1016 items
Unread (2155) All Dismissed
HIGH
CVE-2026-23231 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-a...
NVD CVE-2026-23231 94d ago
HIGH
CVE-2026-25109 (CVSS 8) — An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an a...
NVD CVE-2026-25109 99d ago
HIGH
CVE-2026-20910 (CVSS 8) — An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an aut...
NVD CVE-2026-20910 99d ago
HIGH
CVE-2026-1773 (CVSS 7.5) — IEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format ...
NVD CVE-2026-1773 102d ago
HIGH
CVE-2026-23204 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_hea...
NVD CVE-2026-23204 112d ago
HIGH
CVE-2025-71221 (CVSS 7) — In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmp_pdma: Fix race c...
NVD CVE-2025-71221 112d ago
HIGH
CVE-2026-23111 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inver...
NVD CVE-2026-23111 113d ago
HIGH
CVE-2026-0661 (CVSS 8.4) — A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption ...
NVD CVE-2026-0661 122d ago
HIGH
CVE-2026-0660 (CVSS 8.4) — A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer...
NVD CVE-2026-0660 122d ago
HIGH
CVE-2026-0538 (CVSS 8.4) — A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Wri...
NVD CVE-2026-0538 122d ago
HIGH
CVE-2026-0537 (CVSS 8.4) — A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption ...
NVD CVE-2026-0537 122d ago
HIGH
CVE-2026-22226 (CVSS 7.2) — A command injection vulnerability may be exploited after the admin's authentication in the VPN serve...
NVD CVE-2026-22226 124d ago
HIGH
CVE-2025-8587 (CVSS 8.6) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2025-8587 124d ago
HIGH
CVE-2026-23025 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: prevent pcp corr...
NVD CVE-2026-23025 126d ago
HIGH
CVE-2025-7714 (CVSS 7.5) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2025-7714 128d ago
HIGH
CVE-2025-7016 (CVSS 8) — Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd...
NVD CVE-2025-7016 128d ago
HIGH
CVE-2026-0535 (CVSS 8.1) — A maliciously crafted HTML payload, stored in a component’s description and clicked by a user, can t...
NVD CVE-2026-0535 135d ago
HIGH
CVE-2026-0534 (CVSS 8.1) — A maliciously crafted HTML payload, stored in a part’s attribute and clicked by a user, can trigger ...
NVD CVE-2026-0534 135d ago
HIGH
CVE-2026-0533 (CVSS 8.1) — A maliciously crafted HTML payload in a design name, when displayed during the delete confirmation d...
NVD CVE-2026-0533 135d ago
HIGH
CVE-2025-4764 (CVSS 8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2025-4764 135d ago
HIGH
CVE-2026-22190 (CVSS 7.5) — The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled form...
NVD CVE-2026-22190 149d ago
HIGH
CVE-2025-7358 (CVSS 7.5) — Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc. SoliClub allows Auth...
NVD CVE-2025-7358 170d ago
HIGH
CVE-2023-53888 (CVSS 8.8) — Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to in...
NVD CVE-2023-53888 172d ago
HIGH
CVE-2025-66590 (CVSS 7.8) — In AzeoTech DAQFactory release 20.7 (Build 2555), an out-of-bounds write vulnerability can be exploi...
NVD CVE-2025-66590 176d ago
HIGH
CVE-2025-66588 (CVSS 7.8) — In AzeoTech DAQFactory release 20.7 (Build 2555), an access of uninitialized pointer vulnerability c...
NVD CVE-2025-66588 176d ago
HIGH
CVE-2025-66586 (CVSS 7.8) — In AzeoTech DAQFactory release 20.7 (Build 2555), an access of resource using incompatible type vuln...
NVD CVE-2025-66586 176d ago
HIGH
CVE-2025-66585 (CVSS 7.8) — In AzeoTech DAQFactory release 20.7 (Build 2555), a use after free vulnerability can be exploited to...
NVD CVE-2025-66585 176d ago
HIGH
CVE-2025-61813 (CVSS 8.2) — ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of ...
NVD CVE-2025-61813 178d ago
HIGH
CVE-2025-62557 (CVSS 8.4) — Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
NVD CVE-2025-62557 179d ago
HIGH
CVE-2025-62554 (CVSS 8.4) — Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthor...
NVD CVE-2025-62554 179d ago
HIGH
CVE-2025-48615 (CVSS 7.8) — In getComponentName of MediaButtonReceiverHolder.java, there is a possible desync in persistence due...
NVD CVE-2025-48615 180d ago
HIGH
CVE-2025-48612 (CVSS 7.8) — In setDefaultKey of DefaultPaymentSettings.java, there is a possible way for an application to set t...
NVD CVE-2025-48612 180d ago
CRITICAL
CVE-2025-34291: Langflow Origin Validation Error Vulnerability (Langflow Langflow)
CISA KEV CVE-2025-34291actively-exploited +1 16d ago
HIGH
CVE-2025-34291 (CVSS 8.8) — Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account tak...
NVD 182d ago
HIGH
CVE-2023-53629 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix use after free in ...
NVD CVE-2023-53629 242d ago
HIGH
CVE-2022-50552 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: blk-mq: use quiesced elevator s...
NVD CVE-2022-50552 242d ago
HIGH
CVE-2023-53596 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resour...
NVD CVE-2023-53596 245d ago
HIGH
CVE-2023-53543 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpa_...
NVD CVE-2023-53543CVE-2023-3773 245d ago
HIGH
CVE-2025-39913 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() whe...
NVD CVE-2025-39913 248d ago
HIGH
CVE-2025-38627 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fs...
NVD CVE-2025-38627 288d ago
HIGH
CVE-2025-38584 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for...
NVD CVE-2025-38584 291d ago
HIGH
CVE-2025-38502 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup l...
NVD CVE-2025-38502 294d ago
HIGH
CVE-2025-38500 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-...
NVD CVE-2025-38500 298d ago
HIGH
CVE-2013-10050 (CVSS 8.8) — An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A ...
NVD CVE-2013-10050 308d ago
HIGH
CVE-2025-38250 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-af...
NVD CVE-2025-38250 332d ago
HIGH
CVE-2022-49961 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: bpf: Do mark_chain_precision fo...
NVD CVE-2022-49961 353d ago
HIGH
CVE-2025-0130 (CVSS 7.5) — A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled ...
NVD CVE-2025-0130 388d ago
HIGH
CVE-2025-30386 (CVSS 8.4) — Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
NVD CVE-2025-30386 389d ago
HIGH
CVE-2025-22107 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan ou...
NVD CVE-2025-22107 416d ago
HIGH
CVE-2025-22069 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout...
NVD CVE-2025-22069 416d ago
HIGH
CVE-2025-21863 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: io_uring: prevent opcode specul...
NVD CVE-2025-21863 451d ago
CRITICAL CISA KEV Thu, 21 May 2026 00:00:00 UTC
CVE-2025-34291: Langflow Origin Validation Error Vulnerability (Langflow Langflow)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
TL;DR AI
A security vulnerability has been discovered in a widely used no-cost online security service that allows users to scan their systems for malware and other online threats. The vulnerability allows attackers to remotely access the system, making it a significant security risk for businesses and individuals. The vulnerability affects multiple services, including online banking, email, and social media platforms.
CVE-2025-34291actively-exploited
Read full story ↗
Related coverage (1)
CVE-2025-34291 (CVSS 8.8) — Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account tak...
NVD 182d ago