| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-50223 | Apache OFBiz: DataResource Low-Privileged Authenticated FreeMarker Template Injection Leads to Remote Code Execution | Apache Software Foundation | Apache OFBiz | - | - | 2026-06-10 22:23:50 | Deep Dive |
| CVE-2026-46695🧪 | BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files | boxlite-ai | boxlite | Critical | 10.0 | 2026-06-10 22:20:45 | Deep Dive |
| CVE-2026-46703🧪 | BoxLite: Path Traversal Vulnerability in boxlite Leads to Arbitrary File Write on the Host | boxlite-ai | boxlite | Critical | 9.6 | 2026-06-10 22:20:25 | Deep Dive |
| CVE-2026-47213 | BoxLite: Timeout Bypass Vulnerability | boxlite-ai | boxlite | Medium | 6.5 | 2026-06-10 22:20:04 | Deep Dive |
| CVE-2026-42568💣 | Yamcs Vulnerable to LDAP Injection in LdapAuthModule | yamcs | yamcs | Medium | 4.3 | 2026-06-10 22:15:52 | Deep Dive |
| CVE-2026-52726🧪 | Dulwich's submodule path traversal in porcelain.submodule_update / porcelain.clone(recurse_submodules=True) yields RCE via attacker-dropped .git/hooks payload | jelmer | dulwich | High | 7.5 | 2026-06-10 22:13:33 | Deep Dive |
| CVE-2026-44693🧪 | Pi-hole FTL: Unauthenticated Session Hijacking via Race Condition on Global Session Buffer | pi-hole | FTL | High | 8.8 | 2026-06-10 22:11:29 | Deep Dive |
| CVE-2026-47734 | Dulwich has unbounded memory allocation in receive-pack from crafted thin packs | jelmer | dulwich | Medium | 5.7 | 2026-06-10 22:11:03 | Deep Dive |
| CVE-2026-53465 | ImageMagick: Heap Buffer Over-Write in SF3 encoder when writing multi-frame image | ImageMagick | ImageMagick | Medium | 6.2 | 2026-06-10 22:07:51 | Deep Dive |
| CVE-2026-53464 | ImageMagick: Memory Leak in wand option parser when providing invalid arguments | ImageMagick | ImageMagick | Medium | 4.0 | 2026-06-10 22:07:07 | Deep Dive |
| CVE-2026-53463 | ImageMagick: Null Pointer Dereference in distort operation when passing incorrect arguments | ImageMagick | ImageMagick | Medium | 4.3 | 2026-06-10 22:05:59 | Deep Dive |
| CVE-2026-53462 | ImageMagick: Use-After-Free when allocation in CheckPrimitiveExtent fails | ImageMagick | ImageMagick | Medium | 5.9 | 2026-06-10 22:04:54 | Deep Dive |
| CVE-2026-53461🧪 | ImageMagick: Out-of-bounds write in ICON decoder due to incorrect loop | ImageMagick | ImageMagick | High | 7.5 | 2026-06-10 22:03:11 | Deep Dive |
| CVE-2026-53460🧪 | ImageMagick: Policy Bypass can trigger out-of-Memory condition | ImageMagick | ImageMagick | High | 7.5 | 2026-06-10 22:02:23 | Deep Dive |
| CVE-2026-47712 | Dulwich doesn't sanitize commit subjects in `porcelain.format_patch` | jelmer | dulwich | Low | 3.3 | 2026-06-10 22:01:50 | Deep Dive |
| CVE-2026-49219 | ImageMagick: Policy Bypass can read disallowed files | ImageMagick | ImageMagick | Medium | 5.5 | 2026-06-10 22:00:27 | Deep Dive |
| CVE-2026-49218🧪 | ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions | ImageMagick | ImageMagick | High | 7.5 | 2026-06-10 21:59:04 | Deep Dive |
| CVE-2026-48994 | ImageMagick: Heap Buffer Over-Write in MAT decoder on 32-bit systems | ImageMagick | ImageMagick | Medium | 5.9 | 2026-06-10 21:58:15 | Deep Dive |
| CVE-2026-48734 | ImageMagick: Stack Overflow in MVG decoder | ImageMagick | ImageMagick | Medium | 5.5 | 2026-06-10 21:56:00 | Deep Dive |
| CVE-2026-42305🧪 | Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows | jelmer | dulwich | High | 8.8 | 2026-06-10 21:55:31 | Deep Dive |