CVE search

367,067 results
CVE-2026-11972HIGHtarfile opened in streaming mode mishandles EOFEPSS 0.4%CVE-2026-54518MEDIUMjackson-databind: @JsonView bypass for unwrapped creator parameters in jackson-databindEPSS 0.2%CVE-2026-50193MEDIUMjackson-databind: Deeply nested JsonNode throws StackOverflowError for toString()EPSS 0.6%CVE-2026-41862HIGHSpring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts withoEPSS 0.4%CVE-2026-54512HIGHjackson-databind: PolymorphicTypeValidator bypass via generic type parameters allows arbitrary class instantiationEPSS 0.6%CVE-2026-56120CVE-2026-56120EPSS CVE-2026-54513HIGHjackson-databind: Array subtype allowlist bypass in BasicPolymorphicTypeValidator (allowIfSubTypeIsArray)EPSS 0.7%CVE-2026-54514MEDIUMjackson-databind: InetSocketAddress deserialization triggers eager DNS resolution (SSRF)EPSS 0.2%CVE-2026-54515MEDIUMjackson-databind: Case-insensitive deserialization bypasses per-property @JsonIgnorePropertiesEPSS 0.3%CVE-2026-54516MEDIUMjackson-databind: Renamed @JsonIgnore'd setters can deserialize via private fieldsEPSS 0.3%CVE-2026-54517MEDIUMjackson-databind: @JsonView bypass for setterless creator propertiesEPSS 0.2%CVE-2026-46547MEDIUMNocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URLEPSS 0.2%CVE-2026-46548MEDIUMNocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams)EPSS 0.2%CVE-2026-46549LOWNocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope EscalationEPSS 0.2%CVE-2026-46550MEDIUMNocoDB: Refresh Token Cookie Set Without `Secure` and `SameSite` FlagsEPSS 0.1%CVE-2026-46552MEDIUMNocoDB: Shared-base link access can invite arbitrary users as persistent base membersEPSS 0.3%CVE-2026-46553LOWNocoDB: Attachment Size Limit Bypass via Upload-by-URLEPSS 0.2%CVE-2026-47375MEDIUMNocoDB: Postgres SQL Injection in Formula `ARRAYSORT`EPSS 0.2%CVE-2026-47376MEDIUMNocoDB: Reflected Cross-Site Scripting via Password Reset TokenEPSS 0.3%CVE-2026-47377MEDIUMNocoDB: Open Redirect via Hash Fragment in hashRedirect PluginEPSS 0.2%