Search CVE reports


Toggle filters

371 – 380 of 43971 results

Status is adjusted based on your filters.


CVE-2026-58210

Medium priority

Not in release

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an unauthenticated MQTT client could cause the server to retain large incomplete MQTT CONNECT packets...

1 affected package

nats-server

Package 22.04 LTS
nats-server Not in release
Show less packages

CVE-2026-58209

Medium priority

Not in release

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, MQTT retained message delivery and QoS1+ durable replay could deliver messages whose original topics...

1 affected package

nats-server

Package 22.04 LTS
nats-server Not in release
Show less packages

CVE-2026-55404

Medium priority
Needs evaluation

yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to 2026.7.4, the --write-link, --write-url-link, and --write-desktop-link options can write .url or .desktop shortcut files using...

2 affected packages

youtube-dl, yt-dlp

Package 22.04 LTS
youtube-dl Needs evaluation
yt-dlp Needs evaluation
Show less packages

CVE-2026-53624

Medium priority

Not in release

Fiber is an Express inspired web framework written in Go. Prior to 3.4.0, the helmet middleware in middleware/helmet/helmet.go never sets the Strict-Transport-Security response header even when HSTSMaxAge is configured because it...

2 affected packages

golang-github-gofiber-fiber, golang-github-gofiber-fiber-v2

Package 22.04 LTS
golang-github-gofiber-fiber Not in release
golang-github-gofiber-fiber-v2 Not in release
Show less packages

CVE-2026-45045

Medium priority

Not in release

Fiber is an Express inspired web framework written in Go. Prior to 3.3.0 and 2.52.14, the BalancerForward proxy helper in middleware/proxy/proxy.go uses Header.Add() instead of Header.Set() when injecting X-Real-IP, allowing an...

2 affected packages

golang-github-gofiber-fiber, golang-github-gofiber-fiber-v2

Package 22.04 LTS
golang-github-gofiber-fiber Not in release
golang-github-gofiber-fiber-v2 Not in release
Show less packages

CVE-2026-44512

Medium priority
Needs evaluation

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.version_converter.convert_version() can dereference a null pointer in Upsample_6_7::adapt_upsample_6_7()...

1 affected package

onnx

Package 22.04 LTS
onnx Needs evaluation
Show less packages

CVE-2026-44332

Medium priority

Not in release

Fiber is an Express inspired web framework written in Go. Prior to 3.3.0, the default Authorizer function in the BasicAuth middleware in middleware/basicauth/config.go uses short-circuit evaluation that skips password hash...

1 affected package

golang-github-gofiber-fiber

Package 22.04 LTS
golang-github-gofiber-fiber Not in release
Show less packages

CVE-2026-14891

Medium priority

Not in release

HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into a container even when volume bind mounts are disabled, potentially...

1 affected package

nomad

Package 22.04 LTS
nomad Not in release
Show less packages

CVE-2026-14373

Medium priority

Not in release

HashiCorp Nomad and Nomad Enterprise did not enforce the allow_privileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace...

1 affected package

nomad

Package 22.04 LTS
nomad Not in release
Show less packages

CVE-2026-59938

Medium priority
Needs evaluation

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image...

2 affected packages

pypdf, pypdf2

Package 22.04 LTS
pypdf Not in release
pypdf2 Needs evaluation
Show less packages