NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2026-55607 Claude Code is an agentic coding tool. From 2.1.38 until 2.1.163, Claude Code's worktree handling allowed creation of worktrees named ".git" and navi... 2026-06-29 8.8 NETWORK HIGH NVD
CVE-2026-49049 The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files... 2026-06-29 7.5 NETWORK HIGH NVD
CVE-2026-46406 Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path (/tm... 2026-06-29 6.1 LOCAL MEDIUM NVD
CVE-2026-56457 HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information vulnerability in output logs. This exposure could allow an attac... 2026-06-29 4.3 NETWORK MEDIUM NVD
CVE-2026-13676 fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode (IDN) hostnames for HTTP-family URLs. The IDN conversion path calls a hel... 2026-06-29 7.5 NETWORK HIGH NVD
CVE-2026-12856 A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code. The extension incorrectly trusts all Markd... 2026-06-29 8.8 NETWORK HIGH NVD
CVE-2026-11979 libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function proces... 2026-06-29 7.8 LOCAL HIGH NVD
CVE-2026-41992 GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between differ... 2026-06-29 6.9 LOCAL MEDIUM NVD
CVE-2026-41991 GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the us... 2026-06-29 2.0 LOCAL LOW NVD
CVE-2026-25707 A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repos... 2026-06-29 8.8 NETWORK HIGH NVD
CVE-2026-13601 A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak applicatio... 2026-06-29 7.1 LOCAL HIGH NVD
CVE-2026-57966 A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any loca... 2026-06-29 4.4 LOCAL MEDIUM NVD
CVE-2026-57965 A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This ... 2026-06-29 5.1 LOCAL MEDIUM NVD
CVE-2026-13595 A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers c... 2026-06-29 6.8 LOCAL MEDIUM NVD
CVE-2026-13545 A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub_400E40 of the file setconf.cgi of the component POST Paramete... 2026-06-29 8.8 NETWORK HIGH NVD