search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2026-07-16 2026-07-16 2026-07-17 VU#885548 Denial-of-service vulnerability in HTTP/2 servers via stalled flow-control conditions
2026-07-16 2026-07-16 2026-07-16 VU#326070 SGLang contains a vulnerable pickle deserialization vulnerability through the expert-parallel subsystem
2026-07-15 2026-07-15 2026-07-15 VU#529388 Privilege escalation vulnerability via unprotected IOCTL interface in Pegatron Tdelo64.sys
2026-07-15 2026-07-15 2026-07-15 VU#725167 node-forge Signature Forgery Vulnerabilities in RSA-PKCS and ED25519 Implementations
2026-07-10 2026-07-10 2026-07-10 VU#564823 GNU Wget enables SSRF via unvalidated FTP PASV IPs
2026-07-09 2026-07-09 2026-07-09 VU#152953 PayRange Android app version 7.0.7 contains multiple vulnerabilities
2026-07-09 2026-07-09 2026-07-09 VU#734812 Xerte Online Toolkit contains an authentication bypass that allows for RCE
2026-07-08 2026-07-08 2026-07-08 VU#849433 Adalo Database API Enables Cross-App User Data Extraction via Over-Fetching and Missing Authorization Controls
2026-07-06 2026-07-06 2026-07-06 VU#213560 Tenda firmware (multiple versions) contains hidden authentication backdoor
2026-07-06 2026-07-06 2026-07-06 VU#828543 HP Deskjet 2800 Printer Series Webservers contain Missing Authorization Vulnerability
2026-07-02 2026-07-02 2026-07-02 VU#639124 Multiple local privilege escalation vulnerabilities in Little Orbits GameFirst Anti-Cheat
2026-06-22 2026-06-22 2026-06-22 VU#936962 Multiple file parsing vulnerabilities in FastStone Image Viewer 8.3.0.0
2026-06-22 2026-06-22 2026-07-06 VU#226679 Microsoft WinRE allows for bypass of UEFI/BIOS password enforcement
2026-06-18 2026-06-18 2026-06-23 VU#457458 Vendor-signed UEFI applications found vulnerable to Secure Boot bypass
2026-06-17 2026-06-17 2026-06-17 VU#380058 SignalRGB kernel driver contains improper access control and IOCTL vulnerabilities

Sponsored by CISA.