|
711
|
6.5 |
MEDIUM
Network
|
silabs
|
emberznet
|
In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the netw…
New
|
CWE-369
Divide By Zero
|
CVE-2026-47152
|
2026-06-26 03:38 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
712
|
6.5 |
MEDIUM
Network
|
silabs
|
emberznet
|
In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the netw…
New
|
CWE-369
Divide By Zero
|
CVE-2026-47153
|
2026-06-26 03:37 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
713
|
6.5 |
MEDIUM
Network
|
silabs
|
emberznet
|
In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a dev…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-47154
|
2026-06-26 03:35 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
714
|
6.5 |
MEDIUM
Network
|
silabs
|
emberznet
|
In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process. These messages must come from a device that has al…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-4526
|
2026-06-26 03:32 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
715
|
6.1 |
MEDIUM
Local
|
openbsd
redhat
|
openssh
enterprise_linux
|
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket na…
New
|
CWE-923
Improper Restriction of Communication Channel to Intended Endpoints
|
CVE-2026-55655
|
2026-06-26 03:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
716
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepted certain state-mutating terminal lifecycle hooks from the PTY stream wit…
New
|
CWE-78
CWE-88
OS Command
Argument Injection
|
CVE-2026-54686
|
2026-06-26 03:16 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
717
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Ghost is a Node.js content management system. From 5.18.0 until 6.21.1, a discrepancy in responses from the members signin endpoints made it possible for an unauthenticated attacker to determine whet…
New
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2026-53947
|
2026-06-26 03:16 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
718
|
8.9 |
HIGH
Network
|
-
|
-
|
Gogs is an open source self-hosted Git service. Prior to 0.14.3, although .ipynb previews are sanitized on the server side via /-/api/sanitize_ipynb, the inserted content is re-rendered on the client…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-52798
|
2026-06-26 03:16 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
719
|
8.6 |
HIGH
Local
|
-
|
-
|
Warp is an agentic development environment. From 0.2025.10.08.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution permission-check bypass in the default unsandboxed …
New
|
CWE-180
CWE-693
Incorrect Behavior Order: Validate Before Canonicalize
Protection Mechanism Failure
|
CVE-2026-48721
|
2026-06-26 03:16 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
720
|
- |
|
-
|
-
|
Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, the list of disallowed IP address ranges was lacking an IP address range that can be u…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-46348
|
2026-06-26 03:16 |
2026-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
