Search CVE reports


Toggle filters

331 – 340 of 43971 results

Status is adjusted based on your filters.


CVE-2026-6352

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level...

1 affected package

gitlab

Package 22.04 LTS
gitlab Not in release
Show less packages

CVE-2026-59818

Medium priority
Needs evaluation

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the...

1 affected package

etcd

Package 22.04 LTS
etcd Needs evaluation
Show less packages

CVE-2026-58494

Medium priority

Not in release

Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination...

1 affected package

rust-wasmtime

Package 22.04 LTS
rust-wasmtime Not in release
Show less packages

CVE-2026-58211

Medium priority

Not in release

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client could be registered as the configured no_auth_user through a parser path used when the first...

1 affected package

nats-server

Package 22.04 LTS
nats-server Not in release
Show less packages

CVE-2026-58208

Medium priority

Not in release

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a WebSocket listener could route requests for the MQTT-over-WebSocket path into MQTT handling even when...

1 affected package

nats-server

Package 22.04 LTS
nats-server Not in release
Show less packages

CVE-2026-58207

Medium priority

Not in release

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying...

1 affected package

nats-server

Package 22.04 LTS
nats-server Not in release
Show less packages

CVE-2026-55206

Medium priority
Needs evaluation

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, PackInfo._read() in archiveinfo.py used an O(n^2) cumulative sum pattern for...

1 affected package

py7zr

Package 22.04 LTS
py7zr Needs evaluation
Show less packages

CVE-2026-55195

Medium priority
Needs evaluation

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, py7zr's Worker.decompress() extracted archive entries without tracking total decompressed...

1 affected package

py7zr

Package 22.04 LTS
py7zr Needs evaluation
Show less packages

CVE-2026-54591

Medium priority
Needs evaluation

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior to 2.23.1, a malicious SSH server can write arbitrary files on the...

1 affected package

python-asyncssh

Package 22.04 LTS
python-asyncssh Needs evaluation
Show less packages

CVE-2026-54590

Medium priority
Needs evaluation

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309...

1 affected package

python-asyncssh

Package 22.04 LTS
python-asyncssh Needs evaluation
Show less packages