|
241
|
9.8 |
CRITICAL
Network
|
nvidia
|
tensorrt_llm
|
NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and i…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-24142
|
2026-05-21 09:04 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
242
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
New
|
-
|
CVE-2026-8399
|
2026-05-21 08:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
243
|
3.1 |
LOW
Network
|
emqx
|
emqx
|
A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH Packet Handler. Such manip…
Update
|
CWE-362
Race Condition
|
CVE-2026-8741
|
2026-05-21 08:02 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
244
|
8.1 |
HIGH
Network
|
microsoft
|
malware_protection_engine
|
Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network.
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-45584
|
2026-05-21 03:56 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245
|
7.8 |
HIGH
Local
|
microsoft
|
windows_admin_center
|
Improper link resolution before file access ('link following') in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.
New
|
CWE-59
Link Following
|
CVE-2026-42834
|
2026-05-21 03:29 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing.
This issue affects Date iCal: from 0.0.0 before 4.0.15.
New
|
CWE-862
Missing Authorization
|
CVE-2026-8495
|
2026-05-21 03:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Colorbox Inline allows Cross-Site Scripting (XSS).
This issue affects Colorbox Inline: fr…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-8493
|
2026-05-21 03:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248
|
2.7 |
LOW
Network
|
-
|
-
|
Modification of Assumed-Immutable Data (MAID) vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing.
This issue affects Translate Drupal with GTranslate: from 0.…
New
|
CWE-471
Modification of Assumed-Immutable Data (MAID)
|
CVE-2026-8492
|
2026-05-21 03:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249
|
3.7 |
LOW
Network
|
-
|
-
|
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing.
This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2…
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-8491
|
2026-05-21 03:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250
|
5.8 |
MEDIUM
Network
|
-
|
-
|
The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attack…
New
|
-
|
CVE-2026-7385
|
2026-05-21 03:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
