Known Vulnerabilities for Tex Live by Tug

Listed below are 8 of the newest known vulnerabilities associated with "Tex Live" by "Tug".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-60120 json Bagisto before 2.4.4 contains a stored cross-site scripting vulnerability via client-side template injection that allows unau... Not Provided 2026-07-09 2026-07-14
CVE-2026-58402 json Hugo is a static site generator. From 0.60.0 until 0.163.3, Hugo's default code-block renderer wrote the Markdown code-fence ... Not Provided 2026-07-06 2026-07-06
CVE-2026-58263 json Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.... Not Provided 2026-07-01 2026-07-02
CVE-2026-58170 json Vibe-Trading before 0.1.10 builds the proposal file path by joining a caller-supplied proposal identifier onto the broker pro... Not Provided 2026-06-30 2026-07-14
CVE-2026-57081 json Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode rec... Not Provided 2026-06-30 2026-06-30
CVE-2026-56342 json AVideo through version 27.0 contains a server-side request forgery vulnerability in plugin/Live/test.php that allows authenti... Not Provided 2026-06-20 2026-06-22
CVE-2026-55727 json A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.... Not Provided 2026-07-06 2026-07-06
CVE-2026-55454 json Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the bundled Caddy reverse-proxy's... Not Provided 2026-06-24 2026-06-25
CVE-2026-55437 json Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.3... Not Provided 2026-07-08 2026-07-08
CVE-2026-55370 json Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's existing TOTP verificatio... Not Provided 2026-07-10 2026-07-10

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationTugTex Live20190410
ApplicationTugTex Live20180414
ApplicationTugTex Live2018-09-21
ApplicationTugTex Live20170524
ApplicationTugTex Live20160523
ApplicationTugTex Live20150523
ApplicationTugTex Live20150521
ApplicationTugTex Live20140525
ApplicationTugTex Live20130530
ApplicationTugTex Live20120701
ApplicationTugTex Live20110705
ApplicationTugTex Live20100826
ApplicationTugTex Live20100722
ApplicationTugTex Live20091107
ApplicationTugTex Live20080822
ApplicationTugTex Live20070212
ApplicationTugTex Live20051102
ApplicationTugTex Live20041127
ApplicationTugTex Live20030928
ApplicationTugTex Live20020604
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report