|
2681
|
10.0 |
CRITICAL
Network
|
-
|
-
|
CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer (public/installer/index.php) is vulnerable to unauthenticated Remote Code Executi…
|
CWE-78
CWE-284
OS Command
Improper Access Control
|
CVE-2026-34234
|
2026-05-21 02:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2682
|
7.1 |
HIGH
Network
|
-
|
-
|
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decode_mask_image(). When decoding a HEIF file containing a mas…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32741
|
2026-05-21 02:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2683
|
9.8 |
CRITICAL
Network
|
-
|
-
|
The JSONSerializer and CBORSerializer in APScheduler (all versions including 3.10.x and 4.0.0a5) are vulnerable to Remote Code Execution (RCE) via Insecure Deserialization. The unmarshal_object funct…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-31072
|
2026-05-21 02:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2684
|
9.8 |
CRITICAL
Network
|
nvidia
|
triton_inference_server
|
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution,…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-24214
|
2026-05-21 02:13 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2685
|
7.5 |
HIGH
Network
|
adobe
|
commerce
commerce_b2b
magento
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34649
|
2026-05-21 02:13 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2686
|
7.5 |
HIGH
Network
|
adobe
|
commerce
commerce_b2b
magento
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34650
|
2026-05-21 02:13 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2687
|
7.5 |
HIGH
Network
|
adobe
|
commerce
commerce_b2b
magento
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34651
|
2026-05-21 02:13 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2688
|
7.5 |
HIGH
Network
|
adobe
|
commerce
commerce_b2b
magento
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i…
|
NVD-CWE-Other
|
CVE-2026-34652
|
2026-05-21 02:12 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2689
|
5.7 |
MEDIUM
Network
|
-
|
-
|
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients …
|
CWE-200
CWE-281
CWE-863
Information Exposure
Improper Preservation of Permissions
Incorrect Authorization
|
CVE-2026-34600
|
2026-05-21 01:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2690
|
8.1 |
HIGH
Network
|
-
|
-
|
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce permission checks on …
|
CWE-284
CWE-862
Improper Access Control
Missing Authorization
|
CVE-2026-34358
|
2026-05-21 01:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
