6.1
CVE-2026-33812 - Excessive memory allocation when decoding malicious SFNT in golang.org/x/image
Parsing a malicious font file can cause excessive memory allocation.
7.5
CVE-2026-33813 - Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image
Parsing a WEBP image with an invalid, large size panics on 32-bit platforms.
6.3
CVE-2026-40881 - Zebra: addr/addrv2 Deserialization Resource Exhaustion
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-network version 5.0.1, when deserializing addr or addrv2 messages, which contain vectors of addresses, Zebra would fully deserialize them up to a maximum length (over 233,000) that was derived from the 2 MiB mesβ¦
9.1
CVE-2026-40372 - ASP.NET Core Elevation of Privilege Vulnerability
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
7
CVE-2026-40875 - mailcow: dockerized vulnerable to stored XSS in user login history real_rip
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the user dashboard's "Seen successful connections" (login history) renders the client IP from login logs without HTML escaping. Because the server trusts the X-Real-IP header as the source IPβ¦
7.2
CVE-2026-40880 - Zebra: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip Blocks
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and zebra-consensus version 5.0.2, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By carefully submitting a transaction that is valid for height H+1 but β¦
6
CVE-2026-40874 - mailcow: dockerized missing authorization on Forwarding Hosts delete action
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, no administrator verification takes place when deleting Forwarding Hosts with `/api/v1/delete/fwdhost`. Any authenticated user can call this API. Checks are only applied for edit/add actions,β¦
8.9
CVE-2026-40873 - mailcow: dockerized vulnerable to stored XSS in Quarantine attachment filenames
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the Quarantine details modal injects attachment filenames into HTML without escaping, allowing arbitrary HTML/JS execution. An attacker can deliver an email with a crafted attachment name so β¦
9.3
CVE-2026-40872 - mailcow: dockerized vulnerable to stored XSS in autodiscover logs email address field
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the admin dashboard's Autodiscover logs render the EMailAddress value (logged as the "user" field) without HTML escaping. By submitting an unauthenticated Autodiscover request with a crafted β¦
7.5
CVE-2026-40879 - Nest: DoS via Recursive handleData in JsonSocket (TCP Transport)
Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP frame, handleData() recurses once per message; the buffer shrinks each call. maxBufferSize is never reached; call stack overflows instead. β¦