CVE Security

critical 9.9

29/05/2026

Vulnérabilité critical détectée - CVE-2026-40411

Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.

Windows

CVE-2026-40411

Lire l'article

high 8.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-41075

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection...

Web

CVE-2026-41075

Lire l'article

high 8.1

29/05/2026

Vulnérabilité high détectée - CVE-2026-41076

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authen...

Applications

CVE-2026-41076

Lire l'article

high 8.7

29/05/2026

Vulnérabilité high détectée - CVE-2026-41147

NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability caused by insuf...

Web

CVE-2026-41147

Lire l'article

critical 10

29/05/2026

Vulnérabilité critical détectée - CVE-2026-23652

Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execut...

Windows

CVE-2026-23652

Lire l'article

high 7.5

29/05/2026

Vulnérabilité high détectée - CVE-2026-23663

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.

Windows

CVE-2026-23663

Lire l'article

high 7.7

29/05/2026

Vulnérabilité high détectée - CVE-2026-26147

Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network.

Windows

CVE-2026-26147

Lire l'article

critical 9.1

29/05/2026

Vulnérabilité critical détectée - CVE-2026-33843

Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges...

Windows

CVE-2026-33843

Lire l'article

high 8.2

29/05/2026

Vulnérabilité high détectée - CVE-2026-5843

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files f...

Applications iOS

CVE-2026-5843

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-3294

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a lo...

Applications

CVE-2026-3294

Lire l'article

medium 5.4

29/05/2026

Vulnérabilité medium détectée - CVE-2026-40864

JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection (update...

Applications

CVE-2026-40864

Lire l'article

medium 6.5

29/05/2026

Vulnérabilité medium détectée - CVE-2026-41069

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds ...

Applications

CVE-2026-41069

Lire l'article