Known Vulnerabilities for Raw Image Extension by Microsoft
Listed below are 10 of the newest known vulnerabilities associated with "Raw Image Extension" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-61456 json | The Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/medi... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-61448 json | Parse Server is affected by a stored cross-site scripting (XSS) vulnerability in versions >= 9.0.0, < 9.10.0-alpha.2 and <= 8... | Not Provided | 2026-07-11 | 2026-07-13 |
| CVE-2026-58654 json | The Grav API plugin (getgrav/grav-plugin-api) 1.0.0 contains an unrestricted file upload vulnerability in the avatar upload e... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-53724 json | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-48920 json | Jenkins Email Extension Plugin 1933.v45cec755423f and earlier allows inlining images as `base64` in email content by setting ... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-48095 json | 7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability... | Not Provided | 2026-06-05 | 2026-06-08 |
| CVE-2026-47118 json | Agent Zero before version 1.15 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrar... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-44259 json | efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the previewServlet serves files with their detected MIME type b... | Not Provided | 2026-05-12 | 2026-05-13 |
| CVE-2026-42879 json | FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted fil... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-40487 json | Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticat... | Not Provided | 2026-04-18 | 2026-04-20 |