NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-2299 The Mattermost Google Drive plugin before version 1.1.0 fails to validate channel membership in the file creation endpoint, allowing authenticated use... 2026-06-25 4.2 NETWORK MEDIUM NVD
CVE-2026-12340 Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Ident... 2026-06-25 7.5 NETWORK HIGH NVD
CVE-2026-11310 X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-openss... 2026-06-25 7.5 NETWORK HIGH NVD
CVE-2026-10592 Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be reje... 2026-06-25 5.3 NETWORK MEDIUM NVD
CVE-2026-10512 The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not b... 2026-06-25 7.5 NETWORK HIGH NVD
CVE-2026-10097 wolfSSL's AVX2-optimized ML-KEM implementation (mlkem_cmp_avx2) compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encrypt... 2026-06-25 7.5 NETWORK HIGH NVD
CVE-2025-60465 A use-after-free in the gf_filter_pid_inst_swap function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a... 2026-06-25 6.1 LOCAL MEDIUM NVD
CVE-2025-60464 A use-after-free in the gf_sei_load_from_state_internal function (/filters/sei_load.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause... 2026-06-25 7.8 LOCAL HIGH NVD
CVE-2026-56789 RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory ... 2026-06-25 6.5 NETWORK MEDIUM NVD
CVE-2026-56788 RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowin... 2026-06-25 4.4 LOCAL MEDIUM NVD
CVE-2026-56787 RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote attack... 2026-06-25 6.5 NETWORK MEDIUM NVD
CVE-2026-56786 RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 function that fails to clamp length counters to destination buff... 2026-06-25 9.8 NETWORK CRITICAL NVD
CVE-2026-54917 SeaweedFS is a distributed storage system for object storage (S3), file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg... 2026-06-25 10.0 NETWORK CRITICAL NVD
CVE-2026-54250 K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability e... 2026-06-25 5.8 LOCAL MEDIUM NVD
CVE-2026-50549 Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default. Before a Write, the ... 2026-06-25 9.8 NETWORK CRITICAL NVD