DEV Community

CVE Reports profile picture

CVE Reports

CVEReports provides daily, automated deep-dives into the latest vulnerabilities, transforming emerging threats into comprehensive technical intelligence.

Joined Joined on  Personal website https://www.cvereports.com
CVE-2026-23899: CVE-2026-23899: Improper Access Check in Joomla! com_config Webservices
cverports profile

CVE-2026-23899: CVE-2026-23899: Improper Access Check in Joomla! com_config Webservices

#security #cve #cybersecurity
Comments
2 min read
GHSA-F3CJ-J4F6-WQ85: GHSA-f3cj-j4f6-wq85: Server-Side Rendering Cross-Site Scripting in Svelte hydratable Promises
cverports profile

GHSA-F3CJ-J4F6-WQ85: GHSA-f3cj-j4f6-wq85: Server-Side Rendering Cross-Site Scripting in Svelte hydratable Promises

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-WF8Q-WVV8-P8JF: GHSA-WF8Q-WVV8-P8JF: Unauthenticated User Impersonation in MCPHub SSE Endpoint
cverports profile

GHSA-WF8Q-WVV8-P8JF: GHSA-WF8Q-WVV8-P8JF: Unauthenticated User Impersonation in MCPHub SSE Endpoint

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-GXHX-2686-5H9G: GHSA-gxhx-2686-5h9g: Signature Verification Bypass in slack-go via Empty SecretsVerifier
cverports profile

GHSA-GXHX-2686-5H9G: GHSA-gxhx-2686-5h9g: Signature Verification Bypass in slack-go via Empty SecretsVerifier

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-42897: CVE-2026-42897: Reflected Cross-Site Scripting in Microsoft Exchange Server OWA
cverports profile

CVE-2026-42897: CVE-2026-42897: Reflected Cross-Site Scripting in Microsoft Exchange Server OWA

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-45369: CVE-2026-45369: OS Command Injection in python-utcp CLI Protocol
cverports profile

CVE-2026-45369: CVE-2026-45369: OS Command Injection in python-utcp CLI Protocol

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-45370: CVE-2026-45370: Environment Variable Leak in python-utcp CLI Subprocesses
cverports profile

CVE-2026-45370: CVE-2026-45370: Environment Variable Leak in python-utcp CLI Subprocesses

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-45411: CVE-2026-45411: Remote Code Execution via Sandbox Escape in vm2 Async Generator Implementation
cverports profile

CVE-2026-45411: CVE-2026-45411: Remote Code Execution via Sandbox Escape in vm2 Async Generator Implementation

#security #cve #cybersecurity
Comments
2 min read
GHSA-7RX4-C5VX-G8W3: GHSA-7RX4-C5VX-G8W3: Server-Side Request Forgery Bypass in Karakeep Metadata Extraction Workers
cverports profile

GHSA-7RX4-C5VX-G8W3: GHSA-7RX4-C5VX-G8W3: Server-Side Request Forgery Bypass in Karakeep Metadata Extraction Workers

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-9M65-766C-R333: GHSA-9M65-766C-R333: Type Confusion in Seroval Leading to Unintended Function Execution in TanStack Start
cverports profile

GHSA-9M65-766C-R333: GHSA-9M65-766C-R333: Type Confusion in Seroval Leading to Unintended Function Execution in TanStack Start

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-7G73-99R4-M4MJ: GHSA-7G73-99R4-M4MJ: Credential Data Leak in FlowiseAI API Responses
cverports profile

GHSA-7G73-99R4-M4MJ: GHSA-7G73-99R4-M4MJ: Credential Data Leak in FlowiseAI API Responses

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-42793: CVE-2026-42793: Unauthenticated Remote Denial of Service in Absinthe GraphQL via Atom Exhaustion
cverports profile

CVE-2026-42793: CVE-2026-42793: Unauthenticated Remote Denial of Service in Absinthe GraphQL via Atom Exhaustion

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-43967: CVE-2026-43967: Denial of Service via Algorithmic Complexity in Absinthe GraphQL Fragment Validation
cverports profile

CVE-2026-43967: CVE-2026-43967: Denial of Service via Algorithmic Complexity in Absinthe GraphQL Fragment Validation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-8178: CVE-2026-8178: Remote Code Execution via Unsafe Reflection in Amazon Redshift JDBC Driver
cverports profile

CVE-2026-8178: CVE-2026-8178: Remote Code Execution via Unsafe Reflection in Amazon Redshift JDBC Driver

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42945: CVE-2026-42945: Heap-based Buffer Overflow in NGINX ngx_http_rewrite_module
cverports profile

CVE-2026-42945: CVE-2026-42945: Heap-based Buffer Overflow in NGINX ngx_http_rewrite_module

#security #cve #cybersecurity
Comments
2 min read
GHSA-VW82-7FV8-R6GP: GHSA-vw82-7fv8-r6gp: Authorization Bypass in Obot MCP Gateway via Insecure Route Configuration
cverports profile

GHSA-VW82-7FV8-R6GP: GHSA-vw82-7fv8-r6gp: Authorization Bypass in Obot MCP Gateway via Insecure Route Configuration

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-V25J-WQCW-FVHJ: GHSA-V25J-WQCW-FVHJ: Uncontrolled Resource Consumption via Unbounded Date Sequences in wger
cverports profile

GHSA-V25J-WQCW-FVHJ: GHSA-V25J-WQCW-FVHJ: Uncontrolled Resource Consumption via Unbounded Date Sequences in wger

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-429Q-FHH4-R6HJ: GHSA-429Q-FHH4-R6HJ: Account Substitution via Discriminator Bypass in Anchor InterfaceAccount
cverports profile

GHSA-429Q-FHH4-R6HJ: GHSA-429Q-FHH4-R6HJ: Account Substitution via Discriminator Bypass in Anchor InterfaceAccount

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-44738: CVE-2026-44738: Grav CMS Twig Sandbox Information Disclosure via Config::toArray()
cverports profile

CVE-2026-44738: CVE-2026-44738: Grav CMS Twig Sandbox Information Disclosure via Config::toArray()

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-45091: CVE-2026-45091: Cleartext TOTP Secret Exposure in sealed-env JWS Tokens
cverports profile

CVE-2026-45091: CVE-2026-45091: Cleartext TOTP Secret Exposure in sealed-env JWS Tokens

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-32686: CVE-2026-32686: Unbounded Exponent Resource Exhaustion in ericmj/decimal
cverports profile

CVE-2026-32686: CVE-2026-32686: Unbounded Exponent Resource Exhaustion in ericmj/decimal

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-43284: CVE-2026-43284: "Dirty Frag" Local Privilege Escalation via Linux Kernel Page Cache Corruption
cverports profile

CVE-2026-43284: CVE-2026-43284: "Dirty Frag" Local Privilege Escalation via Linux Kernel Page Cache Corruption

#security #cve #cybersecurity
Comments
3 min read
CVE-2026-45321: CVE-2026-45321: Critical Supply Chain Compromise in @tanstack Packages via GitHub Actions Misconfiguration
cverports profile

CVE-2026-45321: CVE-2026-45321: Critical Supply Chain Compromise in @tanstack Packages via GitHub Actions Misconfiguration

#security #cve #cybersecurity
Comments
3 min read
CVE-2026-27478: CVE-2026-27478: Authentication Bypass via Dynamic JWKS Discovery in Unity Catalog
cverports profile

CVE-2026-27478: CVE-2026-27478: Authentication Bypass via Dynamic JWKS Discovery in Unity Catalog

#security #cve #cybersecurity
Comments
2 min read
GHSA-MHWJ-73QX-JQXM: GHSA-MHWJ-73QX-JQXM: Prototype Pollution in @theecryptochad/merge-guard via deepMerge()
cverports profile

GHSA-MHWJ-73QX-JQXM: GHSA-MHWJ-73QX-JQXM: Prototype Pollution in @theecryptochad/merge-guard via deepMerge()

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-40217: CVE-2026-40217: Remote Code Execution via Sandbox Escape in LiteLLM
cverports profile

CVE-2026-40217: CVE-2026-40217: Remote Code Execution via Sandbox Escape in LiteLLM

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-44643: CVE-2026-44643: Sandbox Escape and Remote Code Execution in angular-expressions
cverports profile

CVE-2026-44643: CVE-2026-44643: Sandbox Escape and Remote Code Execution in angular-expressions

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-44340: CVE-2026-44340: Arbitrary File Write via Symlink Traversal in PraisonAI Tar Extraction
cverports profile

CVE-2026-44340: CVE-2026-44340: Arbitrary File Write via Symlink Traversal in PraisonAI Tar Extraction

#security #cve #cybersecurity
Comments
2 min read
CVE-2023-49316: CVE-2023-49316: Denial of Service via Unbounded Degree in phpseclib Binary Finite Fields
cverports profile

CVE-2023-49316: CVE-2023-49316: Denial of Service via Unbounded Degree in phpseclib Binary Finite Fields

#security #cve #cybersecurity
Comments
2 min read
GHSA-MV93-W799-CJ2W: GHSA-MV93-W799-CJ2W: Remote Code Execution via Config Section Injection in GitPython
cverports profile

GHSA-MV93-W799-CJ2W: GHSA-MV93-W799-CJ2W: Remote Code Execution via Config Section Injection in GitPython

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-6860: CVE-2026-6860: Unbounded SNI Cache Growth in Eclipse Vert.x
cverports profile

CVE-2026-6860: CVE-2026-6860: Unbounded SNI Cache Growth in Eclipse Vert.x

#security #cve #cybersecurity
1
Comments
2 min read
GHSA-V6WJ-C83F-V46X: GHSA-v6wj-c83f-v46x: Critical OS Command Injection in @profullstack/mcp-server domain_lookup Module
cverports profile

GHSA-V6WJ-C83F-V46X: GHSA-v6wj-c83f-v46x: Critical OS Command Injection in @profullstack/mcp-server domain_lookup Module

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-QHH4-458H-XWH2: GHSA-qhh4-458h-xwh2: Credential Leakage via Origin Validation Error in cdxgen
cverports profile

GHSA-QHH4-458H-XWH2: GHSA-qhh4-458h-xwh2: Credential Leakage via Origin Validation Error in cdxgen

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-32689: CVE-2026-32689: Denial of Service in Phoenix Framework LongPoll Transport via NDJSON Payload Amplification
cverports profile

CVE-2026-32689: CVE-2026-32689: Denial of Service in Phoenix Framework LongPoll Transport via NDJSON Payload Amplification

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-44499: CVE-2026-44499: Permanent Block Discovery Halt in Zebra via Gossip Queue Saturation
cverports profile

CVE-2026-44499: CVE-2026-44499: Permanent Block Discovery Halt in Zebra via Gossip Queue Saturation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-6322: CVE-2026-6322: Host Confusion via Interpretation Conflict in fast-uri
cverports profile

CVE-2026-6322: CVE-2026-6322: Host Confusion via Interpretation Conflict in fast-uri

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-43944: CVE-2026-43944: Arbitrary Local Code Execution in electerm via Malicious Deep Links
cverports profile

CVE-2026-43944: CVE-2026-43944: Arbitrary Local Code Execution in electerm via Malicious Deep Links

#security #cve #cybersecurity
Comments
2 min read
GHSA-7HGR-XVRR-XPW3: GHSA-7HGR-XVRR-XPW3: Session Persistence After Password Change in Nhost hasura-auth
cverports profile

GHSA-7HGR-XVRR-XPW3: GHSA-7HGR-XVRR-XPW3: Session Persistence After Password Change in Nhost hasura-auth

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-6321: CVE-2026-6321: Path Traversal in fast-uri via Improper Normalization Order
cverports profile

CVE-2026-6321: CVE-2026-6321: Path Traversal in fast-uri via Improper Normalization Order

#security #cve #cybersecurity
Comments
2 min read
GHSA-8G7G-HMWM-6RV2: GHSA-8g7g-hmwm-6rv2: Path Traversal, SSRF, and Information Exposure in n8n-mcp
cverports profile

GHSA-8G7G-HMWM-6RV2: GHSA-8g7g-hmwm-6rv2: Path Traversal, SSRF, and Information Exposure in n8n-mcp

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-2CM2-M3W5-GP2F: GHSA-2CM2-M3W5-GP2F: Remote Code Execution via Transformer Bypass in vm2
cverports profile

GHSA-2CM2-M3W5-GP2F: GHSA-2CM2-M3W5-GP2F: Remote Code Execution via Transformer Bypass in vm2

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-3V85-FQVH-7RXF: GHSA-3V85-FQVH-7RXF: Stored Cross-Site Scripting in Ech0 RSS Feed Generation
cverports profile

GHSA-3V85-FQVH-7RXF: GHSA-3V85-FQVH-7RXF: Stored Cross-Site Scripting in Ech0 RSS Feed Generation

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-RGJ7-VG8V-J4WR: GHSA-RGJ7-VG8V-J4WR: Unauthenticated Engagement Metric Inflation in Ech0
cverports profile

GHSA-RGJ7-VG8V-J4WR: GHSA-RGJ7-VG8V-J4WR: Unauthenticated Engagement Metric Inflation in Ech0

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-PJ6Q-4VQ4-R8CG: GHSA-PJ6Q-4VQ4-R8CG: Unauthenticated Resource Exhaustion and State Manipulation in Ech0 API
cverports profile

GHSA-PJ6Q-4VQ4-R8CG: GHSA-PJ6Q-4VQ4-R8CG: Unauthenticated Resource Exhaustion and State Manipulation in Ech0 API

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-8MC6-XJPR-H98X: GHSA-8MC6-XJPR-H98X: Server-Side Request Forgery (SSRF) in Ech0 fetchPeerConnectInfo
cverports profile

GHSA-8MC6-XJPR-H98X: GHSA-8MC6-XJPR-H98X: Server-Side Request Forgery (SSRF) in Ech0 fetchPeerConnectInfo

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FPW6-HRG5-Q5X5: GHSA-FPW6-HRG5-Q5X5: Irrevocable Access Tokens and Nil-Pointer Dereference in Ech0
cverports profile

GHSA-FPW6-HRG5-Q5X5: GHSA-FPW6-HRG5-Q5X5: Irrevocable Access Tokens and Nil-Pointer Dereference in Ech0

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-J7H9-2JH7-G967: GHSA-j7h9-2jh7-g967: Path Policy Bypass and Timing Side-Channel in mcp-ssh-tool
cverports profile

GHSA-J7H9-2JH7-G967: GHSA-j7h9-2jh7-g967: Path Policy Bypass and Timing Side-Channel in mcp-ssh-tool

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-V7QW-HX66-4W9X: GHSA-v7qw-hx66-4w9x: Stored Cross-Site Scripting (XSS) in NetBox Data Flows Plugin
cverports profile

GHSA-V7QW-HX66-4W9X: GHSA-v7qw-hx66-4w9x: Stored Cross-Site Scripting (XSS) in NetBox Data Flows Plugin

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-P64J-F4X9-WQ66: GHSA-P64J-F4X9-WQ66: OAuth Redirect URI Path Truncation in Ech0 Leads to Authorization Code Theft
cverports profile

GHSA-P64J-F4X9-WQ66: GHSA-P64J-F4X9-WQ66: OAuth Redirect URI Path Truncation in Ech0 Leads to Authorization Code Theft

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-54PG-9963-V8VG: GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in intercom-client
cverports profile

GHSA-54PG-9963-V8VG: GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in intercom-client

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-GR3R-CRP5-QRRM: GHSA-GR3R-CRP5-QRRM: Supply Chain Compromise in intercom-php via Malicious Composer Plugin
cverports profile

GHSA-GR3R-CRP5-QRRM: GHSA-GR3R-CRP5-QRRM: Supply Chain Compromise in intercom-php via Malicious Composer Plugin

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-39804: CVE-2026-39804: Remote Code Execution and DoS via Bandit WebSocket Permessage-Deflate Resource Exhaustion
cverports profile

CVE-2026-39804: CVE-2026-39804: Remote Code Execution and DoS via Bandit WebSocket Permessage-Deflate Resource Exhaustion

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42786: CVE-2026-42786: Unbounded WebSocket Fragmented Message Reassembly Denial of Service in Bandit
cverports profile

CVE-2026-42786: CVE-2026-42786: Unbounded WebSocket Fragmented Message Reassembly Denial of Service in Bandit

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-20188: CVE-2026-20188: Uncontrolled Resource Consumption in Cisco CNC and NSO
cverports profile

CVE-2026-20188: CVE-2026-20188: Uncontrolled Resource Consumption in Cisco CNC and NSO

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-39805: CVE-2026-39805: CL.CL HTTP Request Smuggling in Bandit Web Server
cverports profile

CVE-2026-39805: CVE-2026-39805: CL.CL HTTP Request Smuggling in Bandit Web Server

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-39807: CVE-2026-39807: Transport-State Spoofing via Untrusted URI Scheme in Bandit HTTP Server
cverports profile

CVE-2026-39807: CVE-2026-39807: Transport-State Spoofing via Untrusted URI Scheme in Bandit HTTP Server

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42788: CVE-2026-42788: HTTP/2 Frame Size Limit Bypass and Memory Exhaustion in Bandit
cverports profile

CVE-2026-42788: CVE-2026-42788: HTTP/2 Frame Size Limit Bypass and Memory Exhaustion in Bandit

#security #cve #cybersecurity
1
Comments
2 min read
GHSA-MMPX-JH39-WRV6: GHSA-MMPX-JH39-WRV6: Stored Cross-Site Scripting in FileBrowser Quantum via SVG Rendering
cverports profile

GHSA-MMPX-JH39-WRV6: GHSA-MMPX-JH39-WRV6: Stored Cross-Site Scripting in FileBrowser Quantum via SVG Rendering

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
GHSA-FPF5-4JW8-67X8: GHSA-FPF5-4JW8-67X8: Unbounded Memory Allocation in rust-zserio
cverports profile

GHSA-FPF5-4JW8-67X8: GHSA-FPF5-4JW8-67X8: Unbounded Memory Allocation in rust-zserio

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
GHSA-FC67-C4HG-Q653: CVE-2026-7461: OS Command Injection in Amazon ECS Agent for Windows via FSx Volume Credentials
cverports profile

GHSA-FC67-C4HG-Q653: CVE-2026-7461: OS Command Injection in Amazon ECS Agent for Windows via FSx Volume Credentials

#security #cve #cybersecurity
1
Comments
2 min read
loading...