1015 items
Unread (2154) All Dismissed
HIGH
CVE-2026-7818 (CVSS 7) — Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSessionManager. The session mana...
NVD CVE-2026-7818 26d ago
HIGH
CVE-2025-10470 (CVSS 8.6) — The Magic Link authentication flow accepts multiple invalid authentication requests without adequate...
NVD CVE-2025-10470 26d ago
HIGH
CVE-2026-44400 (CVSS 8.1) — MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in ...
NVD CVE-2026-44400 28d ago
HIGH
CVE-2026-7807 (CVSS 8.1) — SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /a...
NVD CVE-2026-7807 28d ago
HIGH
CVE-2026-43967 (CVSS 0) — Inefficient Algorithmic Complexity vulnerability in absinthe-graphql absinthe allows unauthenticated...
NVD CVE-2026-43967 29d ago
HIGH
CVE-2026-42793 (CVSS 0) — Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allo...
NVD CVE-2026-42793 29d ago
HIGH
CVE-2026-43460 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-f...
NVD CVE-2026-43460 29d ago
HIGH
CVE-2026-43458 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty->link re...
NVD CVE-2026-43458 29d ago
HIGH
CVE-2026-43453 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: fix ...
NVD CVE-2026-43453 29d ago
HIGH
CVE-2026-43450 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_cthelper: ...
NVD CVE-2026-43450 29d ago
HIGH
CVE-2026-43449 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix slab-out-of-bound...
NVD CVE-2026-43449 29d ago
HIGH
CVE-2026-43440 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: net/mana: Null service_wq on se...
NVD CVE-2026-43440 29d ago
HIGH
CVE-2026-43427 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reorde...
NVD CVE-2026-43427 29d ago
HIGH
CVE-2026-43426 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: fix use-aft...
NVD CVE-2026-43426 29d ago
HIGH
CVE-2026-43388 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walk_contr...
NVD CVE-2026-43388 29d ago
HIGH
CVE-2026-43386 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potenti...
NVD CVE-2026-43386 29d ago
HIGH
CVE-2026-43380 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: hwmon: (pmbus/q54sj108a2) fix s...
NVD CVE-2026-43380 29d ago
HIGH
CVE-2026-43378 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free...
NVD CVE-2026-43378 29d ago
HIGH
CVE-2026-43328 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double f...
NVD CVE-2026-43328 29d ago
HIGH
CVE-2026-41900 (CVSS 8.8) — OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3...
NVD CVE-2026-41900 29d ago
HIGH
CVE-2026-42010 (CVSS 7.1) — A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key)...
NVD CVE-2026-42010 30d ago
HIGH
CVE-2026-43281 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds ...
NVD CVE-2026-43281 31d ago
HIGH
CVE-2026-43059 (CVSS 0) — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix list corru...
NVD CVE-2026-43059 32d ago
HIGH
CVE-2026-43616 (CVSS 7.1) — Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write ...
NVD CVE-2026-43616 32d ago
HIGH
CVE-2026-37540 (CVSS 8.4) — OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. ...
NVD CVE-2026-37540 35d ago
HIGH
CVE-2026-43052 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check tdls flag...
NVD CVE-2026-43052 36d ago
HIGH
CVE-2026-31702 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi...
NVD CVE-2026-31702CVE-2026-23234 36d ago
HIGH
CVE-2026-31696 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation o...
NVD CVE-2026-31696 36d ago
HIGH
CVE-2026-43001 (CVSS 7.9) — An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate t...
NVD CVE-2026-43001 36d ago
HIGH
CVE-2026-33845 (CVSS 7.5) — A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero off...
NVD CVE-2026-33845 36d ago
HIGH
CVE-2026-5781 (CVSS 8.8) — An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/updat...
NVD CVE-2026-5781 39d ago
HIGH
CVE-2026-3087 (CVSS 7.5) — If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive...
NVD CVE-2026-3087 39d ago
HIGH
CVE-2026-31686 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: mm/kasan: fix double free for k...
NVD CVE-2026-31686 39d ago
HIGH
CVE-2026-32688 (CVSS 0) — Allocation of Resources Without Limits or Throttling vulnerability in elixir-plug plug_cowboy allows...
NVD CVE-2026-32688 40d ago
HIGH
CVE-2026-7101 (CVSS 8.8) — A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of ...
NVD CVE-2026-7101 40d ago
HIGH
CVE-2026-31583 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-fr...
NVD CVE-2026-31583 43d ago
HIGH
CVE-2026-31581 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free...
NVD CVE-2026-31581 43d ago
HIGH
CVE-2026-31580 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: bcache: fix cached_dev.sb_bio u...
NVD CVE-2026-31580 43d ago
HIGH
CVE-2026-31578 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: media: as102: fix to not free m...
NVD CVE-2026-31578 43d ago
HIGH
CVE-2026-31576 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: media: hackrf: fix to not free ...
NVD CVE-2026-31576 43d ago
HIGH
CVE-2026-6947 (CVSS 7.5) — DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability, al...
NVD CVE-2026-6947 43d ago
HIGH
CVE-2026-41205 (CVSS 7.5) — Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vuln...
NVD CVE-2026-41205 43d ago
HIGH
CVE-2026-31532 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-afte...
NVD CVE-2026-31532 44d ago
HIGH
CVE-2026-31527 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use gene...
NVD CVE-2026-31527 45d ago
HIGH
CVE-2026-31500 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize b...
NVD CVE-2026-31500 45d ago
HIGH
CVE-2026-31489 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-pu...
NVD CVE-2026-31489 45d ago
HIGH
CVE-2026-31455 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushin...
NVD CVE-2026-31455 45d ago
HIGH
CVE-2026-6855 (CVSS 7.1) — A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in th...
NVD CVE-2026-6855 45d ago
HIGH
CVE-2026-40938 (CVSS 7.5) — Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting ...
NVD CVE-2026-40938 45d ago
HIGH
CVE-2026-31430 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access...
NVD CVE-2026-31430 47d ago
HIGH NVD Mon, 11 May 2026 16:17:38 UTC
CVE-2026-7818 (CVSS 7) — Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSessionManager. The session mana...
https://nvd.nist.gov/vuln/detail/CVE-2026-7818
TL;DR
Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents (using Python's standard object-serialization module) before performing any HMAC integrity check. Any file dropped into the sessions directory was deserialized unconditionally. An authenticated user with write access to the sessions direct…
CVE-2026-7818
Read full story ↗