| CVE-2026-10783 |
2026-06-04 |
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of wea… |
| CVE-2026-10766 |
2026-06-03 |
A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/utils/helpers.py of the component DataFrame Hash Hand… |
| CVE-2026-36609 |
2026-06-03 |
Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-base… |
| CVE-2026-45701 |
2026-06-01 |
Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash… |
| CVE-2026-49323 |
2026-05-29 |
Weak authentication between the Wireless Control Module (WCM) and the Engine Control Module (ECM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with … |
| CVE-2026-49322 |
2026-05-29 |
Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to … |
| CVE-2026-44053 |
2026-05-21 |
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic att… |
| CVE-2026-8803 |
2026-05-18 |
A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation caus… |
| CVE-2026-44699 |
2026-05-15 |
LibJWT is a C JSON Web Token Library. From 3.0.0 to 3.3.2, libjwt accepts an RSA JWK that does not contain an alg parameter as the verification key for an HS256/HS384/HS512 token. In the OpenSSL backe… |
| CVE-2026-8072 |
2026-05-12 |
Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based … |
| CVE-2026-6411 |
2026-05-07 |
This vulnerability, in the MAXHUB Pivot client application versions
prior to v1.36.2, may allow an attacker to obtain encrypted tenant email
addresses and related metadata from any tenant. Due to th… |
| CVE-2026-44405 |
2026-05-06 |
In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm. |
| CVE-2026-7845 |
2026-05-05 |
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py o… |
| CVE-2026-7103 |
2026-04-27 |
A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update_user.php of the component MD5 Hash Handler. This manipulation of the argument Passwo… |
| CVE-2026-5926 |
2026-04-23 |
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Acces… |
| CVE-2026-32959 |
2026-04-20 |
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle … |
| CVE-2026-5588 |
2026-04-15 |
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pki… |
| CVE-2025-14813 |
2026-04-15 |
: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules).
This vulnerability is associated with program files G3413CT… |
| CVE-2026-29129 |
2026-04-09 |
Configured cipher preference order not preserved vulnerability in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0… |
| CVE-2025-14859 |
2026-04-07 |
The Semtech LR11xx LoRa transceivers implement secure boot functionality using digital signatures to authenticate firmware. However, the implementation uses a non-standard cryptographic hashing algori… |