DEV Community

CVE Reports profile picture

CVE Reports

CVEReports provides daily, automated deep-dives into the latest vulnerabilities, transforming emerging threats into comprehensive technical intelligence.

Joined Joined on  Personal website https://www.cvereports.com
GHSA-8M29-FPQ5-89JJ: GHSA-8M29-FPQ5-89JJ: Consensus Divergence in Zebra via Improper Sighash Hash-Type Handling
cverports profile

GHSA-8M29-FPQ5-89JJ: GHSA-8M29-FPQ5-89JJ: Consensus Divergence in Zebra via Improper Sighash Hash-Type Handling

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-35402: CVE-2026-35402: Improper Access Control in mcp-neo4j-cypher via Stored Procedure Bypass
cverports profile

CVE-2026-35402: CVE-2026-35402: Improper Access Control in mcp-neo4j-cypher via Stored Procedure Bypass

#security #cve #cybersecurity
Comments
2 min read
GHSA-JP74-MFRX-3QVH: GHSA-jp74-mfrx-3qvh: Authenticated SQL Injection in Saltcorn Mobile Sync Endpoints
cverports profile

GHSA-JP74-MFRX-3QVH: GHSA-jp74-mfrx-3qvh: Authenticated SQL Injection in Saltcorn Mobile Sync Endpoints

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-92JP-89MQ-4374: GHSA-92JP-89MQ-4374: Unauthenticated Sandbox Access and Context Leakage in OpenClaw
cverports profile

GHSA-92JP-89MQ-4374: GHSA-92JP-89MQ-4374: Unauthenticated Sandbox Access and Context Leakage in OpenClaw

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-3G92-F9CH-QJCM: GHSA-3G92-F9CH-QJCM: Cryptographic Hash Collision in Plonky3 p3-symmetric Sponge Construction
cverports profile

GHSA-3G92-F9CH-QJCM: GHSA-3G92-F9CH-QJCM: Cryptographic Hash Collision in Plonky3 p3-symmetric Sponge Construction

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FV5P-P927-QMXR: GHSA-FV5P-P927-QMXR: SSRF via Redirect Bypass in LangChain HTMLHeaderTextSplitter
cverports profile

GHSA-FV5P-P927-QMXR: GHSA-FV5P-P927-QMXR: SSRF via Redirect Bypass in LangChain HTMLHeaderTextSplitter

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-26171: CVE-2026-26171: Denial of Service in .NET System.Security.Cryptography.Xml
cverports profile

CVE-2026-26171: CVE-2026-26171: Denial of Service in .NET System.Security.Cryptography.Xml

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-32178: CVE-2026-32178: SMTP Header Injection and Protocol Smuggling in .NET System.Net.Mail
cverports profile

CVE-2026-32178: CVE-2026-32178: SMTP Header Injection and Protocol Smuggling in .NET System.Net.Mail

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-32203: CVE-2026-32203: Stack-based Buffer Overflow in .NET Cryptography XML Processing
cverports profile

CVE-2026-32203: CVE-2026-32203: Stack-based Buffer Overflow in .NET Cryptography XML Processing

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33116: CVE-2026-33116: Denial of Service via XML Encryption Circular References in .NET
cverports profile

CVE-2026-33116: CVE-2026-33116: Denial of Service via XML Encryption Circular References in .NET

#security #cve #cybersecurity
Comments
2 min read
GHSA-R7W7-9XR2-QQ2R: GHSA-R7W7-9XR2-QQ2R: Server-Side Request Forgery via DNS Rebinding in langchain-openai
cverports profile

GHSA-R7W7-9XR2-QQ2R: GHSA-R7W7-9XR2-QQ2R: Server-Side Request Forgery via DNS Rebinding in langchain-openai

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-F3G8-9XV5-77GV: GHSA-f3g8-9xv5-77gv: Open Redirect in Saltcorn via Incomplete URL Validation
cverports profile

GHSA-F3G8-9XV5-77GV: GHSA-f3g8-9xv5-77gv: Open Redirect in Saltcorn via Incomplete URL Validation

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-6270: CVE-2026-6270: Authentication Bypass via Middleware Interpretation Conflict in Fastify Middie
cverports profile

CVE-2026-6270: CVE-2026-6270: Authentication Bypass via Middleware Interpretation Conflict in Fastify Middie

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39857: CVE-2026-39857: Information Disclosure via Authorization Bypass in ApostropheCMS REST API
cverports profile

CVE-2026-39857: CVE-2026-39857: Information Disclosure via Authorization Bypass in ApostropheCMS REST API

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33824: CVE-2026-33824: Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
cverports profile

CVE-2026-33824: CVE-2026-33824: Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

#security #cve #cybersecurity
Comments
2 min read
GHSA-33R3-4WHC-44C2: GHSA-33R3-4WHC-44C2: Path Traversal and Arbitrary File Write in vite-plus/binding
cverports profile

GHSA-33R3-4WHC-44C2: GHSA-33R3-4WHC-44C2: Path Traversal and Arbitrary File Write in vite-plus/binding

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-33805: CVE-2026-33805: Connection Header Abuse in @fastify/reply-from and @fastify/http-proxy
cverports profile

CVE-2026-33805: CVE-2026-33805: Connection Header Abuse in @fastify/reply-from and @fastify/http-proxy

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33807: CVE-2026-33807: Middleware Bypass via Path Interpretation Conflict in @fastify/express
cverports profile

CVE-2026-33807: CVE-2026-33807: Middleware Bypass via Path Interpretation Conflict in @fastify/express

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40175: CVE-2026-40175: Header Injection in Axios via Prototype Pollution Gadget
cverports profile

CVE-2026-40175: CVE-2026-40175: Header Injection in Axios via Prototype Pollution Gadget

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33808: CVE-2026-33808: Authentication Bypass via Path Normalization Drift in @fastify/express
cverports profile

CVE-2026-33808: CVE-2026-33808: Authentication Bypass via Path Normalization Drift in @fastify/express

#security #cve #cybersecurity
Comments
2 min read
GHSA-VP22-38M5-R39R: CVE-2026-33139: Arbitrary Code Execution via Sandbox Bypass in PySpector Plugin Validation
cverports profile

GHSA-VP22-38M5-R39R: CVE-2026-33139: Arbitrary Code Execution via Sandbox Bypass in PySpector Plugin Validation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33825: CVE-2026-33825: Local Privilege Escalation via TOCTOU in Microsoft Defender Signature Updates (BlueHammer)
cverports profile

CVE-2026-33825: CVE-2026-33825: Local Privilege Escalation via TOCTOU in Microsoft Defender Signature Updates (BlueHammer)

#security #cve #cybersecurity
Comments
2 min read
GHSA-RR7J-V2Q5-CHGV: GHSA-RR7J-V2Q5-CHGV: Streaming Token Redaction Bypass in LangSmith SDK
cverports profile

GHSA-RR7J-V2Q5-CHGV: GHSA-RR7J-V2Q5-CHGV: Streaming Token Redaction Bypass in LangSmith SDK

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-20147: CVE-2026-20147: Authenticated Remote Code Execution in Cisco Identity Services Engine (ISE)
cverports profile

CVE-2026-20147: CVE-2026-20147: Authenticated Remote Code Execution in Cisco Identity Services Engine (ISE)

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-32176: CVE-2026-32176: Elevation of Privilege via SQL Injection in Microsoft SQL Server
cverports profile

CVE-2026-32176: CVE-2026-32176: Elevation of Privilege via SQL Injection in Microsoft SQL Server

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-32167: CVE-2026-32167: Microsoft SQL Server Elevation of Privilege via Internal SQL Injection
cverports profile

CVE-2026-32167: CVE-2026-32167: Microsoft SQL Server Elevation of Privilege via Internal SQL Injection

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33120: CVE-2026-33120: Remote Code Execution via Untrusted Pointer Dereference in Microsoft SQL Server
cverports profile

CVE-2026-33120: CVE-2026-33120: Remote Code Execution via Untrusted Pointer Dereference in Microsoft SQL Server

#security #cve #cybersecurity
Comments
2 min read
GHSA-2689-5P89-6J3J: GHSA-2689-5P89-6J3J: Stack-Based Out-of-Bounds Write in UEFI Firmware Parser Tiano Decompressor
cverports profile

GHSA-2689-5P89-6J3J: GHSA-2689-5P89-6J3J: Stack-Based Out-of-Bounds Write in UEFI Firmware Parser Tiano Decompressor

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-5VJQ-5JMG-39XQ: GHSA-5VJQ-5JMG-39XQ: Remote Code Execution in Renovate via Bazel Lockfile Maintenance
cverports profile

GHSA-5VJQ-5JMG-39XQ: GHSA-5VJQ-5JMG-39XQ: Remote Code Execution in Renovate via Bazel Lockfile Maintenance

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-HM2W-VR2P-HQ7W: GHSA-HM2W-VR2P-HQ7W: Heap Out-of-Bounds Write in uefi-firmware-parser Tiano Decompressor
cverports profile

GHSA-HM2W-VR2P-HQ7W: GHSA-HM2W-VR2P-HQ7W: Heap Out-of-Bounds Write in uefi-firmware-parser Tiano Decompressor

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-JJ6C-8H6C-HPPX: GHSA-JJ6C-8H6C-HPPX: Uncontrolled Resource Consumption in pypdf via Malformed PDF Streams
cverports profile

GHSA-JJ6C-8H6C-HPPX: GHSA-JJ6C-8H6C-HPPX: Uncontrolled Resource Consumption in pypdf via Malformed PDF Streams

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-XP4F-G2CM-RHG7: GHSA-XP4F-G2CM-RHG7: Log Denial of Service via LoginPacket Resource Exhaustion in PocketMine-MP
cverports profile

GHSA-XP4F-G2CM-RHG7: GHSA-XP4F-G2CM-RHG7: Log Denial of Service via LoginPacket Resource Exhaustion in PocketMine-MP

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-2332: CVE-2026-2332: HTTP Request Smuggling in Eclipse Jetty via Chunked Extension Quoted-String Parsing
cverports profile

CVE-2026-2332: CVE-2026-2332: HTTP Request Smuggling in Eclipse Jetty via Chunked Extension Quoted-String Parsing

#security #cve #cybersecurity
Comments
2 min read
GHSA-2X79-GWQ3-VXXM: GHSA-2x79-gwq3-vxxm: Infinite Loop Denial of Service in facil.io and iodine JSON Parser
cverports profile

GHSA-2X79-GWQ3-VXXM: GHSA-2x79-gwq3-vxxm: Infinite Loop Denial of Service in facil.io and iodine JSON Parser

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2023-2640: CVE-2023-2640: Local Privilege Escalation in Ubuntu Kernel OverlayFS (GameOver(lay))
cverports profile

CVE-2023-2640: CVE-2023-2640: Local Privilege Escalation in Ubuntu Kernel OverlayFS (GameOver(lay))

#security #cve #cybersecurity
Comments
2 min read
GHSA-G4VJ-CJJJ-V7HG: GHSA-G4VJ-CJJJ-V7HG: Defense in Depth Update for NuGet Client Handling Resource Consumption and Log Disclosure
cverports profile

GHSA-G4VJ-CJJJ-V7HG: GHSA-G4VJ-CJJJ-V7HG: Defense in Depth Update for NuGet Client Handling Resource Consumption and Log Disclosure

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-34621: CVE-2026-34621: Prototype Pollution to Arbitrary Code Execution in Adobe Acrobat EScript Engine
cverports profile

CVE-2026-34621: CVE-2026-34621: Prototype Pollution to Arbitrary Code Execution in Adobe Acrobat EScript Engine

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34457: CVE-2026-34457: Authentication Bypass via User-Agent Spoofing in OAuth2 Proxy
cverports profile

CVE-2026-34457: CVE-2026-34457: Authentication Bypass via User-Agent Spoofing in OAuth2 Proxy

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40310: CVE-2026-40310: Heap-Based Out-of-Bounds Write in ImageMagick JP2 Encoder
cverports profile

CVE-2026-40310: CVE-2026-40310: Heap-Based Out-of-Bounds Write in ImageMagick JP2 Encoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40312: CVE-2026-40312: Off-by-One Heap Memory Corruption in ImageMagick MSL Decoder
cverports profile

CVE-2026-40312: CVE-2026-40312: Off-by-One Heap Memory Corruption in ImageMagick MSL Decoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40311: CVE-2026-40311: Heap Use-After-Free in ImageMagick XMP Profile Parsing
cverports profile

CVE-2026-40311: CVE-2026-40311: Heap Use-After-Free in ImageMagick XMP Profile Parsing

#security #cve #cybersecurity
Comments
2 min read
CVE-2023-36424: CVE-2023-36424: Windows Common Log File System (CLFS) Driver Elevation of Privilege
cverports profile

CVE-2023-36424: CVE-2023-36424: Windows Common Log File System (CLFS) Driver Elevation of Privilege

#security #cve #cybersecurity
Comments
2 min read
CVE-2025-0520: CVE-2025-0520: Unauthenticated Remote Code Execution via Unrestricted File Upload in ShowDoc
cverports profile

CVE-2025-0520: CVE-2025-0520: Unauthenticated Remote Code Execution via Unrestricted File Upload in ShowDoc

#security #cve #cybersecurity
Comments
2 min read
GHSA-CMXV-58FP-FM3G: GHSA-cmxv-58fp-fm3g: Cross-Domain Credential Leakage in AsyncHttpClient
cverports profile

GHSA-CMXV-58FP-FM3G: GHSA-cmxv-58fp-fm3g: Cross-Domain Credential Leakage in AsyncHttpClient

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-527G-3W9M-29HV: GHSA-527g-3w9m-29hv: LDAP Injection in mitmproxy proxyauth Addon
cverports profile

GHSA-527G-3W9M-29HV: GHSA-527g-3w9m-29hv: LDAP Injection in mitmproxy proxyauth Addon

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-R4Q5-VMMM-2653: GHSA-R4Q5-VMMM-2653: Information Exposure via Sensitive Header Leak in follow-redirects
cverports profile

GHSA-R4Q5-VMMM-2653: GHSA-R4Q5-VMMM-2653: Information Exposure via Sensitive Header Leak in follow-redirects

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-76HW-P97H-883F: GHSA-76hw-p97h-883f: Arbitrary File Write via Path Traversal in gdown Archive Extraction
cverports profile

GHSA-76HW-P97H-883F: GHSA-76hw-p97h-883f: Arbitrary File Write via Path Traversal in gdown Archive Extraction

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-32270: CVE-2026-32270: Information Disclosure in Craft Commerce Payments Controller
cverports profile

CVE-2026-32270: CVE-2026-32270: Information Disclosure in Craft Commerce Payments Controller

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34069: CVE-2026-34069: Remote Denial of Service via Reachable Assertion in Nimiq Albatross Consensus
cverports profile

CVE-2026-34069: CVE-2026-34069: Remote Denial of Service via Reachable Assertion in Nimiq Albatross Consensus

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-5724: CVE-2026-5724: Missing Authentication in Temporal gRPC Streaming Endpoint
cverports profile

CVE-2026-5724: CVE-2026-5724: Missing Authentication in Temporal gRPC Streaming Endpoint

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33900: CVE-2026-33900: Heap-Based Buffer Overflow via Integer Truncation in ImageMagick VIFF Encoder
cverports profile

CVE-2026-33900: CVE-2026-33900: Heap-Based Buffer Overflow via Integer Truncation in ImageMagick VIFF Encoder

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34238: CVE-2026-34238: Heap Buffer Overflow in ImageMagick Despeckle Operation
cverports profile

CVE-2026-34238: CVE-2026-34238: Heap Buffer Overflow in ImageMagick Despeckle Operation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-33899: CVE-2026-33899: Heap-Based Buffer Overflow via Integer Underflow in ImageMagick XML Parser
cverports profile

CVE-2026-33899: CVE-2026-33899: Heap-Based Buffer Overflow via Integer Underflow in ImageMagick XML Parser

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-28291: CVE-2026-28291: Command Execution via Option-Parsing Bypass in simple-git
cverports profile

CVE-2026-28291: CVE-2026-28291: Command Execution via Option-Parsing Bypass in simple-git

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-23891: CVE-2026-23891: Critical Stored Cross-Site Scripting (XSS) in Decidim User Profiles
cverports profile

CVE-2026-23891: CVE-2026-23891: Critical Stored Cross-Site Scripting (XSS) in Decidim User Profiles

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-27654: CVE-2026-27654: Heap-based Buffer Overflow in NGINX ngx_http_dav_module via Integer Underflow
cverports profile

CVE-2026-27654: CVE-2026-27654: Heap-based Buffer Overflow in NGINX ngx_http_dav_module via Integer Underflow

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40097: CVE-2026-40097: Index Out-of-Bounds Panic in Step CA TPM Attestation
cverports profile

CVE-2026-40097: CVE-2026-40097: Index Out-of-Bounds Panic in Step CA TPM Attestation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40109: CVE-2026-40109: Improper Authentication in Flux notification-controller GCR Receiver
cverports profile

CVE-2026-40109: CVE-2026-40109: Improper Authentication in Flux notification-controller GCR Receiver

#security #cve #cybersecurity
Comments
2 min read
GHSA-6V7Q-WJVX-W8WG: GHSA-6V7Q-WJVX-W8WG: Arbitrary FTP Command Execution via CRLF Injection in basic-ftp
cverports profile

GHSA-6V7Q-WJVX-W8WG: GHSA-6V7Q-WJVX-W8WG: Arbitrary FTP Command Execution via CRLF Injection in basic-ftp

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FFQ7-898W-9JC4: GHSA-FFQ7-898W-9JC4: Stored Cross-Site Scripting via SVG Upload in DotNetNuke
cverports profile

GHSA-FFQ7-898W-9JC4: GHSA-FFQ7-898W-9JC4: Stored Cross-Site Scripting via SVG Upload in DotNetNuke

#security #cve #cybersecurity #ghsa
Comments
2 min read
loading...