Search CVE reports


Toggle filters

31 – 40 of 30559 results

Status is adjusted based on your filters.


CVE-2026-59870

Medium priority
Needs evaluation

(js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2. ...)

1 affected package

node-js-yaml

Package 26.04 LTS
node-js-yaml Needs evaluation
Show less packages

CVE-2026-59869

Medium priority
Needs evaluation

(js-yaml is a JavaScript YAML parser and dumper. From 3.0.0 before 3.15 ...)

1 affected package

node-js-yaml

Package 26.04 LTS
node-js-yaml Needs evaluation
Show less packages

CVE-2026-59868

Medium priority
Needs evaluation

(js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2. ...)

1 affected package

node-js-yaml

Package 26.04 LTS
node-js-yaml Needs evaluation
Show less packages

CVE-2026-59818

Medium priority
Needs evaluation

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the...

1 affected package

etcd

Package 26.04 LTS
etcd Needs evaluation
Show less packages

CVE-2026-59692

Medium priority
Needs evaluation

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking....

1 affected package

gst-plugins-bad1.0

Package 26.04 LTS
gst-plugins-bad1.0 Needs evaluation
Show less packages

CVE-2026-59691

Medium priority
Needs evaluation

A heap buffer overflow vulnerability was found in GStreamer's rfbsrc plugin. When a client connects to a malicious RFB/VNC server that advertises a 16bpp framebuffer and sends Hextile-encoded updates, the Hextile background fill...

1 affected package

gst-plugins-bad1.0

Package 26.04 LTS
gst-plugins-bad1.0 Needs evaluation
Show less packages

CVE-2026-58501

Medium priority
Needs evaluation

Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbid_external is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD...

1 affected package

python-zeep

Package 26.04 LTS
python-zeep Needs evaluation
Show less packages

CVE-2026-58494

Medium priority
Needs evaluation

Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination...

1 affected package

rust-wasmtime

Package 26.04 LTS
rust-wasmtime Needs evaluation
Show less packages

CVE-2026-58388

Medium priority
Needs evaluation

[Unknown description]

1 affected package

gimp

Package 26.04 LTS
gimp Needs evaluation
Show less packages

CVE-2026-58387

Medium priority
Needs evaluation

[Unknown description]

1 affected package

gimp

Package 26.04 LTS
gimp Needs evaluation
Show less packages