|
801
|
7.5 |
HIGH
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handle_dht_get(), the DhtResults accumulator is only initia…
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-46541
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
802
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, when LightBlockchain::rebranch() adopts a fork chain whose tip …
New
|
CWE-841
Improper Enforcement of Behavioral Workflow
|
CVE-2026-46540
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
803
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a logic flaw in BlockInclusionProof::is_block_proven causes the…
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-46539
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
804
|
8.6 |
HIGH
Network
|
-
|
-
|
SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. Prior to version 7.0.3, simplesamlphp-module-casserver builds file paths for the file-based CA…
New
|
CWE-22
Path Traversal
|
CVE-2026-46491
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
805
|
6.5 |
MEDIUM
Network
|
-
|
-
|
FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and trigge…
New
|
CWE-248
Uncaught Exception
|
CVE-2026-46411
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
806
|
- |
|
-
|
-
|
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virti…
New
|
CWE-416
Use After Free
|
CVE-2026-45782
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
807
|
7.5 |
HIGH
Network
|
-
|
-
|
Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. From version 0.0.90 to before version 1.2.0, a path traversal vulnerability exists in Pip…
New
|
CWE-22
Path Traversal
|
CVE-2026-44716
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
808
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. network-libp2p handles kad get-record query progress in handle_dht_get (network-libp2p/…
New
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2026-44505
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
809
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Spring Data REST's Querydsl integration accepts arbitrary persistent property paths as request-parameter filter keys and does not consider Jackson customizations before handing them to Querydsl.
Aff…
New
|
CWE-284
Improper Access Control
|
CVE-2026-41837
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
810
|
8.1 |
HIGH
Network
|
-
|
-
|
JsonPulsarHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Additionally, an empty trusted-…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-41732
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
