DEV Community

# cve

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
CVE-2026-22892: Confused Deputy in the Chatroom: Dissecting CVE-2026-22892
cverports profile

CVE-2026-22892: Confused Deputy in the Chatroom: Dissecting CVE-2026-22892

#security #cve #cybersecurity
Comments
2 min read
CVE-2025-33042: Schema to Shell: Unpacking the Apache Avro Code Injection Vulnerability
cverports profile

CVE-2025-33042: Schema to Shell: Unpacking the Apache Avro Code Injection Vulnerability

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-26273: The Over-Helpful Doorman: Full Account Takeover in 'Known' CMS
cverports profile

CVE-2026-26273: The Over-Helpful Doorman: Full Account Takeover in 'Known' CMS

#security #cve #cybersecurity
Comments
2 min read
GHSA-8WC6-VGRQ-X6CF: Renovate's TMI: When Automation Leaks the Keys to the Kingdom
cverports profile

GHSA-8WC6-VGRQ-X6CF: Renovate's TMI: When Automation Leaks the Keys to the Kingdom

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-7587-4WV6-M68M: Panic at the Keyring: Crashing rPGP with a Single Byte
cverports profile

GHSA-7587-4WV6-M68M: Panic at the Keyring: Crashing rPGP with a Single Byte

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-26187: CVE-2026-26187: escaping the Lake with a Path Traversal Two-Step
cverports profile

CVE-2026-26187: CVE-2026-26187: escaping the Lake with a Path Traversal Two-Step

#security #cve #cybersecurity
Comments
2 min read
GHSA-XX7M-69FF-9CRP: SurrealDB's Poison Pill: Crashing the Database with a Single String
cverports profile

GHSA-XX7M-69FF-9CRP: SurrealDB's Poison Pill: Crashing the Database with a Single String

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-2391: Death by a Thousand Commas: Deep Dive into CVE-2026-2391
cverports profile

CVE-2026-2391: Death by a Thousand Commas: Deep Dive into CVE-2026-2391

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-26185: Clockwatching: Enumerating Directus Users via Timing Side-Channels
cverports profile

CVE-2026-26185: Clockwatching: Enumerating Directus Users via Timing Side-Channels

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-25759: Command Pwned: Stored XSS in Statamic's Command Palette
cverports profile

CVE-2026-25759: Command Pwned: Stored XSS in Statamic's Command Palette

#security #cve #cybersecurity
Comments
2 min read
GHSA-435G-FCV3-8J26: High Assurance, Low Availability: The Libcrux Triple Threat
cverports profile

GHSA-435G-FCV3-8J26: High Assurance, Low Availability: The Libcrux Triple Threat

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-7PPG-37FH-VCR6: Vector Injection? No, Just Regular Injection: Milvus Critical Auth Bypass
cverports profile

GHSA-7PPG-37FH-VCR6: Vector Injection? No, Just Regular Injection: Milvus Critical Auth Bypass

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-25990: Pillow Fight: Weaponizing Photoshop Files via OOB Writes
cverports profile

CVE-2026-25990: Pillow Fight: Weaponizing Photoshop Files via OOB Writes

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-25949: Traefik's Eternal Wait: Bypassing TCP Timeouts with Postgres Magic Bytes
cverports profile

CVE-2026-25949: Traefik's Eternal Wait: Bypassing TCP Timeouts with Postgres Magic Bytes

#security #cve #cybersecurity
Comments
2 min read
CVE-2025-66630: The Null Identity: Unmasking Fiber's Critical 'Zero-UUID' Vulnerability
cverports profile

CVE-2025-66630: The Null Identity: Unmasking Fiber's Critical 'Zero-UUID' Vulnerability

#security #cve #cybersecurity
Comments
2 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.