|
2691
|
5.5 |
MEDIUM
Local
|
systemd_project
|
systemd
|
In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element.
|
CWE-1025
Comparison Using Wrong Factors
|
CVE-2026-40227
|
2026-04-15 04:41 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2692
|
6.5 |
MEDIUM
Network
|
microsoft
|
sharepoint_server
|
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
|
CWE-20
Improper Input Validation
|
CVE-2026-32201
|
2026-04-15 04:37 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2693
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-4154
|
2026-04-15 04:33 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2694
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inte…
|
CWE-122
CWE-787
Heap-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-4153
|
2026-04-15 04:33 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2695
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-4151
|
2026-04-15 04:32 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2696
|
9.8 |
CRITICAL
Network
|
mrcms
|
mrcms
|
MRCMS 3.1.2 contains an access control vulnerability. The save() method in src/main/java/org/marker/mushroom/controller/UserController.java lacks proper authorization validation, enabling direct addi…
|
CWE-284
Improper Access Control
|
CVE-2026-31272
|
2026-04-15 04:32 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2697
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inte…
|
CWE-122
CWE-787
Heap-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-4152
|
2026-04-15 04:32 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2698
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-4150
|
2026-04-15 04:32 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2699
|
9.8 |
CRITICAL
Network
|
statamcp
|
stata-mcp
|
A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution.
|
CWE-94
Code Injection
|
CVE-2026-31040
|
2026-04-15 04:31 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2700
|
7.8 |
HIGH
Local
|
fleetdm
|
fleet
|
Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk encryption key rotation flow on collects a local user's password via a GUI dialog and interpolates i…
|
CWE-78
OS Command
|
CVE-2026-27806
|
2026-04-15 04:31 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
