7.5
CVE-2026-28414 - Gradio has Absolute Path Traversal on Windows with Python 3.13+
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Python 3.13+ changed β¦
0
CVE-2026-27167 - Gradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret
Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are used. When a user viβ¦
8.8
CVE-2026-27939 - Statamic allows Authenticated Control Panel users to escalate privileges via elevated session bypass
Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elevated privileges without completing the intended verification step. This can allow access to sensitiβ¦
6.9
CVE-2026-28407 - malcontent's nested archive extraction failure can drop content from scan inputs
malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archivesβ¦
8.2
CVE-2026-28406 - kaniko has tar archive path traversal in build context extraction allows writing files outside destβ¦
kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without enforcing that the final path stays within `dest`. β¦
0.0
CVE-2026-3370 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
7.1
CVE-2026-28402 - nimiq/core-rs-albatross's nimiq-blockchain missing proposal body root verification
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.2.2, a malicious or compromised validator that is elected as proposer can publish a macro block proposal where `header.body_root` does not match the aβ¦
7.6
CVE-2026-28400 - Docker Model Runner Unauthenticated Runtime Flag Injection via _configure Endpoint
Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server (llamβ¦
1.3
CVE-2026-28355 - "PWA" Canarytoken Vulnerable to Stored Self Cross-Site Scripting
Canarytokens help track activity and actions on a network. Versions prior to `sha-7ff0e12` have a Self Cross-Site Scripting vulnerability in the "PWA" Canarytoken, whereby the Canarytoken's creator can attack themselves or someone they share the link with. The creator of a PWA Canarytoken can inserβ¦
6.5
CVE-2026-28352 - Indico missing access check in event series management API
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.11, the API endpoint used to manage event series is missing an access check, allowing unauthenticated/unauthorized access to this endpoint. The impact of this isβ¦