CVE Security

medium 4.6

05/05/2026

Vulnérabilité medium détectée - CVE-2026-41398

OpenClaw before 2026.4.2 contains an improper access control vulnerability in the iOS A2UI bridge that treats generic local-network pages as trusted o...

iOS Mobile

CVE-2026-41398

Lire l'article

medium 6.5

05/05/2026

Vulnérabilité medium détectée - CVE-2026-24204

NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vu...

iOS Linux

CVE-2026-24204

Lire l'article

high 8.8

05/05/2026

Vulnérabilité high détectée - CVE-2026-24186

NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded...

iOS Linux

CVE-2026-24186

Lire l'article

critical 9.8

05/05/2026

Vulnérabilité critical détectée - CVE-2026-24178

NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authori...

iOS Linux

CVE-2026-24178

Lire l'article

high 7.3

04/05/2026

Vulnérabilité high détectée - CVE-2026-7146

A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulner...

iOS Mobile

CVE-2026-7146

Lire l'article

unknown

04/05/2026

Vulnérabilité unknown détectée - CVE-2025-15626

Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application

iOS Mobile

CVE-2025-15626

Lire l'article

high 8.8

01/05/2026

Vulnérabilité high détectée - CVE-2026-41429

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remot...

iOS Mobile

CVE-2026-41429

Lire l'article

medium 6.5

01/05/2026

Vulnérabilité medium détectée - CVE-2026-42044

Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.2, he Axios library is vulnerable to a Prototype Pollution...

Applications iOS Mobile

CVE-2026-42044

Lire l'article

medium 5.3

01/05/2026

Vulnérabilité medium détectée - CVE-2026-42034

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, for stream request bodies, maxBodyLength is bypassed whe...

Applications iOS Mobile

CVE-2026-42034

Lire l'article

high 7.4

01/05/2026

Vulnérabilité high détectée - CVE-2026-42035

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP ad...

Applications iOS Mobile

CVE-2026-42035

Lire l'article

medium 5.3

01/05/2026

Vulnérabilité medium détectée - CVE-2026-42036

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when responseType: 'stream' is used, Axios returns the r...

Applications iOS Mobile

CVE-2026-42036

Lire l'article

medium 5.3

01/05/2026

Vulnérabilité medium détectée - CVE-2026-42037

Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.1, the FormDataPart constructor in lib/helpers/formDataToS...

Applications iOS Mobile

CVE-2026-42037

Lire l'article