Search CVE reports


Toggle filters

1 – 10 of 30612 results

Status is adjusted based on your filters.


CVE-2026-61870

Medium priority
Needs evaluation

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory...

1 affected package

imagemagick

Package 26.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-61861

Medium priority
Needs evaluation

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed...

1 affected package

imagemagick

Package 26.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-61858

Medium priority
Needs evaluation

ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy...

1 affected package

imagemagick

Package 26.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-61857

Medium priority
Needs evaluation

ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger...

1 affected package

imagemagick

Package 26.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-61465

Medium priority
Needs evaluation

ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more...

1 affected package

imagemagick

Package 26.04 LTS
imagemagick Needs evaluation
Show less packages

CVE-2026-60102

Medium priority

Not in release

(Horde Virtual File System (VFS) API before 3.0.1 contains an OS comman ...)

1 affected package

php-horde-vfs

Package 26.04 LTS
php-horde-vfs Not in release
Show less packages

CVE-2026-59180

Medium priority
Needs evaluation

Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. Prior to 1.11.0, Apprise HTTP-based notification plugins and HTTP attachment and config...

1 affected package

apprise

Package 26.04 LTS
apprise Needs evaluation
Show less packages

CVE-2026-57221

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ does not perform authorization checks on passive queue.declare and exchange.declare AMQP 0-9-1 operations, allowing any...

1 affected package

rabbitmq-server

Package 26.04 LTS
rabbitmq-server Needs evaluation
Show less packages

CVE-2026-57220

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing...

1 affected package

rabbitmq-server

Package 26.04 LTS
rabbitmq-server Needs evaluation
Show less packages

CVE-2026-57219

Medium priority
Needs evaluation

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, the obsolete GET /api/auth endpoint can disclose the OAuth 2 client secret on RabbitMQ installations configured...

1 affected package

rabbitmq-server

Package 26.04 LTS
rabbitmq-server Needs evaluation
Show less packages