| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-35671 | phpMyFAQ - Insecure Direct Object Reference in User Password API | thorsten | phpMyFAQ | High | 8.8 | 2026-05-28 14:13:13 | Deep Dive |
| CVE-2026-8990 | Authentication Bypass in Kidsview | View Concept | Kidsview | - | - | 2026-05-28 13:27:00 | Deep Dive |
| CVE-2026-49237 | Local Privilege Escalation in Canonical Multipass | Canonical | Multipass | High | 7.8 | 2026-05-28 13:22:43 | Deep Dive |
| CVE-2026-49238 | SFTP Server VM Escape in Canonical Multipass | Canonical | Multipass | High | 8.4 | 2026-05-28 13:22:26 | Deep Dive |
| CVE-2026-42250 | Off-by-One Leading to Out-of-Bounds Write in bzip2 | bzip2 | bzip2 | - | - | 2026-05-28 13:15:20 | Deep Dive |
| CVE-2026-8980 | Privilege Escalation | Mennekes | Amtron | - | - | 2026-05-28 13:12:34 | Deep Dive |
| CVE-2026-8979 | Authentication Bypass | Mennekes | Amtron | - | - | 2026-05-28 13:05:40 | Deep Dive |
| CVE-2026-9828 | Logback deserialization whitelist bypass for java.lang and java.util | QOS.CH Sarl | logback | - | - | 2026-05-28 12:52:46 | Deep Dive |
| CVE-2026-40914 | Apache Artemis Stomp Protocol, Apache ActiveMQ Artemis Stomp Protocol: Address routing-type can be updated by STOMP protocol user without the createAddress permission | Apache Software Foundation | Apache Artemis Stomp Protocol | - | - | 2026-05-28 12:28:26 | Deep Dive |
| CVE-2026-9658 | Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths | RRWO | Plack::Middleware::Security::Common | - | - | 2026-05-28 11:36:51 | Deep Dive |
| CVE-2026-46241 | spi: mpc52xx: fix use-after-free on registration failure | Linux | Linux | - | - | 2026-05-28 09:41:09 | Deep Dive |
| CVE-2026-46239 | media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl | Linux | Linux | - | - | 2026-05-28 09:41:08 | Deep Dive |
| CVE-2026-46240 | media: iris: Fix use-after-free in iris_release_internal_buffers() | Linux | Linux | High | 7.8 | 2026-05-28 09:41:08 | Deep Dive |
| CVE-2026-46238 | batman-adv: stop caching unowned originator pointers in BAT IV | Linux | Linux | High | 8.8 | 2026-05-28 09:41:07 | Deep Dive |
| CVE-2026-46237 | drm/amdgpu/vcn3: Avoid overflow on msg bound check | Linux | Linux | High | 7.1 | 2026-05-28 09:41:06 | Deep Dive |
| CVE-2026-46236 | media: rc: xbox_remote: heed DMA restrictions | Linux | Linux | - | - | 2026-05-28 09:41:05 | Deep Dive |
| CVE-2026-46235 | media: saa7164: add ioremap return checks and cleanups | Linux | Linux | - | - | 2026-05-28 09:41:04 | Deep Dive |
| CVE-2026-46234 | vsock: fix buffer size clamping order | Linux | Linux | - | - | 2026-05-28 09:40:58 | Deep Dive |
| CVE-2026-46233 | batman-adv: bla: only purge non-released claims | Linux | Linux | - | - | 2026-05-28 09:40:55 | Deep Dive |
| CVE-2026-46232 | HID: playstation: Clamp num_touch_reports | Linux | Linux | High | 8.1 | 2026-05-28 09:40:54 | Deep Dive |