Search CVE reports


Toggle filters

31 – 40 of 43484 results

Status is adjusted based on your filters.


CVE-2026-11771

Medium priority
Needs evaluation

[Unknown description]

1 affected package

openvpn

Package 22.04 LTS
openvpn Needs evaluation
Show less packages

CVE-2025-71385

Medium priority
Needs evaluation

Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document (into a text element) without HTML or XML escaping, and...

1 affected package

netdata

Package 22.04 LTS
netdata Needs evaluation
Show less packages

CVE-2026-58451

Medium priority

Not in release

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix...

1 affected package

php-horde-imp

Package 22.04 LTS
php-horde-imp Not in release
Show less packages

CVE-2026-58035

Medium priority
Needs evaluation

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...

1 affected package

mediawiki

Package 22.04 LTS
mediawiki Needs evaluation
Show less packages

CVE-2026-58031

Medium priority
Needs evaluation

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...

1 affected package

mediawiki

Package 22.04 LTS
mediawiki Needs evaluation
Show less packages

CVE-2026-56149

Medium priority

Not in release

Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can lead to a denial of service via Excessive Allocation (CAPEC-130). A user with elevated privileges can submit a specially crafted machine learning...

1 affected package

elasticsearch

Package 22.04 LTS
elasticsearch Not in release
Show less packages

CVE-2026-56148

Medium priority

Not in release

Uncontrolled Recursion (CWE-674) in Elasticsearch can lead to a denial of service via Excessive Allocation (CAPEC-130). An authenticated user can submit a specially crafted query that causes excessive resource consumption while...

1 affected package

elasticsearch

Package 22.04 LTS
elasticsearch Not in release
Show less packages

CVE-2026-55688

Medium priority
Needs evaluation

The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. In versions from 2.0.0 prior to 2.16.0 and from 3.0.0.Beta1 prior to...

1 affected package

async-http-client

Package 22.04 LTS
async-http-client Needs evaluation
Show less packages

CVE-2026-55628

Medium priority
Needs evaluation

In versions prior to 7.1.2-26he, the `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26.

1 affected package

imagemagick

Package 22.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-55597

Medium priority
Needs evaluation

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has...

1 affected package

imagemagick

Package 22.04 LTS
imagemagick Needs evaluation
Show less packages