Search CVE reports


Toggle filters

1 – 10 of 30566 results

Status is adjusted based on your filters.


CVE-2026-38076

Medium priority
Needs evaluation

An integer overflow in the jbig2_arith_iaid_ctx_new() function of Artifex commit cc37d0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

1 affected package

jbig2dec

Package 26.04 LTS
jbig2dec Needs evaluation
Show less packages

CVE-2026-15308

Medium priority
Needs evaluation

The incremental HTML parser (html.parser.HTMLParser) allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data.

11 affected packages

python2.7, python3.4, python3.5, python3.6, python3.7...

Package 26.04 LTS
python2.7 Not in release
python3.4 Not in release
python3.5 Not in release
python3.6 Not in release
python3.7 Not in release
python3.8 Not in release
python3.9 Not in release
python3.10 Not in release
python3.11 Not in release
python3.12 Not in release
python3.14 Needs evaluation
Show all 11 packages Show less packages

CVE-2026-15276

Medium priority
Needs evaluation

A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit...

1 affected package

rust-symphonia

Package 26.04 LTS
rust-symphonia Needs evaluation
Show less packages

CVE-2026-15185

Medium priority

Not in release

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsub_read_idx of the file /src/media_tools/vobsub.c of the component MP4Box. Executing a manipulation of the argument num_langs can lead...

1 affected package

gpac

Package 26.04 LTS
gpac Not in release
Show less packages

CVE-2026-15028

Medium priority
Needs evaluation

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing...

1 affected package

libarchive

Package 26.04 LTS
libarchive Needs evaluation
Show less packages

CVE-2026-14741

Medium priority
Needs evaluation

[Unknown description]

1 affected package

libhttp-date-perl

Package 26.04 LTS
libhttp-date-perl Needs evaluation
Show less packages

CVE-2026-11404

Medium priority

Not in release

Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without...

1 affected package

mongoose

Package 26.04 LTS
mongoose Not in release
Show less packages

CVE-2026-8472

Medium priority

Not in release

(GitLab has remediated an issue in GitLab EE affecting all versions fro ...)

1 affected package

gitlab

Package 26.04 LTS
gitlab Not in release
Show less packages

CVE-2026-7492

Medium priority

Not in release

(GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)

1 affected package

gitlab

Package 26.04 LTS
gitlab Not in release
Show less packages

CVE-2026-6896

Medium priority

Not in release

(GitLab has remediated an issue in GitLab EE affecting all versions fro ...)

1 affected package

gitlab

Package 26.04 LTS
gitlab Not in release
Show less packages