Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.7 CVE-2026-58399

@acastellon/auth has an authentication bypass via spoofable headers in validateToken()_CVE-2026-58399

@acastellon/auth is an authentication control system for microservices. Versions prior to 2.3.0 appear to allow an unauthenticated authentication b...

antonio-castellon module-auth < 2.3.0 CVE
HIGH 8.2 CVE-2026-2891

Poly Voice Devices (CCX, Trio, Edge E) – Potential Denial of Service_CVE-2026-2891

The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect to a malicious SIP server and receive malformed dat...

HP Inc CCX CVE
HIGH 7.7 CVE-2026-13602

Session takeover vulnerability_CVE-2026-13602

We found a chain of combining multiple weaknesses in the product that could allow an attacker to become any user in the backend and access any data...

pretix pretix 4.14.0 CVE
HIGH 7.5 CVE-2026-24264

CVE-2026-24264_CVE-2026-24264

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A succes...

NVIDIA Triton Inference Server 0.0 - 26.03 CVE
HIGH 8.5 CVE-2026-24260

CVE-2026-24260_CVE-2026-24260

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful ...

NVIDIA Container Toolkit All versions up to and including 1.19.0 CVE
HIGH 7.8 CVE-2026-24251

CVE-2026-24251_CVE-2026-24251

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A s...

NVIDIA Megatron-Bridge Versions 0.0 to 0.4.0 CVE
HIGH 7.8 CVE-2026-24250

CVE-2026-24250_CVE-2026-24250

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit...

NVIDIA Megatron-Bridge Versions 0.0 to 0.4.0 CVE
HIGH 7.8 CVE-2026-24249

CVE-2026-24249_CVE-2026-24249

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of ...

NVIDIA Megatron-Bridge Versions 0.0 to 0.4.0 CVE
HIGH 7.8 CVE-2026-24248

CVE-2026-24248_CVE-2026-24248

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit o...

NVIDIA Megatron-Bridge Versions 0.0 to 0.4.0 CVE
HIGH 8.8 CVE-2026-14040

CVE-2026-14040_CVE-2026-14040

Use after free in BrowserTag in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to p...

Google Chrome 150.0.7871.47 CVE