CVE.report search for "CVE-2026-54799"
Listed below are 50 relevant search results for "CVE-2026-54799" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-60104 | Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the au... | ||
| CVE-2026-59828 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that sho... | ||
| CVE-2026-59805 | Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticat... | ||
| CVE-2026-59800 | 9Router before 0.4.44 contains an OS command injection vulnerability in the unauthenticated POST /api/tunnel/tailscale-instal... | ||
| CVE-2026-59721 | Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, the updateInfraConfigs GraphQL mutation in admin/i... | ||
| CVE-2026-59720 | Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, mock server creation in mock-server.service.ts doe... | ||
| CVE-2026-59261 | Openclaw | Openclaw | OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv files can override provider cre... |
| CVE-2026-58465 | Eclipse Wakaama before snapshot/2026-05-26 contains an unbounded memory allocation vulnerability in the CoAP Block1 handler w... | ||
| CVE-2026-58448 | yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated use... | ||
| CVE-2026-58374 | W1.fi | Hostapd | In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association requ... |
| CVE-2026-57950 | ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control vulnerability in ErpSaleOrderControll... | ||
| CVE-2026-57949 | ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GE... | ||
| CVE-2026-57926 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack |
| CVE-2026-57925 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags |
| CVE-2026-57924 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details |
| CVE-2026-57923 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project... |
| CVE-2026-57922 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible |
| CVE-2026-57921 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templat... |
| CVE-2026-57920 | Peplink | Intcontrol 2 | Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /re... |
| CVE-2026-57913 | Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts... | ||
| CVE-2026-57522 | Bitwarden | Server | Bitwarden Server before 2026.5.0 contains a JSON injection vulnerability in IntegrationTemplateProcessor.ReplaceTokens(), whi... |
| CVE-2026-57521 | Bitwarden | Server | Bitwarden Server before 2026.5.0 contains a broken access control vulnerability that allows any authenticated user to access ... |
| CVE-2026-57520 | Bitwarden | Server | Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with Ma... |
| CVE-2026-57062 | CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes... | ||
| CVE-2026-56781 | Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to ... | ||
| CVE-2026-56412 | Libexpat Project | Libexpat | libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for v... |
| CVE-2026-56142 | Jetbrains | Hub | In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege esc... |
| CVE-2026-56141 | Jetbrains | Hub | In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeo... |
| CVE-2026-56140 | Apache | Camel | Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel heade... |
| CVE-2026-56131 | Libexpat Project | Libexpat | libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a poli... |
| CVE-2026-56120 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56... | ||
| CVE-2026-56099 | Openbsd | Openbsd | OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read vulnerability in the mpls_do_error function within ... |
| CVE-2026-55616 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-49757. Reason: This candidate is a dupli... | ||
| CVE-2026-55615 | Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.5, Neo4jChatAgent passe... | ||
| CVE-2026-55470 | HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.10, the... | ||
| CVE-2026-55448 | mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credential_c... | ||
| CVE-2026-55441 | mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files (m... | ||
| CVE-2026-55424 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a topic "featured link"... | ||
| CVE-2026-55420 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, under certain non-defau... | ||
| CVE-2026-55404 | yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to 2026.7.4, the --write-link, --write-url-link, and --... | ||
| CVE-2026-55212 | Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, the Studio API class definit... | ||
| CVE-2026-55208 | Pimcore Studio Backend Bundle is the backend bundle for Pimcore Studio. Prior to 2025.4.6 and 2026.1.6, an authenticated user... | ||
| CVE-2026-55207 | Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, an unauthenticated attacker ... | ||
| CVE-2026-54760 | Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.1, the `SQLChatAgent` S... | ||
| CVE-2026-54709 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-54637. Reason: This candidate is a dupli... | ||
| CVE-2026-54699 | Warp is an agentic development environment. From 0.2024.03.12.08.02.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contai... | ||
| CVE-2026-54686 | Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accept... | ||
| CVE-2026-54590 | AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of ... | ||
| CVE-2026-54557 | mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.1, the mise HTTP backend builds its install s... | ||
| CVE-2026-54444 | Rejected reason: ]** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-49489. Reason: This candidate is a dupl... | ||