search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2025-06-10 2025-06-10 2026-02-13 VU#806555 A Vulnerability in UEFI Applications allows for secure boot bypass via misused NVRAM variable
2026-02-12 2026-02-12 2026-02-12 VU#504749 PyMuPDF path traversal and arbitrary file write vulnerabilities
2026-02-10 2026-02-10 2026-02-10 VU#458422 CASL Ability contains a prototype pollution vulnerability
2026-01-20 2026-01-20 2026-01-27 VU#481830 Libheif uncompressed codec lacks bounds check leading to application crash
2026-01-20 2026-01-20 2026-01-21 VU#102648 Code injection vulnerability in binary-parser library
2026-01-20 2026-01-20 2026-01-20 VU#458022 Open5GS WebUI uses a hard-coded secrets including JSON Web Token signing key
2026-01-20 2026-01-20 2026-01-20 VU#244846 Server-Side Template Injection (SSTI) vulnerability exist in Genshi
2026-01-20 2026-01-20 2026-01-20 VU#271649 Stack-based buffer overflow in libtasn1 versions v4.20.0 and earlier
2026-01-20 2026-01-20 2026-01-20 VU#818729 Safetica contains a kernel driver vulnerability
2026-01-20 2026-01-20 2026-01-20 VU#924114 dr_flac contains an integer overflow vulnerability that allows for DoS when provided a crafted file
2026-01-16 2026-01-16 2026-01-16 VU#383552 thelibrarian does not secure its interface, allowing for access to internal system data
2026-01-16 2026-01-16 2026-01-16 VU#650657 Livewire Filemanager contains an insecure .php component that allows for unauthenticated RCE in Laravel Products
2026-01-15 2026-01-15 2026-01-15 VU#472136 Information Leak and DoS Vulnerabilities in Redmi Buds 3 Pro through 6 Pro
2026-01-09 2026-01-09 2026-01-09 VU#361400 BeeS Software Solutions BeeS Examination Tool (BET) portal contains SQL injection vulnerability
2026-01-06 2026-01-06 2026-01-06 VU#295169 TOTOLINK EX200 firmware-upload error handling can activate an unauthenticated root telnet service

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis