|
2031
|
9.0 |
CRITICAL
Network
|
-
|
-
|
ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two dis…
|
CWE-863
Incorrect Authorization
|
CVE-2026-44221
|
2026-05-14 03:21 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2032
|
- |
|
-
|
-
|
An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authent…
|
CWE-424
Improper Protection of Alternate Path
|
CVE-2026-0237
|
2026-05-14 03:17 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2033
|
- |
|
-
|
-
|
A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on t…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-0263
|
2026-05-14 03:17 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2034
|
- |
|
-
|
-
|
A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (Do…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-0264
|
2026-05-14 03:17 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2035
|
- |
|
-
|
-
|
An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Servi…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2026-0265
|
2026-05-14 03:17 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2036
|
5.9 |
MEDIUM
Network
|
-
|
-
|
OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-42348
|
2026-05-14 03:16 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2037
|
6.5 |
MEDIUM
Local
|
-
|
-
|
OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP (OpenTelemetry Protocol) exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryPro…
|
CWE-379
Creation of Temporary File in Directory with Incorrect Permissions
|
CVE-2026-42191
|
2026-05-14 03:16 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2038
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy allows an authenticated low-privileged user to create a link post through POST /api/v3/post. When a post is cre…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-42180
|
2026-05-14 03:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2039
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-51394
|
2026-05-14 03:16 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2040
|
- |
|
-
|
-
|
django-s3file is a lightweight file upload input for Django and Amazon S3. Prior to 7.0.2, S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified requ…
|
CWE-22
CWE-26
Path Traversal
Path Traversal: '/dir/../filename'
|
CVE-2026-42196
|
2026-05-14 03:15 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
