CVE Vulnerability Database

Search and browse 11,425 known security vulnerabilities. Filter by severity, vendor, product, and year.

11,425 vulnerabilities found
Recent Highest Score Oldest
CVE-2026-9689
4.2 medium

A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote attacker can manipulate the authentication process by crafting a special web address. If a user clicks

Redhat Build Of Keycloak May 27, 2026
CVE-2026-48906
8.1 high

The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites.

Tassos Advanced Custom Fields May 27, 2026
CVE-2026-45846
none

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() bareudp_fill_metadata_dst() passes bareudp->sock to udp_tunnel6_dst_lookup() in the IPv6 path without a NULL check. The socket is only created in bareudp_open()

May 27, 2026
CVE-2026-45844
none

In the Linux kernel, the following vulnerability has been resolved: netfilter: arp_tables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arp_packet_match() unconditionally parses the ARP payload assuming two hardware addresses are present (source and target). However, IPv4-over-IEEE1394 ARP

May 27, 2026
CVE-2026-45843
8.2 high

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode() reads against the compressed packet length slhc_uncompress() parses a VJ-compressed TCP header by advancing a pointer through the packet via decode() and pull16(). Neither helper bounds-checks against isize, a

May 27, 2026
CVE-2026-45842
none

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhc_init() accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhc_init() i

May 27, 2026
CVE-2026-45841
none

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO nf_osf_match_one() computes ctx->window % f->wss.val in the OSF_WSS_MODULO branch with no guard for f->wss.val == 0. A CAP_NET_ADMIN user can add such a fingerprint vi

May 27, 2026
CVE-2026-45840
none

In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID array via ovs_vport_get_upcall_p

May 27, 2026
CVE-2026-45839
none

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec() CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members.

May 27, 2026
CVE-2026-45838
none

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroup_storage_get_next_key() list_next_entry() never returns NULL -- when the current element is the last entry it wraps to the list head via container_of(). The subsequent NULL check is therefor

May 27, 2026
CVE-2026-3012
8.0 high

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to i

May 27, 2026
CVE-2026-2237
6.2 medium

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information.

Synology Storage Manager May 27, 2026
CVE-2025-66593
6.1 medium

An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation.

Synology Assistant May 27, 2026
CVE-2025-66592
6.1 medium

An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation.

Synology Active Backup For Business Agent May 27, 2026
CVE-2025-30028
8.6 high

A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files.

Synology Active Backup For Business May 27, 2026
CVE-2025-14713
7.5 high

An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server.

Synology C2 Identity Edge Server May 27, 2026
CVE-2025-13593
6.1 medium

Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation.

Synology Activeprotect Agent May 27, 2026
CVE-2025-13392
8.1 high

Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name (DN).

Synology Diskstation Manager May 27, 2026
CVE-2025-12686
9.8 critical

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.

Synology Beestation Os May 27, 2026
CVE-2025-10466
5.9 medium

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Safe Access in Synology Safe Access before 1.3.1-0329 allows remote authenticated users with administrator privileges to read or write specific files containing non-sensitive information or conduct

Synology Safe Access May 27, 2026
CVE-2024-11399
6.8 medium

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors.

Synology Beedrive May 27, 2026
CVE-2026-41704
5.0 medium

AgentClient#handle_method (lines 264-303) processes every NATS reply. It calls inject_compile_log (line 273) on every response, which reads response['value']['result']['compile_log_id'] (line 332-338) and passes it to download_and_delete_blob. Separately, any response containing 'exception' goes thr

Cloud Foundry Bosh May 27, 2026
CVE-2026-41009
5.8 medium

When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by AgentClient. inject_compile_log (line 332-339) reads response['value']['result']['compile_log_id'] and format_exception (line 318-325) reads exception['blobstore_id']; both pass the agent-sup

Cloud Foundry Bosh May 27, 2026
CVE-2026-49017
none

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently unrespo

May 27, 2026