| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause missing authentication for a critical function. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure. |
| NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution. |
| NVIDIA TensorRT contains a vulnerability where an attacker might cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution. |
| Tornado is a Python web framework and asynchronous networking library. Prior to 6.5.6, SimpleAsyncHTTPClient shallow-copied redirected requests and removed only the Host header, leaving Authorization, auth_username, auth_password, and auth_mode in place when a redirect changed scheme, host, or port. This issue is fixed in version 6.5.6. |
| Twig is a template language for PHP. Prior to 3.27.0, ArrayExpression does not guard dynamic mapping keys that are coerced to strings, allowing PHP to invoke __toString() on a Stringable object used as a mapping key without calling SandboxExtension::ensureToStringAllowed(). This issue is fixed in version 3.27.0. |
| A
security flaw was found in certain NETGEAR Orbi models that
could allow an unauthorized user to cause the device to stop responding or
restart unexpectedly, disrupting network connectivity and making the device
temporarily unavailable. |
| A security flaw was discovered in the NETGEAR DGND3700v1 that could
allow someone on the same local WiFi network to send unauthorized commands to
the device.
This issue was identified through testing in a controlled research
environment using a simulated version of the router's software and has not been
confirmed on physical production devices. |
| RustFS Console is a web management console for the RustFS distributed file system. From 0.1.7 until 0.1.10, the RustFS Console components/object/preview-modal.tsx and components/object/pdf-viewer.tsx extension-based PDF preview path can render HTML content uploaded as .pdf, allowing stored cross-site scripting in the management console and exposure of administrator AccessKeyId, SecretAccessKey, and SessionToken values. This is caused by a regression of CVE-2026-27822. This vulnerability is fixed in 0.1.10. |
| Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Prior to 1.74.4, rclone archive extract can write extracted files outside the user-selected destination prefix when extracting a crafted archive containing parent path components such as ../, allowing creation or overwrite of sibling objects in the same bucket or path scope. This issue is fixed in version 1.74.4. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61873. Reason: This candidate is a duplicate of CVE-2026-61873. Notes: All CVE users should reference CVE-2026-61873 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61457. Reason: This candidate is a duplicate of CVE-2026-61457. Notes: All CVE users should reference CVE-2026-61457 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61453. Reason: This candidate is a duplicate of CVE-2026-61453. Notes: All CVE users should reference CVE-2026-61453 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61452. Reason: This candidate is a duplicate of CVE-2026-61452. Notes: All CVE users should reference CVE-2026-61452 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61451. Reason: This candidate is a duplicate of CVE-2026-61451. Notes: All CVE users should reference CVE-2026-61451 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61446. Reason: This candidate is a duplicate of CVE-2026-61446. Notes: All CVE users should reference CVE-2026-61446 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61449. Reason: This candidate is a duplicate of CVE-2026-61449. Notes: All CVE users should reference CVE-2026-61449 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61443. Reason: This candidate is a duplicate of CVE-2026-61443. Notes: All CVE users should reference CVE-2026-61443 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61440. Reason: This candidate is a duplicate of CVE-2026-61440. Notes: All CVE users should reference CVE-2026-61440 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61438. Reason: This candidate is a duplicate of CVE-2026-61438. Notes: All CVE users should reference CVE-2026-61438 instead of this candidate. |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61436. Reason: This candidate is a duplicate of CVE-2026-61436. Notes: All CVE users should reference CVE-2026-61436 instead of this candidate. |