Search

Expected end of text, found '–' (at char 37), (line:1, col:38)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (351944 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-4055 1 Mattermost 1 Mattermost 2026-05-21 4.3 Medium
Mattermost versions 11.5.x <= 11.5.1 fail to validate team-level run_create permission against the target team when creating a playbook run which allows an authenticated team member to create runs in teams where they lack permission via specifying a different team ID in the run creation API request. Mattermost Advisory ID: MMSA-2026-00629
CVE-2026-44051 1 Netatalk 1 Netatalk 2026-05-21 8.1 High
In Netatalk 3.0.2 through 4.4.2, arbitrary file read via attacker-controlled symlink creation. Fixed in 4.4.3.
CVE-2026-44052 1 Netatalk 1 Netatalk 2026-05-21 7.5 High
In Netatalk 2.1.0 through 4.4.2, ldap simple-bind password exposure in log output. Fixed in 4.4.3.
CVE-2026-44054 1 Netatalk 1 Netatalk 2026-05-21 6.5 Medium
In Netatalk 2.0.0 through 4.4.2, predictable afpd session token. Fixed in 4.4.3.
CVE-2026-44055 1 Netatalk 1 Netatalk 2026-05-21 7.5 High
In Netatalk 3.1.4 through 4.4.2, bitwise or logic bug enables shell injection. Fixed in 4.4.3.
CVE-2026-44060 1 Netatalk 1 Netatalk 2026-05-21 7.5 High
In Netatalk 1.5.0 through 4.4.2, integer underflow in dsi_writeinit() leads to denial of service. Fixed in 4.4.3.
CVE-2026-44061 1 Netatalk 1 Netatalk 2026-05-21 5.9 Medium
In Netatalk 1.5.0 through 4.4.2, des-ecb auth with timing side channel. Fixed in 4.5.0.
CVE-2026-44064 1 Netatalk 1 Netatalk 2026-05-21 7.1 High
In Netatalk 1.3 through 4.4.2, asp session id out-of-bounds access. Fixed in 4.4.3.
CVE-2026-44066 1 Netatalk 1 Netatalk 2026-05-21 7.1 High
In Netatalk 3.1.0 through 4.4.2, heap out-of-bounds reads in spotlight rpc unmarshalling. Fixed in 4.4.3.
CVE-2026-44067 1 Netatalk 1 Netatalk 2026-05-21 3.7 Low
In Netatalk 2.1.0 through 4.4.2, ea header parsing heap over-read. Fixed in 4.5.0.
CVE-2026-44069 1 Netatalk 1 Netatalk 2026-05-21 3.4 Low
In Netatalk 3.0.0 through 4.4.2, integer underflow in volxlate. Fixed in 4.5.0.
CVE-2026-44070 1 Netatalk 1 Netatalk 2026-05-21 3.1 Low
In Netatalk 2.0.0 through 4.4.2, unbounded realloc in charset conversion. Fixed in 4.5.0.
CVE-2026-44072 1 Netatalk 1 Netatalk 2026-05-21 2.5 Low
In Netatalk 2.2.1 through 4.4.2, system() after failed chdir(). Fixed in 4.5.0.
CVE-2026-44073 1 Netatalk 1 Netatalk 2026-05-21 4 Medium
In Netatalk 1.5.0 through 4.4.2, seteuid failure ignored in auth modules. Fixed in 4.5.0.
CVE-2026-44076 1 Netatalk 1 Netatalk 2026-05-21 6.7 Medium
In Netatalk 3.1.0 through 4.4.2, shell injection via volume path. Fixed in 4.4.3.
CVE-2026-7835 1 Netatalk 1 Netatalk 2026-05-21 3.1 Low
In Netatalk 3.0.3 through 4.4.2, format string argument mismatch. Fixed in 4.5.0.
CVE-2026-44047 1 Netatalk 1 Netatalk 2026-05-21 8.8 High
In Netatalk 3.1.0 through 4.4.2, sql injection in mysql cnid backend. Fixed in 4.4.3.
CVE-2026-44048 1 Netatalk 1 Netatalk 2026-05-21 8.8 High
In Netatalk 2.0.4 through 4.4.2, stack buffer overflow via ucs-2 type confusion in convert_charset(). Fixed in 4.4.3.
CVE-2026-44053 1 Netatalk 1 Netatalk 2026-05-21 7.4 High
In Netatalk 1.5.0 through 4.2.2, weak cryptography in dhcast128 uam. Fixed in 4.5.0.
CVE-2026-44058 1 Netatalk 1 Netatalk 2026-05-21 6.4 Medium
In Netatalk 2.2.2 through 4.4.2, authentication bypass via admin auth user. Fixed in 4.5.0.