|
531
|
- |
|
-
|
-
|
Vim is an open source, command line text editor. Prior to version 9.2.0565, the update_snapshot() function in src/terminal.c copies the visible terminal screen into the scrollback buffer when a snaps…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-52859
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
532
|
- |
|
-
|
-
|
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec() as p…
New
|
CWE-94
Code Injection
|
CVE-2026-52860
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
533
|
6.5 |
MEDIUM
Network
|
-
|
-
|
An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gst_h266_parser_parse_picture_partiti…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-53701
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
534
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library (gst-plugins-bad). When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-53702
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
535
|
- |
|
-
|
-
|
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security c…
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-45175
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
536
|
- |
|
-
|
-
|
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. Prior to version 2.6.7, an attacker can upload a small, malicious PD…
New
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2026-45802
|
2026-06-12 05:51 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
537
|
8.1 |
HIGH
Network
|
-
|
-
|
SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to authenticate all REST API requests are stored as plaintext strings in the api_tokens database table. Any…
New
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2026-46622
|
2026-06-12 05:50 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
538
|
5.3 |
MEDIUM
Network
|
-
|
-
|
CodexBar before 0.33.0 contains a credential forwarding vulnerability that allows network-adjacent attackers to intercept sensitive credentials by issuing cross-origin or HTTP-downgrade redirects to …
New
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-49949
|
2026-06-12 05:50 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
539
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missi…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-53781
|
2026-06-12 05:50 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
540
|
7.4 |
HIGH
Network
|
-
|
-
|
Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresse…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-53782
|
2026-06-12 05:50 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
