Search CVE reports

111 – 120 of 26524 results

Detailed view

Sort by:

Status is adjusted based on your filters.

CVE-2026-39826

Medium priority

Needs evaluation

If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the <script> block.

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package	26.04 LTS
golang	Not in release
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release
golang-1.10	Not in release
golang-1.13	Not in release
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Not in release
golang-1.18	Not in release
golang-1.20	Not in release
golang-1.21	Not in release
golang-1.22	Not in release
golang-1.23	Needs evaluation
golang-1.24	Needs evaluation
golang-1.25	Needs evaluation

CVE-2026-39819

Medium priority

Needs evaluation

The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one of these names, causing "go...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package	26.04 LTS
golang	Not in release
golang-1.6	Not in release
golang-1.8	Not in release
golang-1.9	Not in release
golang-1.10	Not in release
golang-1.13	Not in release
golang-1.14	Not in release
golang-1.16	Not in release
golang-1.17	Not in release
golang-1.18	Not in release
golang-1.20	Not in release
golang-1.21	Not in release
golang-1.22	Not in release
golang-1.23	Needs evaluation
golang-1.24	Needs evaluation
golang-1.25	Needs evaluation

CVE-2026-34159

Medium priority

Not affected

(llama.cpp is an inference of several LLM models in C/C++. Prior to ver ...)

1 affected package

llama.cpp

Package	26.04 LTS
llama.cpp	Not affected

CVE-2026-33814

Medium priority

Needs evaluation

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.

7 affected packages

golang-golang-x-net, google-guest-agent, containerd, golang-golang-x-net-dev, adsys...

Package	26.04 LTS
golang-golang-x-net	Needs evaluation
google-guest-agent	Needs evaluation
containerd	Needs evaluation
golang-golang-x-net-dev	Not in release
adsys	Needs evaluation
juju-core	Not in release
lxd	Not in release

CVE-2026-33317

Medium priority

Needs evaluation

(OP-TEE is a Trusted Execution Environment (TEE) designed as companion ...)

1 affected package

optee-os

Package	26.04 LTS
optee-os	Needs evaluation

CVE-2026-22741

Medium priority

Needs evaluation

(Spring MVC and WebFlux applications are vulnerable to cache poisoning ...)

1 affected package

libspring-java

Package	26.04 LTS
libspring-java	Needs evaluation

CVE-2025-71300

Medium priority

Needs evaluation

In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree" This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically...

157 affected packages

linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...

Package	26.04 LTS
linux	Needs evaluation
linux-hwe	Not in release
linux-hwe-5.4	Not in release
linux-hwe-5.8	Not in release
linux-hwe-5.11	Not in release
linux-hwe-5.13	Not in release
linux-hwe-5.15	Not in release
linux-hwe-5.19	Not in release
linux-hwe-6.2	Not in release
linux-hwe-6.5	Not in release
linux-hwe-6.8	Not in release
linux-hwe-6.11	Not in release
linux-hwe-6.14	Not in release
linux-hwe-6.17	Not in release
linux-hwe-edge	Not in release
linux-lts-xenial	Not in release
linux-kvm	Not in release
linux-allwinner-5.19	Not in release
linux-aws	Needs evaluation
linux-aws-5.0	Not in release
linux-aws-5.3	Not in release
linux-aws-5.4	Not in release
linux-aws-5.8	Not in release
linux-aws-5.11	Not in release
linux-aws-5.13	Not in release
linux-aws-5.15	Not in release
linux-aws-5.19	Not in release
linux-aws-6.2	Not in release
linux-aws-6.5	Not in release
linux-aws-6.8	Not in release
linux-aws-6.14	Not in release
linux-aws-6.17	Not in release
linux-aws-hwe	Not in release
linux-azure	Needs evaluation
linux-azure-4.15	Not in release
linux-azure-5.3	Not in release
linux-azure-5.4	Not in release
linux-azure-5.8	Not in release
linux-azure-5.11	Not in release
linux-azure-5.13	Not in release
linux-azure-5.15	Not in release
linux-azure-5.19	Not in release
linux-azure-6.2	Not in release
linux-azure-6.5	Not in release
linux-azure-6.8	Not in release
linux-azure-6.11	Not in release
linux-azure-6.14	Not in release
linux-azure-6.17	Not in release
linux-azure-fde	Needs evaluation
linux-azure-fde-5.15	Not in release
linux-azure-fde-5.19	Not in release
linux-azure-fde-6.2	Not in release
linux-azure-fde-6.8	Not in release
linux-azure-fde-6.14	Not in release
linux-azure-fde-6.17	Not in release
linux-azure-nvidia	Not in release
linux-azure-nvidia-6.14	Not in release
linux-bluefield	Not in release
linux-azure-edge	Not in release
linux-fips	Not in release
linux-aws-fips	Not in release
linux-azure-fips	Not in release
linux-gcp-fips	Not in release
linux-gcp	Needs evaluation
linux-gcp-4.15	Not in release
linux-gcp-5.3	Not in release
linux-gcp-5.4	Not in release
linux-gcp-5.8	Not in release
linux-gcp-5.11	Not in release
linux-gcp-5.13	Not in release
linux-gcp-5.15	Not in release
linux-gcp-5.19	Not in release
linux-gcp-6.2	Not in release
linux-gcp-6.5	Not in release
linux-gcp-6.8	Not in release
linux-gcp-6.11	Not in release
linux-gcp-6.14	Not in release
linux-gcp-6.17	Not in release
linux-gke	Not in release
linux-gke-4.15	Not in release
linux-gke-5.4	Not in release
linux-gke-5.15	Not in release
linux-gkeop	Not in release
linux-gkeop-5.4	Not in release
linux-gkeop-5.15	Not in release
linux-ibm	Needs evaluation
linux-ibm-5.4	Not in release
linux-ibm-5.15	Not in release
linux-ibm-6.8	Not in release
linux-intel-5.13	Not in release
linux-intel-iotg	Not in release
linux-intel-iotg-5.15	Not in release
linux-iot	Not in release
linux-intel-iot-realtime	Not in release
linux-lowlatency	Not in release
linux-lowlatency-hwe-5.15	Not in release
linux-lowlatency-hwe-5.19	Not in release
linux-lowlatency-hwe-6.2	Not in release
linux-lowlatency-hwe-6.5	Not in release
linux-lowlatency-hwe-6.8	Not in release
linux-lowlatency-hwe-6.11	Not in release
linux-nvidia	Needs evaluation
linux-nvidia-6.2	Not in release
linux-nvidia-6.5	Not in release
linux-nvidia-6.8	Not in release
linux-nvidia-6.11	Not in release
linux-nvidia-lowlatency	Not in release
linux-nvidia-tegra	Not in release
linux-nvidia-tegra-5.15	Not in release
linux-nvidia-tegra-igx	Not in release
linux-oracle	Needs evaluation
linux-oracle-5.0	Not in release
linux-oracle-5.3	Not in release
linux-oracle-5.4	Not in release
linux-oracle-5.8	Not in release
linux-oracle-5.11	Not in release
linux-oracle-5.13	Not in release
linux-oracle-5.15	Not in release
linux-oracle-6.5	Not in release
linux-oracle-6.8	Not in release
linux-oracle-6.14	Not in release
linux-oracle-6.17	Not in release
linux-oem	Not in release
linux-oem-5.6	Not in release
linux-oem-5.10	Not in release
linux-oem-5.13	Not in release
linux-oem-5.14	Not in release
linux-oem-5.17	Not in release
linux-oem-6.0	Not in release
linux-oem-6.1	Not in release
linux-oem-6.5	Not in release
linux-oem-6.8	Not in release
linux-oem-6.11	Not in release
linux-oem-6.14	Not in release
linux-oem-6.17	Not in release
linux-raspi	Needs evaluation
linux-raspi2	Not in release
linux-raspi-5.4	Not in release
linux-raspi-realtime	Not in release
linux-realtime	Needs evaluation
linux-realtime-6.8	Not in release
linux-realtime-6.14	Not in release
linux-riscv	Needs evaluation
linux-riscv-5.8	Not in release
linux-riscv-5.11	Not in release
linux-riscv-5.15	Not in release
linux-riscv-5.19	Not in release
linux-riscv-6.5	Not in release
linux-riscv-6.8	Not in release
linux-riscv-6.14	Not in release
linux-riscv-6.17	Not in release
linux-starfive-5.19	Not in release
linux-starfive-6.2	Not in release
linux-starfive-6.5	Not in release
linux-xilinx	Not in release
linux-xilinx-zynqmp	Not in release
linux-realtime-6.17	Not in release

CVE-2025-14179

Medium priority

Not in release

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a...

7 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package	26.04 LTS
php5	Not in release
php7.0	Not in release
php7.2	Not in release
php7.4	Not in release
php8.1	Not in release
php8.3	Not in release
php8.4	Not in release

CVE-2022-50943

Medium priority

Not in release

Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the...

1 affected package

moodle

Package	26.04 LTS
moodle	Not in release

CVE-2026-45186

Medium priority

Needs evaluation

In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.

23 affected packages

expat, apache2, apr-util, cmake, ghostscript...

Package	26.04 LTS
expat	Needs evaluation
apache2	Not affected
apr-util	Not affected
cmake	Not affected
ghostscript	Not affected
texlive-bin	Not affected
xmlrpc-c	Needs evaluation
vnc4	Not in release
wbxml2	Needs evaluation
swish-e	Needs evaluation
insighttoolkit4	Not in release
cadaver	Needs evaluation
gdcm	Not affected
ayttm	Not in release
cableswig	Not in release
coin3	Not affected
matanza	Ignored
tdom	Needs evaluation
vtk	Not in release
smart	Not in release
firefox	Not affected
thunderbird	Not affected
libxmltok	Not in release

Export to JSON

Results by page: