Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-49090

Uncontrolled Resource Consumption in Elasticsearch Leading to Denial of Service_CVE-2026-49090

Uncontrolled Resource Consumption (CWE-400) in Elasticsearch can lead to a denial of service via Excessive Allocation (CAPEC-130). An authenticated...

Elastic Elasticsearch 8.0.0 CVE
MEDIUM 5.5 CVE-2026-55628

ImageMagick: Policy Bypass in concatenate operation due to missing checks_CVE-2026-55628

In versions prior to 7.1.2-26he, the `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths ...

ImageMagick ImageMagick < 7.1.2-26 CVE
MEDIUM 6.5 CVE-2026-53466

ImageMagick: Heap Buffer Over-Read in XCF decoder due to integer conversion overflow_CVE-2026-53466

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer...

ImageMagick ImageMagick < 6.9.13-51 CVE
MEDIUM 5.6 CVE-2026-50195

containerd: CRI checkpoint import allows local image tag poisoning_CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import proce...

containerd containerd >= 2.1.0, < 2.1.9 CVE
MEDIUM 5.3 CVE-2026-47262

containerd image-triggered runtime DoS via unbounded group parsing_CVE-2026-47262

containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a mal...

containerd containerd >= 1.7.0, < 1.7.33 CVE
MEDIUM 6.5 CVE-2026-14156

CVE-2026-14156_CVE-2026-14156

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rende...

Google Chrome 150.0.7871.47 CVE
MEDIUM 4.3 CVE-2026-14150

CVE-2026-14150_CVE-2026-14150

Insufficient validation of untrusted input in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rend...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.1 CVE-2026-14147

CVE-2026-14147_CVE-2026-14147

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) vi...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.5 CVE-2026-14146

CVE-2026-14146_CVE-2026-14146

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML ...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.1 CVE-2026-14145

CVE-2026-14145_CVE-2026-14145

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) vi...

Google Chrome 150.0.7871.47 CVE