|
421
|
7.1 |
HIGH
Network
|
-
|
-
|
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decode_mask_image(). When decoding a HEIF file containing a mas…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32741
|
2026-05-21 02:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
422
|
9.8 |
CRITICAL
Network
|
-
|
-
|
The JSONSerializer and CBORSerializer in APScheduler (all versions including 3.10.x and 4.0.0a5) are vulnerable to Remote Code Execution (RCE) via Insecure Deserialization. The unmarshal_object funct…
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-31072
|
2026-05-21 02:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
423
|
9.8 |
CRITICAL
Network
|
nvidia
|
triton_inference_server
|
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution,…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-24214
|
2026-05-21 02:13 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
424
|
7.5 |
HIGH
Network
|
adobe
|
commerce
commerce_b2b
magento
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34649
|
2026-05-21 02:13 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
425
|
7.5 |
HIGH
Network
|
adobe
|
commerce
commerce_b2b
magento
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34650
|
2026-05-21 02:13 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
426
|
7.5 |
HIGH
Network
|
adobe
|
commerce
commerce_b2b
magento
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34651
|
2026-05-21 02:13 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
427
|
7.5 |
HIGH
Network
|
adobe
|
commerce
commerce_b2b
magento
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i…
Update
|
NVD-CWE-Other
|
CVE-2026-34652
|
2026-05-21 02:12 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
428
|
6.8 |
MEDIUM
Physics
|
microsoft
|
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2025
|
Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coor…
New
|
CWE-77
Command Injection
|
CVE-2026-45585
|
2026-05-21 01:42 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
429
|
5.7 |
MEDIUM
Network
|
-
|
-
|
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients …
New
|
CWE-200
CWE-281
CWE-863
Information Exposure
Improper Preservation of Permissions
Incorrect Authorization
|
CVE-2026-34600
|
2026-05-21 01:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
430
|
8.1 |
HIGH
Network
|
-
|
-
|
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce permission checks on …
New
|
CWE-284
CWE-862
Improper Access Control
Missing Authorization
|
CVE-2026-34358
|
2026-05-21 01:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
