396 items
Unread (2811) All Dismissed
CRITICAL
CVE-2026-45787 (CVSS 9.1) — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3...
NVD CVE-2026-45787 15d ago
CRITICAL
CVE-2026-44477 (CVSS 9.9) — CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. ...
NVD CVE-2026-44477 15d ago
CRITICAL
CVE-2026-24444 (CVSS 9.8) — SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded pas...
NVD CVE-2026-24444 15d ago
CRITICAL
CVE-2026-9813 (CVSS 9.9) — FlowIntel up to version 3.3.0 contains a server-side request forgery (SSRF) vulnerability in the ext...
NVD CVE-2026-9813 16d ago
CRITICAL
CVE-2026-4408 (CVSS 9) — A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers an...
NVD CVE-2026-4408 16d ago
CRITICAL
CVE-2026-48027 (CVSS 9.8) — Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, ...
NVD CVE-2026-48027 +1 16d ago
CRITICAL
CVE-2026-48027: Nx Console Embedded Malicious Code Vulnerability (Nx Nx Console)
CISA KEV 17d ago
CRITICAL
CVE-2026-45570 (CVSS 9.6) — go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alp...
NVD CVE-2026-45570 16d ago
CRITICAL
CVE-2026-8175 (CVSS 9.8) — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Tra...
NVD CVE-2026-8175 16d ago
CRITICAL
CVE-2026-7876 (CVSS 9.1) — IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
NVD CVE-2026-7876 16d ago
CRITICAL
CVE-2026-7524 (CVSS 9.8) — IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of...
NVD CVE-2026-7524 16d ago
CRITICAL
CVE-2025-12686 (CVSS 9.8) — Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter ...
NVD CVE-2025-12686 17d ago
CRITICAL
CVE-2026-8760 (CVSS 9.8) — The Login with OTP plugin for WordPress is vulnerable to authentication bypass in all versions up to...
NVD CVE-2026-8760CVE-2024-11178 17d ago
CRITICAL
CVE-2026-45321: TanStack Unspecified Vulnerability (TanStack TanStack)
CISA KEV CVE-2026-45321actively-exploited 17d ago
CRITICAL
CVE-2026-8398: Daemon Tools Lite Embedded Malicious Code Vulnerability (Daemon Daemon Tools Lite)
CISA KEV CVE-2026-8398actively-exploited 17d ago
CRITICAL
CVE-2026-44985 (CVSS 9.6) — Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for th...
NVD CVE-2026-44985 17d ago
CRITICAL
CVE-2026-48689 (CVSS 9.8) — FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the ...
NVD CVE-2026-48689 17d ago
CRITICAL
CVE-2026-3660 (CVSS 9.8) — IBM Engineering Lifecycle Management 7.0.3 ( through ) Interim Fix 021, 7.1.0 ( through ) Interim Fi...
NVD CVE-2026-3660 17d ago
CRITICAL
CVE-2026-8633 (CVSS 9.8) — IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSpher...
NVD CVE-2026-8633 17d ago
CRITICAL
CVE-2026-48904 (CVSS 9.8) — An improper access check allows privelege escalation through the com_users group editing webservice ...
NVD CVE-2026-48904 17d ago
CRITICAL
CVE-2026-48899 (CVSS 9.8) — An improper access check allows privilege escalation through the com_users batch task.
NVD CVE-2026-48899 17d ago
CRITICAL
CVE-2026-48898 (CVSS 9.8) — An improper access check allows privilege escalation through the com_users batch task.
NVD CVE-2026-48898 17d ago
CRITICAL
CVE-2026-48691 (CVSS 9.8) — FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute...
NVD CVE-2026-48691 17d ago
CRITICAL
CVE-2026-40383 (CVSS 9.8) — An improper validation of user-supplied input leads to a local file inclusion vulnerability.
NVD CVE-2026-40383 17d ago
CRITICAL
CVE-2026-35223 (CVSS 9.8) — An improper access check allows unauthorized access to com_config webservice endpoints.
NVD CVE-2026-35223 17d ago
CRITICAL
CVE-2026-35222 (CVSS 9.8) — Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.
NVD CVE-2026-35222 17d ago
CRITICAL
CVE-2026-35221 (CVSS 9.8) — Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_fi...
NVD CVE-2026-35221 17d ago
CRITICAL
CVE-2026-48687 (CVSS 9.8) — FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Jun...
NVD CVE-2026-48687 17d ago
CRITICAL
CVE-2026-48686 (CVSS 9.8) — FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (N...
NVD CVE-2026-48686 17d ago
CRITICAL
CVE-2026-45247: Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability (Mirasvit Mirasvit Full Page Cache Warmer)
CISA KEV CVE-2026-45247actively-exploited +2 10d ago
CRITICAL
CVE-2026-45247 (CVSS 9.8) — Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection...
NVD 17d ago
INFO
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
The Hacker News 9d ago
CRITICAL
CVE-2026-9543 (CVSS 9.8) — A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setP...
NVD CVE-2026-9543 17d ago
CRITICAL
CVE-2026-7374 (CVSS 9.9) — A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated Op...
NVD CVE-2026-7374 17d ago
CRITICAL
CVE-2026-42496 (CVSS 9.1) — Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside...
NVD CVE-2026-42496 18d ago
CRITICAL
CVE-2026-8376 (CVSS 9.8) — Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a ...
NVD CVE-2026-8376 18d ago
CRITICAL
CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability (LiteSpeed cPanel Plugin)
CISA KEV CVE-2026-48172actively-exploited +2 18d ago
CRITICAL
CVE-2026-48172 (CVSS 9.8) — LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp...
NVD 23d ago
INFO
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
The Hacker News 21d ago
CRITICAL
CVE-2026-9478 (CVSS 9.8) — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function set...
NVD CVE-2026-9478 18d ago
CRITICAL
CVE-2026-9477 (CVSS 9.8) — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the ...
NVD CVE-2026-9477 18d ago
CRITICAL
CVE-2026-9476 (CVSS 9.8) — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects t...
NVD CVE-2026-9476 18d ago
CRITICAL
CVE-2026-9475 (CVSS 9.8) — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This affects the function se...
NVD CVE-2026-9475 18d ago
CRITICAL
CVE-2026-9458 (CVSS 9.8) — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the ...
NVD CVE-2026-9458 18d ago
CRITICAL
CVE-2026-9457 (CVSS 9.8) — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the ...
NVD CVE-2026-9457 18d ago
CRITICAL
CVE-2026-9456 (CVSS 9.8) — A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenV...
NVD CVE-2026-9456 18d ago
CRITICAL
CVE-2026-9455 (CVSS 9.8) — A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct...
NVD CVE-2026-9455 18d ago
CRITICAL
CVE-2026-9454 (CVSS 9.8) — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the functi...
NVD CVE-2026-9454 18d ago
CRITICAL
CVE-2026-9436 (CVSS 9.8) — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function ...
NVD CVE-2026-9436 19d ago
CRITICAL
CVE-2026-9435 (CVSS 9.8) — A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the fu...
NVD CVE-2026-9435 19d ago
CRITICAL
CVE-2026-9434 (CVSS 9.8) — A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the ...
NVD CVE-2026-9434 19d ago
CRITICAL
CVE-2026-9433 (CVSS 9.8) — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct...
NVD CVE-2026-9433 19d ago
CRITICAL
CVE-2026-9432 (CVSS 9.8) — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affe...
NVD CVE-2026-9432 19d ago
CRITICAL
CVE-2026-9408 (CVSS 9.8) — A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the ...
NVD CVE-2026-9408 19d ago
CRITICAL NVD Wed, 27 May 2026 17:16:41 UTC
CVE-2026-48027 (CVSS 9.8) — Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, ...
https://nvd.nist.gov/vuln/detail/CVE-2026-48027
TL;DR
Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes). Version 18.100.0 of Nx C…
CVE-2026-48027
Read full story ↗
Related coverage (1)
CVE-2026-48027: Nx Console Embedded Malicious Code Vulnerability (Nx Nx Console)
CISA KEV 17d ago