CVE.report search for "CVE-2026-45028"
Listed below are 50 relevant search results for "CVE-2026-45028" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-49386 | In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Pl... | ||
| CVE-2026-49385 | In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts | ||
| CVE-2026-49383 | In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible | ||
| CVE-2026-49382 | In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin | ||
| CVE-2026-49381 | In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible | ||
| CVE-2026-49380 | In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible | ||
| CVE-2026-49379 | In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names | ||
| CVE-2026-49378 | In JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletion | ||
| CVE-2026-49376 | In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin | ||
| CVE-2026-49375 | In JetBrains TeamCity before 2026.1, 2025.11.5 reflected XSS was possible on the repository download page | ||
| CVE-2026-49374 | In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters | ||
| CVE-2026-49373 | In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings | ||
| CVE-2026-49372 | In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible | ||
| CVE-2026-49371 | In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible | ||
| CVE-2026-49370 | In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests | ||
| CVE-2026-49369 | In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages | ||
| CVE-2026-49368 | In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible | ||
| CVE-2026-49367 | In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account | ||
| CVE-2026-49366 | In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion | ||
| CVE-2026-48843 | Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x before 1.7.1 has Insufficient Cascading Style Sheets (CSS) saniti... | ||
| CVE-2026-48696 | Pavel-odintsov | Fastnetmon | FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-... |
| CVE-2026-48172 | Litespeedtech | Litespeed Cpanel Plugin | LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May... |
| CVE-2026-48027 | Nx | Nx Console | Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at... |
| CVE-2026-47323 | Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy ... | ||
| CVE-2026-46740 | Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were n... | ||
| CVE-2026-46728 | Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a h... | ||
| CVE-2026-46344 | liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to ... | ||
| CVE-2026-46113 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpe... | ||
| CVE-2026-45913 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: always update mdb_n_entries for vlan... | ||
| CVE-2026-45370 | python-utcp is the python implementation of UTCP. Prior to 1.1.3, _prepare_environment() in cli_communication_protocol.py pas... | ||
| CVE-2026-45321 | Abhishake1 | Supersurkhet/cli | On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published... |
| CVE-2026-45318 | Openwebui | Open Webui | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, his adviso... |
| CVE-2026-45306 | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the fix for CVE-2026-33509 prev... | ||
| CVE-2026-45207 | An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected ... | ||
| CVE-2026-45206 | An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected ... | ||
| CVE-2026-45191 | Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, whic... | ||
| CVE-2026-45190 | Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ... | ||
| CVE-2026-45109 | Vercel | Next.js | Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found... |
| CVE-2026-45006 | OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.pat... | ||
| CVE-2026-45005 | OpenClaw before 2026.4.23 caches resolved webhook route secrets backed by SecretRef values, allowing stale secrets to remain ... | ||
| CVE-2026-45004 | OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads ... | ||
| CVE-2026-45003 | OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and... | ||
| CVE-2026-45002 | OpenClaw before 2026.4.20 contains a hook session-key bypass vulnerability that allows attackers to circumvent the hooks.allo... | ||
| CVE-2026-45001 | OpenClaw before 2026.4.20 contains a guard bypass vulnerability in the agent-facing gateway config.patch and config.apply end... | ||
| CVE-2026-45000 | OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips str... | ||
| CVE-2026-44999 | OpenClaw before 2026.4.20 fails to properly preserve untrusted labels for isolated cron awareness events, allowing webhook-tr... | ||
| CVE-2026-44998 | OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent config... | ||
| CVE-2026-44997 | OpenClaw before 2026.4.22 contains a security envelope constraint bypass vulnerability allowing restricted subagents to spawn... | ||
| CVE-2026-44996 | OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fail... | ||
| CVE-2026-44995 | OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuratio... | ||