Search CVE reports


Toggle filters

381 – 390 of 43971 results

Status is adjusted based on your filters.


CVE-2026-59937

Medium priority
Needs evaluation

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table...

2 affected packages

pypdf, pypdf2

Package 22.04 LTS
pypdf Not in release
pypdf2 Needs evaluation
Show less packages

CVE-2026-50813

Medium priority
Needs evaluation

An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension changeset concat/changegroup merge path

2 affected packages

sqlite, sqlite3

Package 22.04 LTS
sqlite Needs evaluation
sqlite3 Needs evaluation
Show less packages

CVE-2026-50812

Medium priority
Needs evaluation

A NULL pointer dereference in the SQLite Session Extension in SQLite 3.53.1 and SQLite trunk builds before check-in e807d4e3798efd53 allows an attacker who can supply a malformed changeset blob to cause a denial of service....

2 affected packages

sqlite, sqlite3

Package 22.04 LTS
sqlite Needs evaluation
sqlite3 Needs evaluation
Show less packages

CVE-2026-60102

Medium priority

Not in release

Horde Virtual File System (VFS) API before 3.0.1 contains an OS command injection vulnerability in the Horde_Vfs_Smb driver where the _escapeShellCommand() method fails to sanitize command substitution sequences, allowing...

1 affected package

php-horde-vfs

Package 22.04 LTS
php-horde-vfs Not in release
Show less packages

CVE-2026-59930

Medium priority
Needs evaluation

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text,...

1 affected package

mistune

Package 22.04 LTS
mistune Needs evaluation
Show less packages

CVE-2026-59929

Medium priority
Needs evaluation

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safe_url filter in src/mistune/renderers/html.py blocks only javascript:, vbscript:, file:, and data: schemes, allowing legacy or chained schemes...

1 affected package

mistune

Package 22.04 LTS
mistune Needs evaluation
Show less packages

CVE-2026-59928

Medium priority
Needs evaluation

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a Markdown document containing many repeated or distinct reference-link definitions causes quadratic work in src/mistune/block_parser.py and the...

1 affected package

mistune

Package 22.04 LTS
mistune Needs evaluation
Show less packages

CVE-2026-59927

Medium priority
Needs evaluation

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that...

1 affected package

mistune

Package 22.04 LTS
mistune Needs evaluation
Show less packages

CVE-2026-59926

Medium priority
Needs evaluation

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_admonition() in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without...

1 affected package

mistune

Package 22.04 LTS
mistune Needs evaluation
Show less packages

CVE-2026-59925

Medium priority
Needs evaluation

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, long sequences of well-formed double-asterisk or triple-asterisk emphasis pairs around a character cause quadratic work...

1 affected package

mistune

Package 22.04 LTS
mistune Needs evaluation
Show less packages