Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.3 CVE-2026-56700

Grav – Multiple Remote Code Execution Vulnerabilities via Unsafe Unserialize and Command Injection_CVE-2026-56700

Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls - in Scheduler\JobQueue, Framework\...

Grav Grav CVE
MEDIUM 5.3 CVE-2026-56399

Open WebUI – Server-Side Request Forgery via Location Redirect in /api/v1/retrieval/process/web_CVE-2026-56399

Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticat...

open-webui open-webui CVE
MEDIUM 4.8 CVE-2026-56377

ImageMagick – Policy Bypass via Incorrect Path Validation_CVE-2026-56377

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. R...

ImageMagick ImageMagick CVE
MEDIUM 6.3 CVE-2026-56369

ImageMagick – Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage_CVE-2026-56369

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attacke...

ImageMagick ImageMagick CVE
MEDIUM 6.3 CVE-2026-56365

ImageMagick – Memory Leak in PNG Encoder via MNG Image Writing_CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder fail...

ImageMagick ImageMagick CVE
LOW 1.8 CVE-2026-56364

ImageMagick – Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML_CVE-2026-56364

ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profi...

ImageMagick ImageMagick CVE
MEDIUM 4.8 CVE-2026-56363

ImageMagick – Division by Zero in Binomial Kernel Processing_CVE-2026-56363

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of servic...

ImageMagick ImageMagick CVE
MEDIUM 4.8 CVE-2026-56361

ImageMagick – Heap Buffer Overflow via Off-by-One in Morphology Processing_CVE-2026-56361

ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger h...

ImageMagick ImageMagick CVE
MEDIUM 5.1 CVE-2026-56356

n8n – Stored Cross-Site Scripting in Chat Trigger Node Custom CSS Field_CVE-2026-56356

n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html...

n8n n8n CVE
MEDIUM 6 CVE-2026-56350

n8n – SSO Enforcement Bypass via API_CVE-2026-56350

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attac...

n8n n8n CVE