0.0
CVE-2026-33814 - Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2β¦
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
4.8
CVE-2026-8088 - OSGeo gdal GDapi.c GDfieldinfo out-of-bounds
A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the publiβ¦
4.8
CVE-2026-8087 - OSGeo gdal GDapi.c GDnentries heap-based overflow
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The expβ¦
5.1
CVE-2026-42259 - Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backsβ¦
Saltcorn is an extensible, open source, no-code database application builder. Prior to versions 1.4.6, 1.5.6, and 1.6.0-beta.5, Saltcorn validates the post-login dest parameter with a string check that only blocks :/ and //. Because all WHATWG-compliant browsers normalise backslashes (\) to forwardβ¦
5.3
CVE-2026-42241 - ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width
ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this coβ¦
7
CVE-2026-43510 - CISA manage.get.gov insecure portfolio administrative privileges
manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30.
8.1
CVE-2026-42239 - Budibase auth session cookies are set with httpOnly:false β any XSS can lead to full account takeovβ¦
Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full accβ¦
8.2
CVE-2026-42225 - GnuTLS backend silently skips certificate chain verification when verify_peer is false
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via vβ¦
4.8
CVE-2026-8086 - OSGeo gdal SWapi.c SWnentries heap-based overflow
A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly avaβ¦
7
CVE-2026-41653 - BentoPDF: Stored XSS via Markdown Editor Leading to Persistent File Exfiltration
BentoPDF is a client-side PDF toolkit that is self hostable. Prior to version 2.8.3, a cross-site scripting vulnerability was identified in BentoPD. An attacker may be able to execute arbitrary JavaScript in certain circumstances in Markdown to PDF Tool. This issue has been patched in version 2.8.3.