Total
94 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-44599 | 1 Torproject | 1 Tor | 2026-05-07 | N/A | 3.7 LOW |
| Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008. | |||||
| CVE-2026-42997 | 2026-05-07 | N/A | 7.7 HIGH | ||
| An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token (which provides access to all OpenStack services Ironic is authorized for); or basic credentials configured for molds storage. The fixed versions are 26.1.6, 29.0.5, 32.0.1, and 35.0.1. | |||||
| CVE-2026-32772 | 1 Gnu | 1 Inetutils | 2026-05-05 | N/A | 3.4 LOW |
| telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR. | |||||
| CVE-2026-40228 | 1 Systemd Project | 1 Systemd | 2026-05-05 | N/A | 2.9 LOW |
| In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set. | |||||
| CVE-2026-40552 | 2026-04-28 | N/A | N/A | ||
| mpGabinet is vulnerable to Remote Command Execution. An authorized user with access to the application and direct access to the backend database can achieve system command execution by uploading an attachment and modifying its storage path in the database to reference an attacker-controlled remote network resource. Alternatively, it is possible to use a previously uploaded file and change its reference. When the application processes the attachment, and a user tries to open it, the referenced resource is executed by the system. Critically, this vulnerability can be exploited by any unauthenticated attacker by chaining it with CVE-2026-40550 and CVE-2026-40551, which allows obtaining database access, and logging onto any account. This issue affects mpGabinet version 23.12.19 and below. | |||||
| CVE-2026-40225 | 1 Systemd Project | 1 Systemd | 2026-04-27 | N/A | 6.4 MEDIUM |
| In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. | |||||
| CVE-2026-41030 | 2026-04-17 | N/A | 6.2 MEDIUM | ||
| In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges. | |||||
| CVE-2026-35544 | 1 Roundcube | 1 Webmail | 2026-04-09 | N/A | 5.3 MEDIUM |
| An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important. | |||||
| CVE-2026-35540 | 1 Roundcube | 1 Webmail | 2026-04-07 | N/A | 5.4 MEDIUM |
| An issue was discovered in Roundcube Webmail 1.6.0 before 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. | |||||
| CVE-2026-35542 | 1 Roundcube | 1 Webmail | 2026-04-07 | N/A | 5.3 MEDIUM |
| An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via a crafted background attribute of a BODY element in an e-mail message. This may lead to information disclosure or access-control bypass. | |||||
| CVE-2026-35543 | 1 Roundcube | 1 Webmail | 2026-04-07 | N/A | 5.3 MEDIUM |
| An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content (with animate attributes) in an e-mail message. This may lead to information disclosure or access-control bypass. | |||||
| CVE-2026-35545 | 1 Roundcube | 1 Webmail | 2026-04-07 | N/A | 5.3 MEDIUM |
| An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke. | |||||
| CVE-2026-33265 | 1 Librechat | 1 Librechat | 2026-03-24 | N/A | 6.3 MEDIUM |
| In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API. | |||||
| CVE-2025-41660 | 2026-03-24 | N/A | 8.8 HIGH | ||
| A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution. | |||||