap-Based Buffer Overflow via Integer Truncation in ImageMagick VIFF Encoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34238: CVE-2026-34238: Heap Buffer Overflow in ImageMagick Despeckle Operation
cverports profile

CVE-2026-34238: CVE-2026-34238: Heap Buffer Overflow in ImageMagick Despeckle Operation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33899: CVE-2026-33899: Heap-Based Buffer Overflow via Integer Underflow in ImageMagick XML Parser
cverports profile

CVE-2026-33899: CVE-2026-33899: Heap-Based Buffer Overflow via Integer Underflow in ImageMagick XML Parser

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-28291: CVE-2026-28291: Command Execution via Option-Parsing Bypass in simple-git
cverports profile

CVE-2026-28291: CVE-2026-28291: Command Execution via Option-Parsing Bypass in simple-git

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-23891: CVE-2026-23891: Critical Stored Cross-Site Scripting (XSS) in Decidim User Profiles
cverports profile

CVE-2026-23891: CVE-2026-23891: Critical Stored Cross-Site Scripting (XSS) in Decidim User Profiles

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-27654: CVE-2026-27654: Heap-based Buffer Overflow in NGINX ngx_http_dav_module via Integer Underflow
cverports profile

CVE-2026-27654: CVE-2026-27654: Heap-based Buffer Overflow in NGINX ngx_http_dav_module via Integer Underflow

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40097: CVE-2026-40097: Index Out-of-Bounds Panic in Step CA TPM Attestation
cverports profile

CVE-2026-40097: CVE-2026-40097: Index Out-of-Bounds Panic in Step CA TPM Attestation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40109: CVE-2026-40109: Improper Authentication in Flux notification-controller GCR Receiver
cverports profile

CVE-2026-40109: CVE-2026-40109: Improper Authentication in Flux notification-controller GCR Receiver

#security #cve #cybersecurity
Comments
2 min read
GHSA-6V7Q-WJVX-W8WG: GHSA-6V7Q-WJVX-W8WG: Arbitrary FTP Command Execution via CRLF Injection in basic-ftp
cverports profile

GHSA-6V7Q-WJVX-W8WG: GHSA-6V7Q-WJVX-W8WG: Arbitrary FTP Command Execution via CRLF Injection in basic-ftp

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FFQ7-898W-9JC4: GHSA-FFQ7-898W-9JC4: Stored Cross-Site Scripting via SVG Upload in DotNetNuke
cverports profile

GHSA-FFQ7-898W-9JC4: GHSA-FFQ7-898W-9JC4: Stored Cross-Site Scripting via SVG Upload in DotNetNuke

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-40194: CVE-2026-40194: Observable Timing Discrepancy in phpseclib SSH2 HMAC Verification
cverports profile

CVE-2026-40194: CVE-2026-40194: Observable Timing Discrepancy in phpseclib SSH2 HMAC Verification

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40242: CVE-2026-40242: Unauthenticated Server-Side Request Forgery in Arcane Template Fetch Mechanism
cverports profile

CVE-2026-40242: CVE-2026-40242: Unauthenticated Server-Side Request Forgery in Arcane Template Fetch Mechanism

#security #cve #cybersecurity
Comments
2 min read
GHSA-75HX-XJ24-MQRW: GHSA-75HX-XJ24-MQRW: Unauthenticated Access and Information Exposure in n8n-mcp HTTP Transport
cverports profile

GHSA-75HX-XJ24-MQRW: GHSA-75HX-XJ24-MQRW: Unauthenticated Access and Information Exposure in n8n-mcp HTTP Transport

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-5412: CVE-2026-5412: Broken Access Control in Juju API Leads to Cloud Credential Leak
cverports profile

CVE-2026-5412: CVE-2026-5412: Broken Access Control in Juju API Leads to Cloud Credential Leak

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-5774: CVE-2026-5774: Race Condition and Denial of Service in Canonical Juju API Server
cverports profile

CVE-2026-5774: CVE-2026-5774: Race Condition and Denial of Service in Canonical Juju API Server

#security #cve #cybersecurity
Comments
2 min read
GHSA-8F24-V5VV-GM5J: GHSA-8f24-v5vv-gm5j: Open Redirect in next-intl Middleware via URL Parsing Discrepancy
cverports profile

GHSA-8F24-V5VV-GM5J: GHSA-8f24-v5vv-gm5j: Open Redirect in next-intl Middleware via URL Parsing Discrepancy

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FPJ4-9QHX-5M6M: GHSA-FPJ4-9QHX-5M6M: Improper Authorization in DNN Platform Friend Request Flow
cverports profile

GHSA-FPJ4-9QHX-5M6M: GHSA-FPJ4-9QHX-5M6M: Improper Authorization in DNN Platform Friend Request Flow

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-2RHW-GW3F-477J: GHSA-2RHW-GW3F-477J: Predictable HostGUID Assignment in DNN Platform New Installations
cverports profile

GHSA-2RHW-GW3F-477J: GHSA-2RHW-GW3F-477J: Predictable HostGUID Assignment in DNN Platform New Installations

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-93VF-569F-22CQ: GHSA-93VF-569F-22CQ: CSS Injection in PHP rhukster/dom-sanitizer via SVG Style Tags
cverports profile

GHSA-93VF-569F-22CQ: GHSA-93VF-569F-22CQ: CSS Injection in PHP rhukster/dom-sanitizer via SVG Style Tags

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-68QG-G8MG-6PR7: GHSA-68QG-G8MG-6PR7: Unauthenticated Remote Code Execution in Paperclip via Authorization Bypass Chain
cverports profile

GHSA-68QG-G8MG-6PR7: GHSA-68QG-G8MG-6PR7: Unauthenticated Remote Code Execution in Paperclip via Authorization Bypass Chain

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-55V6-G8PM-PW4C: GHSA-55V6-G8PM-PW4C: Server-Side Request Forgery and CORS Misconfiguration in rembg API
cverports profile

GHSA-55V6-G8PM-PW4C: GHSA-55V6-G8PM-PW4C: Server-Side Request Forgery and CORS Misconfiguration in rembg API

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-X7MM-9VVV-64W8: GHSA-X7MM-9VVV-64W8: Reflected Cross-Site Scripting in unhead Streaming SSR
cverports profile

GHSA-X7MM-9VVV-64W8: GHSA-X7MM-9VVV-64W8: Reflected Cross-Site Scripting in unhead Streaming SSR

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-JVFF-X2QM-6286: GHSA-jvff-x2qm-6286: Arbitrary JavaScript Execution via Sandbox Bypass in mathjs
cverports profile

GHSA-JVFF-X2QM-6286: GHSA-jvff-x2qm-6286: Arbitrary JavaScript Execution via Sandbox Bypass in mathjs

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-9CP7-J3F8-P5JX: GHSA-9CP7-J3F8-P5JX: Unauthenticated Path Traversal and Zip Slip in Daptin
cverports profile

GHSA-9CP7-J3F8-P5JX: GHSA-9CP7-J3F8-P5JX: Unauthenticated Path Traversal and Zip Slip in Daptin

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-40189: CVE-2026-40189: Critical Authorization Bypass in goshs State-Changing Routes
cverports profile

CVE-2026-40189: CVE-2026-40189: Critical Authorization Bypass in goshs State-Changing Routes

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40162: CVE-2026-40162: Authenticated Arbitrary File Write in Bugsink Artifact Assembly
cverports profile

CVE-2026-40162: CVE-2026-40162: Authenticated Arbitrary File Write in Bugsink Artifact Assembly

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39961: CVE-2026-39961: Cross-Namespace Secret Exfiltration via Confused Deputy in Aiven Operator
cverports profile

CVE-2026-39961: CVE-2026-39961: Cross-Namespace Secret Exfiltration via Confused Deputy in Aiven Operator

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40074: CVE-2026-40074: Denial of Service via Unhandled Exceptions in SvelteKit Redirects
cverports profile

CVE-2026-40074: CVE-2026-40074: Denial of Service via Unhandled Exceptions in SvelteKit Redirects

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40077: CVE-2026-40077: Insecure Direct Object Reference in Beszel Hub API
cverports profile

CVE-2026-40077: CVE-2026-40077: Insecure Direct Object Reference in Beszel Hub API

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40073: CVE-2026-40073: Unrestricted Resource Allocation in SvelteKit adapter-node via Chunked Transfer Encoding
cverports profile

CVE-2026-40073: CVE-2026-40073: Unrestricted Resource Allocation in SvelteKit adapter-node via Chunked Transfer Encoding

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40103: CVE-2026-40103: Authorization Bypass via Method Confusion in Vikunja API
cverports profile

CVE-2026-40103: CVE-2026-40103: Authorization Bypass via Method Confusion in Vikunja API

#security #cve #cybersecurity
Comments
2 min read
CVE-2024-23653: CVE-2024-23653: Build-Time Container Escape in Moby BuildKit via GRPC API Authorization Bypass
cverports profile

CVE-2024-23653: CVE-2024-23653: Build-Time Container Escape in Moby BuildKit via GRPC API Authorization Bypass

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40046: CVE-2026-40046: Integer Overflow and Protocol Smuggling in Apache ActiveMQ MQTT Decoder
cverports profile

CVE-2026-40046: CVE-2026-40046: Integer Overflow and Protocol Smuggling in Apache ActiveMQ MQTT Decoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34941: CVE-2026-34941: Heap Out-of-bounds Read in Wasmtime Component String Transcoding
cverports profile

CVE-2026-34941: CVE-2026-34941: Heap Out-of-bounds Read in Wasmtime Component String Transcoding

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34942: CVE-2026-34942: Denial of Service via Unaligned Memory Allocation in Wasmtime Component Model
cverports profile

CVE-2026-34942: CVE-2026-34942: Denial of Service via Unaligned Memory Allocation in Wasmtime Component Model

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34943: CVE-2026-34943: Host-Side Panic and Denial of Service in Wasmtime Dynamic Lifting
cverports profile

CVE-2026-34943: CVE-2026-34943: Host-Side Panic and Denial of Service in Wasmtime Dynamic Lifting

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34944: CVE-2026-34944: Out-of-bounds Read and Denial of Service in Wasmtime Cranelift Backend
cverports profile

CVE-2026-34944: CVE-2026-34944: Out-of-bounds Read and Denial of Service in Wasmtime Cranelift Backend

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34945: CVE-2026-34945: Host Stack Memory Leak via Type Confusion in Wasmtime Winch Compiler
cverports profile

CVE-2026-34945: CVE-2026-34945: Host Stack Memory Leak via Type Confusion in Wasmtime Winch Compiler

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34946: CVE-2026-34946: Host Panic Denial of Service in Wasmtime Winch Compiler
cverports profile

CVE-2026-34946: CVE-2026-34946: Host Panic Denial of Service in Wasmtime Winch Compiler

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-23226: CVE-2026-23226: Use-After-Free in Linux Kernel ksmbd Multi-Channel Sessions
cverports profile

CVE-2026-23226: CVE-2026-23226: Use-After-Free in Linux Kernel ksmbd Multi-Channel Sessions

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34971: CVE-2026-34971: Critical Sandbox Escape via Cranelift Miscompilation on AArch64
cverports profile

CVE-2026-34971: CVE-2026-34971: Critical Sandbox Escape via Cranelift Miscompilation on AArch64

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34983: CVE-2026-34983: Use-After-Free in Wasmtime Linker StringPool
cverports profile

CVE-2026-34983: CVE-2026-34983: Use-After-Free in Wasmtime Linker StringPool

#security #cve #cybersecurity
Comments
2 min read
loading...