CVE.report search for "CVE-2025-32277"
Listed below are 50 relevant search results for "CVE-2025-32277" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-49448 | authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, the Source stage can be b... | ||
| CVE-2026-49443 | authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the abil... | ||
| CVE-2026-49384 | Jetbrains | Pycharm | In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible |
| CVE-2026-49377 | Jetbrains | Teamcity | In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters |
| CVE-2026-49375 | Jetbrains | Teamcity | In JetBrains TeamCity before 2026.1, 2025.11.5 reflected XSS was possible on the repository download page |
| CVE-2026-49372 | Jetbrains | Teamcity | In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible |
| CVE-2026-49325 | Improper handling of physical conditions in the bike-shutdown control of the Indian Motorcycle Scout Bobber + Tech 2025 model... | ||
| CVE-2026-49324 | Uncontrolled resource consumption in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 mode... | ||
| CVE-2026-49323 | Weak authentication between the Wireless Control Module (WCM) and the Engine Control Module (ECM) of the Indian Motorcycle Sc... | ||
| CVE-2026-49322 | Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows ... | ||
| CVE-2026-49318 | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model ... | ||
| CVE-2026-49317 | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model ... | ||
| CVE-2026-49316 | Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an ... | ||
| CVE-2026-49237 | Apple | Macos | An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. Wh... |
| CVE-2026-48726 | Apache | Airflow | A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout ... |
| CVE-2026-48208 | An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attack... | ||
| CVE-2026-48191 | An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Fil... | ||
| CVE-2026-48190 | An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated custom... | ||
| CVE-2026-48189 | An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are re... | ||
| CVE-2026-48188 | An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthentic... | ||
| CVE-2026-48187 | An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocati... | ||
| CVE-2026-47324 | ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting (XSS) in multiple attributes of s... | ||
| CVE-2026-47323 | Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy ... | ||
| CVE-2026-47201 | authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026.2.3, and 2026.5.1, authentik's SAML Source A... | ||
| CVE-2026-46368 | luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed... | ||
| CVE-2026-46124 | In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in iso... | ||
| CVE-2026-46055 | In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination ... | ||
| CVE-2026-44413 | Jetbrains | Teamcity | In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access |
| CVE-2026-43899 | DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-bet... | ||
| CVE-2026-43347 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: monaco: Reserve full Gunyah metadata r... |
| CVE-2026-43322 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in le_read_features_complet... |
| CVE-2026-43247 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic wh... |
| CVE-2026-43164 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in __udp_enqueue_schedule_sk... |
| CVE-2026-42960 | Nlnetlabs | Unbound | NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority se... |
| CVE-2026-42879 | FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted fil... | ||
| CVE-2026-42877 | FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting (XS... | ||
| CVE-2026-42849 | authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, due to the implementation of stages ... | ||
| CVE-2026-42467 | An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read... | ||
| CVE-2026-42360 | Apache | Airflow | A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking (e.g. nested `password` / `tok... |
| CVE-2026-42339 | Newapi | New Api | New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-a... |
| CVE-2026-42252 | Apache | Airflow | Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a ... |
| CVE-2026-42043 | Axios | Axios | Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, an attacker who can influence t... |
| CVE-2026-41903 | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user holding t... | ||
| CVE-2026-41882 | Jetbrains | Intellij Idea | In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files ... |
| CVE-2026-41577 | authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor (... | ||
| CVE-2026-41321 | @astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers targets. Prior to 13.1.10, the fetch() call for remote ... | ||
| CVE-2026-40453 | Apache | Camel | The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant header names such as 'CA... |
| CVE-2026-40165 | authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were ... | ||
| CVE-2026-40046 | Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT. The fix for "CVE... | ||
| CVE-2026-40035 | Ryandfir | Unfurl | Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by... |