Total
9174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-21722 | 1 Grafana | 1 Grafana | 2026-06-17 | N/A | 5.3 MEDIUM |
| Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any annotations that would not otherwise be visible on the public dashboard. | |||||
| CVE-2026-21626 | 1 Stackideas | 1 Easydiscuss | 2026-06-17 | N/A | 7.5 HIGH |
| Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure | |||||
| CVE-2026-21532 | 1 Microsoft | 1 Azure Functions | 2026-06-17 | N/A | 8.2 HIGH |
| Azure Function Information Disclosure Vulnerability | |||||
| CVE-2026-21524 | 1 Microsoft | 1 Azure Data Explorer | 2026-06-17 | N/A | 7.4 HIGH |
| Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2026-21515 | 1 Microsoft | 1 Azure Iot Central | 2026-06-17 | N/A | 9.9 CRITICAL |
| Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2026-21260 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2026-06-17 | N/A | 7.5 HIGH |
| Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2026-20939 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-20937 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-20932 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-20862 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-20847 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network. | |||||
| CVE-2026-20827 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-20823 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-20821 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-06-17 | N/A | 6.2 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2026-20805 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally. | |||||
| CVE-2026-20800 | 1 Gitea | 1 Gitea | 2026-06-17 | N/A | 6.5 MEDIUM |
| Gitea's notification API does not re-validate repository access permissions when returning notification details. After a user's access to a private repository is revoked, they may still view issue and pull request titles through previously received notifications. | |||||
| CVE-2026-20730 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client | 2026-06-17 | N/A | 3.3 LOW |
| A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2026-20682 | 1 Apple | 2 Ipados, Iphone Os | 2026-06-17 | N/A | 5.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An attacker may be able to discover a user’s deleted notes. | |||||
| CVE-2026-20681 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 3.3 LOW |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26.3. An app may be able to access information about a user's contacts. | |||||
| CVE-2026-20680 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 6.5 MEDIUM |
| The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. A sandboxed app may be able to access sensitive user data. | |||||