|
71
|
- |
|
-
|
-
|
Mercure is a protocol for pushing data updates to web browsers and other HTTP clients in a battery-efficient way. Prior to 0.22.0, a cache key collision vulnerability in TopicSelectorStore allows an …
New
|
CWE-1289
Improper Validation of Unsafe Equivalence in Input
|
CVE-2026-39972
|
2026-04-16 23:45 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
72
|
- |
|
-
|
-
|
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.4-beta-1f46165, ClearanceKit's Endpoint Security event handler only checked the sour…
New
|
CWE-863
Incorrect Authorization
|
CVE-2026-40191
|
2026-04-16 23:45 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
73
|
7.5 |
HIGH
Network
|
adobe
|
coldfusion
|
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerabilit…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-27282
|
2026-04-16 23:43 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
74
|
9.3 |
CRITICAL
Adjacent
|
adobe
|
coldfusion
|
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitati…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-27304
|
2026-04-16 23:42 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
75
|
8.6 |
HIGH
Network
|
adobe
|
coldfusion
|
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file syste…
New
|
CWE-22
Path Traversal
|
CVE-2026-27305
|
2026-04-16 23:42 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
76
|
9.1 |
CRITICAL
Network
|
-
|
-
|
oma is a package manager for AOSC OS. Prior to 1.25.2, oma-topics is responsible for fetching metadata for testing repositories (topics) named "Topic Manifests" ({mirror}/debs/manifest/topics.json) f…
New
|
CWE-93
CRLF Injection
|
CVE-2026-39958
|
2026-04-16 23:42 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
77
|
3.1 |
LOW
Network
|
-
|
-
|
Flux notification-controller is the event forwarder and notification dispatcher for the GitOps Toolkit controllers. Prior to 1.8.3, the gcr Receiver type in Flux notification-controller does not vali…
New
|
CWE-287
CWE-345
Improper Authentication
Insufficient Verification of Data Authenticity
|
CVE-2026-40109
|
2026-04-16 23:42 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
78
|
8.4 |
HIGH
Adjacent
|
adobe
|
coldfusion
|
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Attacker r…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-27306
|
2026-04-16 23:41 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
79
|
2.4 |
LOW
Adjacent
|
adobe
|
coldfusion
|
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could e…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-27307
|
2026-04-16 23:41 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
80
|
2.4 |
LOW
Adjacent
|
adobe
|
coldfusion
|
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could e…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-27308
|
2026-04-16 23:40 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
