Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.9 CVE-2026-55577

ImageMagick: Heap Buffer Overflow in ImageMagick MVG decoder_CVE-2026-55577

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buf...

ImageMagick ImageMagick >= 7.0.1-0, < 7.1.2-26 CVE
MEDIUM 5.5 CVE-2026-55510

ImageMagick: Use-After-Free in crafted 8BIM when identifying an image_CVE-2026-55510

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when ident...

ImageMagick ImageMagick >= 7.0.1-0, < 7.1.2-26 CVE
MEDIUM 5.3 CVE-2026-53467

ImageMagick: Information Disclosure in MNG decoder because allocated memory is left unchanged_CVE-2026-53467

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG de...

ImageMagick ImageMagick < 6.9.13-51 CVE
HIGH 8.7 CVE-2026-49119

Gradio < 6.16.0 Path Traversal via FileExplorer.preprocess()_CVE-2026-49119

Gradio before 6.16.0 contain a path traversal vulnerability in the FileExplorer component's preprocess() method that allows unauthenticated attacke...

gradio-app gradio CVE
HIGH 7.3 CVE-2026-41121

CVE-2026-41121_CVE-2026-41121

Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access ('Link Following’) vulnerability...

Dell Device Management Agent CVE
MEDIUM 6.9 CVE-2026-14358

Stored XSS in Wikimedia Chart pie tooltip via Data:*.tab field title_CVE-2026-14358

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - Charts E...

The Wikimedia Foundation Mediawiki - Charts Extension * CVE
MEDIUM 5.5 CVE-2026-13769

Overly permissive File Permissions in AWS CLI_CVE-2026-13769

Overly permissive file permissions in AWS CLI before 1.44.78 (v1) and 2.34.29 (v2) on Unix-like systems where the umask has not been configured to ...

AWS AWS CLI CVE
HIGH 7.3 CVE-2026-13760

OS Command Injection in aws-cdk-lib Docker Bundling_CVE-2026-13760

OS command injection in the NodejsFunction Docker bundling pipeline (OsCommand helper) in AWS aws-cdk-lib on all platforms might allow a actor who ...

AWS AWS CDK CVE
HIGH 7.5 CVE-2026-58593

NodeBB – ActivityPub Author Spoofing via Unvalidated attributedTo Mapped to Local User_CVE-2026-58593

NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTT...

NodeBB NodeBB 4.13.2 CVE
HIGH 8.3 CVE-2026-58592

Ladybird – Web-Reachable Code Execution via Dangling FunctionType Reference in WebAssembly ESM Integration_CVE-2026-58592

Ladybird contains a dangling-reference memory-safety flaw in its WebAssembly ESM-integration module loader. When a JavaScript function is imported ...

LadybirdBrowser Ladybird CVE