CVE search results

1 – 10 of 509 results

Detailed view

Sort by:

CVE-2026-31221

Medium priority

Needs evaluation

(PyTorch-Lightning versions 2.6.0 and earlier contain an insecure deser ...)

1 affected package

pytorch

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pytorch	Needs evaluation	Not in release	Needs evaluation	—	—

CVE-2026-44742

Medium priority

Needs evaluation

Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026.

1 affected package

postorius

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postorius	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-44603

Medium priority

Needs evaluation

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007.

1 affected package

tor

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-44602

Medium priority

Needs evaluation

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006.

1 affected package

tor

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-44601

Medium priority

Needs evaluation

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.

1 affected package

tor

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-44600

Medium priority

Needs evaluation

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010.

1 affected package

tor

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-44599

Medium priority

Needs evaluation

Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008.

1 affected package

tor

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-44597

Medium priority

Needs evaluation

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011.

1 affected package

tor

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-40489

Medium priority

Some fixes available 3 of 7

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ec_glob() that allows an attacker to crash any...

1 affected package

editorconfig-core

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
editorconfig-core	Fixed	Fixed	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-39984

Medium priority

Needs evaluation

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies...

1 affected package

golang-github-sigstore-timestamp-authority

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-github-sigstore-timestamp-authority	Needs evaluation	Not in release	Not in release	—	—

Export to JSON

Results by page:

Search CVE reports