|
1401
|
5.5 |
MEDIUM
Local
|
microsoft
|
live_preview
|
Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally.
|
CWE-22
CWE-23
Path Traversal
Relative Path Traversal
|
CVE-2026-41612
|
2026-05-15 23:25 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1402
|
8.8 |
HIGH
Network
|
microsoft
|
visual_studio_code
|
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
|
CWE-78
CWE-384
OS Command
Session Fixation
|
CVE-2026-41613
|
2026-05-15 23:23 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1403
|
7.5 |
HIGH
Network
|
webtechnologies
|
changedetection
|
changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vu…
|
CWE-73
External Control of File Name or Path
|
CVE-2026-43891
|
2026-05-15 23:20 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1404
|
6.7 |
MEDIUM
Local
|
fortinet
|
fortiap
fortiap-w2
|
An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versi…
|
CWE-78
OS Command
|
CVE-2025-53870
|
2026-05-15 23:15 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1405
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit …
|
CWE-20
Improper Input Validation
|
CVE-2026-34688
|
2026-05-15 23:14 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1406
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exp…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-34680
|
2026-05-15 23:14 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1407
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit …
|
CWE-20
Improper Input Validation
|
CVE-2026-34679
|
2026-05-15 23:14 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1408
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could explo…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34678
|
2026-05-15 23:14 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1409
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could explo…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34677
|
2026-05-15 23:13 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1410
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could explo…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34673
|
2026-05-15 23:13 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
