Known Vulnerabilities for Merge by Htc
Listed below are 1 of the newest known vulnerabilities associated with "Merge" by "Htc".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
More device details and information can be found at device.report here: Htc Merge
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59880 json | Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, Immutable.Map and Immutable.Set ke... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59869 json | js-yaml is a JavaScript YAML parser and dumper. From 3.0.0 before 3.15.0 and from 4.0.0 before 4.3.0, js-yaml can spend quadr... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-59868 json | js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.0, when merge keys are enabled, js-yaml can spend quadr... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-58370 json | Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author. For the GitLab forge driver, p... | Not Provided | 2026-06-30 | 2026-07-02 |
| CVE-2026-56763 json | Hono before 4.12.7 allows __proto__ key in parseBody with dot option enabled, permitting specially crafted form field names t... | Not Provided | 2026-07-11 | 2026-07-11 |
| CVE-2026-56223 json | Capgo before 12.128.2 contains a cross-domain SSO account takeover vulnerability in the provision-user endpoint that allows a... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-56215 json | Capgo before 12.128.12 allows authenticated users to modify their mutable public.users.email to arbitrary addresses, which th... | Not Provided | 2026-06-20 | 2026-06-24 |
| CVE-2026-54311 json | n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to crea... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-53550 json | js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CP... | Not Provided | 2026-06-22 | 2026-06-29 |
| CVE-2026-53314 json | In the Linux kernel, the following vulnerability has been resolved: padata: Put CPU offline callback in ONLINE section to al... | Not Provided | 2026-06-26 | 2026-06-26 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Htc | Merge | - |