CVE Find est une base de données de vulnérabilités en temps réel, indexant 367 163 failles de sécurité (CVE) issues de MITRE, NVD, CISA KEV, CWE et CAPEC. 2328 nouvelles CVE ont été publiées ces 7 derniers jours.
Données agrégées depuis : MITRE Corporation (CVE, CWE, CAPEC), National Vulnerability Database – NIST (NVD), CISA Known Exploited Vulnerabilities (KEV), FIRST (EPSS).
| CVE ID | Publié | Description | Score | Gravité | |
|---|---|---|---|---|---|
CVE-2026-10130 |
2026-07-18 23h17 +00:00 |
QueryWeaver contains an authentication bypass vulnerability that allows unauthenticated attackers to... Authorization problems |
8.2 |
Haute |
|
CVE-2026-12228 |
2026-07-18 21h17 +00:00 |
A stored cross-site scripting (XSS) vulnerability exists in the `POST /api/prompts/share` endpoint o... Cross-site Scripting |
8.7 |
Haute |
|
CVE-2026-16117 |
2026-07-18 14h17 +00:00 |
Impact: @fastify/http-proxy versions up to and including 11.5.0 fail to rewrite the request prefix w... |
10 |
Critique |
|
CVE-2026-11826 |
2026-07-18 14h17 +00:00 |
OpenPLC_v3 contains a heap-based buffer overflow in the getData() function in webserver/core/modbus_... |
8.8 |
Haute |
|
CVE-2024-58366 |
2026-07-18 14h17 +00:00 |
SurrealDB before 1.1.1 contains a format string vulnerability in the rquickjs Exception::throw_type ... |
8.5 |
Haute |
|
CVE-2024-58362 |
2026-07-18 14h17 +00:00 |
SurrealDB before 1.5.5 (and 2.0.0-beta before 2.0.0-beta.3) accepts an arbitrary object in the signi... |
8.8 |
Haute |
|
CVE-2023-54366 |
2026-07-18 14h17 +00:00 |
SurrealDB before 1.0.1 sets default table permissions to FULL instead of NONE, allowing SELECT, CREA... |
8.8 |
Haute |
|
CVE-2026-9323 |
2026-07-18 13h51 +00:00 |
The urwid web display backend (urwid/display/web.py) generates web session identifiers (urwid_id) in... |
9.2 |
Critique |
|
CVE-2026-15631 |
2026-07-18 13h17 +00:00 |
Impact: @fastify/http-proxy versions from 9.4.0 up to and including 11.5.0 fail to validate the reso... Directory Traversal |
8.7 |
Haute |
|
CVE-2026-9147 |
2026-07-18 12h46 +00:00 |
uproot dynamically generates Python class source code from ROOT TStreamerInfo records in a file and ... Code Injection |
8.5 |
Haute |