Ursula von der Leyen, az Európai Bizottság elnöke 2026. május 12-én kijelentette, hogy szerinte Európának szigorítania kell a gyermekek közösségi
Vulnerabilities
CVE-2026-8565 | Google Chrome up to 148.0.7778.96 on macOS Downloads clickjacking (ID 442860)
A vulnerability was found in Google Chrome on macOS and classified as problematic. Affected is an unknown function of the
CVE-2026-8587 | Google Chrome up to 148.0.7778.96 on macOS Extensions use after free (ID 507356)
A vulnerability was found in Google Chrome on macOS. It has been classified as critical. Affected by this vulnerability is
CVE-2026-8596 | AWS Amazon SageMaker Python SDK up to 2.257.1/3.7.1 Serve cleartext storage (GHSA-7hh5-prp2-mfh5)
A vulnerability was found in AWS Amazon SageMaker Python SDK up to 2.257.1/3.7.1. It has been declared as problematic. Affected
CVE-2026-8597 | Amazon SageMaker Python SDK up to 2.257.1/3.7.1 Pickle integrity check (GHSA-rq6v-x3j8-7qgf)
A vulnerability was found in Amazon SageMaker Python SDK up to 2.257.1/3.7.1. It has been rated as problematic. This affects
CVE-2026-8586 | Google Chrome up to 148.0.7778.96 Chromoting access control (ID 499154)
A vulnerability categorized as critical has been discovered in Google Chrome. This vulnerability affects unknown code of the component Chromoting.
CVE-2026-8555 | Google Chrome up to 148.0.7778.96 on Windows GTK use after free (ID 500033)
A vulnerability identified as critical has been detected in Google Chrome on Windows. This issue affects some unknown processing of
CVE-2026-44670 | SiYuan up to 3.6.x Transaction cross site scripting (GHSA-2h64-c999-c9r6)
A vulnerability labeled as problematic has been found in SiYuan up to 3.6.x. Impacted is an unknown function of the
CVE-2026-45147 | SiYuan up to 3.6.x /api/tag/getTag model.Conf.Save sort improper authorization (GHSA-6r88-8v7q-q4p2)
A vulnerability marked as critical has been reported in SiYuan up to 3.6.x. The affected element is the function model.Conf.Save
CVE-2025-48512 | AMD Ryzen 4000 Mobile Processors with Radeon Graphics prior 7.04.09.545 Installation Directory default permission
A vulnerability described as critical has been identified in AMD Ryzen 4000 Mobile Processors with Radeon Graphics, Ryzen 7035 Processors
CVE-2026-44592 | wavelens gradient 1.1.0 NixOS /proto missing authentication (GHSA-49w6-gf3p-96m2)
A vulnerability classified as critical has been found in wavelens gradient 1.1.0. This affects an unknown function of the file
CVE-2026-45148 | SiYuan up to 3.6.x Publish Service authorization (GHSA-fmh9-gpqh-g53g)
A vulnerability classified as problematic was found in SiYuan up to 3.6.x. This impacts an unknown function of the component
CVE-2026-8621 | openclaw crabbox up to 0.11.x improper authentication
A vulnerability, which was classified as critical, has been found in openclaw crabbox up to 0.11.x. Affected is an unknown
CVE-2024-36345 | AMD EPYC 4004 System Management Mode improper access control for volatile memory containing boot code
A vulnerability, which was classified as problematic, was found in AMD EPYC 4004, EPYC 4005, Ryzen 6000 Processors with Radeon
CVE-2026-0438 | AMD Ryzen 7040 Mobile Processors with Radeon Graphics data resource access without connection pooling
A vulnerability has been found in AMD Ryzen 7040 Mobile Processors with Radeon Graphics, Ryzen 7045 Mobile Processors with Radeon
CVE-2026-45371 | SiYuan up to 3.6.x /api/graph/getGraph model.Conf.Save improper authorization (GHSA-gmmv-4cc5-wr9r)
A vulnerability was found in SiYuan up to 3.6.x and classified as critical. This affects the function model.Conf.Save of the
CVE-2026-45375 | SiYuan up to 3.6.5 Setting plugin.json cross site scripting (GHSA-27qc-m5gf-jv5r)
A vulnerability was found in SiYuan up to 3.6.5. It has been classified as problematic. This vulnerability affects unknown code
CVE-2025-48520 | AMD Ryzen 7035 Processors with Radeon Graphics prior 7.06.02.123 Management Frame out-of-bounds
A vulnerability was found in AMD Ryzen 7035 Processors with Radeon Graphics, Ryzen 7040 Mobile Processors with Radeon Graphics, Ryzen
CVE-2025-0045 | AMD Athlon 3000 Mobile Processors with Radeon Graphics buffer overflow
A vulnerability was found in AMD Athlon 3000 Mobile Processors with Radeon Graphics, Ryzen 4000 Mobile Processors with Radeon Graphics,
CVE-2025-48519 | AMD Ryzen 7035 Processors with Radeon Graphics Management Frame out-of-bounds write
A vulnerability categorized as critical has been discovered in AMD Ryzen 7035 Processors with Radeon Graphics, Ryzen 7040 Mobile Processors
CVE-2025-48521 | AMD Ryzen 4000 Mobile Processors with Radeon Graphics use after free
A vulnerability identified as critical has been detected in AMD Ryzen 4000 Mobile Processors with Radeon Graphics, Ryzen 7035 Processors
CVE-2025-52540 | AMD Ryzen 7035 Processors with Radeon Graphics Management Frame out-of-bounds write
A vulnerability labeled as critical has been found in AMD Ryzen 7035 Processors with Radeon Graphics, Ryzen 7040 Mobile Processors
CVE-2026-8612 | OALDERS WWW::Mechanize::Cached up to 1.x on Perl HTTP Response /tmp/FileCache get permission assignment
A vulnerability marked as problematic has been reported in OALDERS WWW::Mechanize::Cached up to 1.x on Perl. This impacts the function
CVE-2026-0432 | AMD Ryzen 4000 Mobile Processors with Radeon Graphics AMD Chipset Driver default permission
A vulnerability described as critical has been identified in AMD Ryzen 4000 Mobile Processors with Radeon Graphics, Ryzen 7035 Processors
CVE-2026-44541 | Ethyca Fides fides.js fides_description cross site scripting
A vulnerability classified as problematic has been found in Ethyca Fides. Affected by this vulnerability is an unknown functionality of
CVE-2026-22599 | Strapi up to 4.26.0/5.33.1 Database Utility db.connection.raw sql injection (GHSA-3xcq-8mjw-h6mx)
A vulnerability has been found in Strapi up to 4.26.0/5.33.1 and classified as critical. This issue affects the function db.connection.raw
CVE-2026-41315 | midoks mdserver-web up to 0.18.4 /modify_crond os command injection (GHSA-3h92-g9hr-xc25)
A vulnerability was found in midoks mdserver-web up to 0.18.4 and classified as critical. Impacted is an unknown function of
CVE-2026-23998 | fleetdm fleet up to 4.80.x Windows MDM Management Endpoint certificate validation (GHSA-2rc4-7jc6-qffh)
A vulnerability was found in fleetdm fleet up to 4.80.x. It has been classified as problematic. The affected element is
CVE-2026-22706 | Strapi up to 5.33.2 session expiration (GHSA-hvp3-26wx-g2w4)
A vulnerability was found in Strapi up to 5.33.2. It has been declared as problematic. The impacted element is an
CVE-2026-44522 | enchant97 note-mark up to 0.19.3 HTTP Request Header assets filepath.Base input validation (GHSA-g49p-4qxj-88v3)
A vulnerability was found in enchant97 note-mark up to 0.19.3. It has been rated as critical. This affects the function
CVE-2026-38740 | Foscam VD1 Video Doorbell up to 5.3.12 cleartext transmission
A vulnerability categorized as problematic has been discovered in Foscam VD1 Video Doorbell up to 5.3.12. This impacts an unknown
CVE-2025-64526 | Strapi up to 5.44.x /auth/local excessive authentication (GHSA-7mqx-wwh4-f9fw)
A vulnerability identified as problematic has been detected in Strapi up to 5.44.x. Affected is an unknown function of the
CVE-2026-24899 | fleetdm fleet up to 4.81.x JWKS Endpoint authentication spoofing (GHSA-ffg9-j72f-j6xm)
A vulnerability labeled as critical has been found in fleetdm fleet up to 4.81.x. Affected by this vulnerability is an
CVE-2026-24000 | fleetdm fleet up to 4.80.0 Device Management authentication spoofing (GHSA-j8h8-75h3-jg53)
A vulnerability marked as critical has been reported in fleetdm fleet up to 4.80.0. Affected by this issue is some
CVE-2026-26191 | fleetdm fleet up to 4.81.0 os command injection (GHSA-9vcr-g537-3w5v)
A vulnerability described as critical has been identified in fleetdm fleet up to 4.81.0. This affects an unknown part. Executing
CVE-2026-26062 | fleetdm fleet up to 4.80.x gRPC Endpoint denial of service (GHSA-x67p-9m2r-fxqv)
A vulnerability classified as problematic has been found in fleetdm fleet up to 4.80.x. This vulnerability affects unknown code of
CVE-2026-43906 | AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 HEIF Decoder heap-based overflow (GHSA-gmrp-x952-3m66)
A vulnerability classified as critical was found in AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0. This issue affects some unknown processing of
CVE-2026-43907 | AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 QueryRGBBufferSizeInternal integer overflow (GHSA-cq46-hp4h-cvfr)
A vulnerability, which was classified as critical, has been found in AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0. Impacted is the function
CVE-2026-43903 | AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 sgiinput.cpp out-of-bounds write (GHSA-jg3q-vm3q-2j35)
A vulnerability, which was classified as critical, was found in AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0. The affected element is an
CVE-2026-43904 | AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 out-of-bounds write (GHSA-4499-j545-7q33)
A vulnerability has been found in AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 and classified as critical. The impacted element is an
CVE-2026-43905 | AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 m_buf.resize integer overflow (GHSA-pj45-cf3g-28gq)
A vulnerability was found in AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 and classified as critical. This affects the function m_buf.resize. Executing
CVE-2026-3290 | Silicon Labs RS9116 SDK up to 2.13.1 entropy
A vulnerability was found in Silicon Labs RS9116 SDK up to 2.13.1. It has been classified as problematic. This impacts
CVE-2026-43909 | AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 DPX Image SwapRGBABytes out-of-bounds (GHSA-g267-j53j-5258)
A vulnerability was found in AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0. It has been declared as critical. Affected is the function
CVE-2026-46356 | fleetdm fleet up to 4.80.0 Login API authentication spoofing (GHSA-mxmp-wr3w-rvqx)
A vulnerability was found in fleetdm fleet up to 4.80.0. It has been rated as critical. Affected by this vulnerability
CVE-2026-44588 | SiYuan up to 3.6.x app/src/block/popover.ts child_process cross site scripting (GHSA-25rp-h46x-2hjm)
A vulnerability categorized as problematic has been discovered in SiYuan up to 3.6.x. Affected by this issue is the function
CVE-2026-44523 | enchant97 note-mark up to 0.19.3 Configuration JWT_SECRET inadequate encryption (GHSA-q6mh-rqwh-g786)
A vulnerability identified as problematic has been detected in enchant97 note-mark up to 0.19.3. This affects an unknown part of
CVE-2026-43908 | AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 ConvertCbYCrYToRGB integer overflow (GHSA-2jr5-q49v-3858)
A vulnerability labeled as critical has been found in AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0. This vulnerability affects the function ConvertCbYCrYToRGB.
CVE-2026-44589 | nuxt-modules og-image up to 6.4.8 isBlockedUrl server-side request forgery (GHSA-c2rm-g55x-8hr5)
A vulnerability marked as critical has been reported in nuxt-modules og-image up to 6.4.8. This issue affects the function isBlockedUrl.
CVE-2026-43996 | AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0 TGAInput::decode_pixel out-of-bounds (GHSA-mq8j-73c4-cr55)
A vulnerability described as problematic has been identified in AcademySoftwareFoundation OpenImageIO up to 3.0.18.0/3.1.13.0. Impacted is the function TGAInput::decode_pixel. The
CVE-2026-8634 | openclaw crabbox up to 0.11.x code injection
A vulnerability classified as critical was found in openclaw crabbox up to 0.11.x. The impacted element is an unknown function.
CVE-2026-8629 | openclaw crabbox up to 0.11.x POST Request /v1/leases/ authorization
A vulnerability classified as critical has been found in openclaw crabbox up to 0.11.x. The affected element is an unknown
CVE-2026-44586 | SiYuan up to 3.6.x cross site scripting (GHSA-x6wf-w2rg-2gw9)
A vulnerability, which was classified as problematic, has been found in SiYuan up to 3.6.x. This affects an unknown function.
CVE-2026-8513 | Google Chrome up to 148.0.7778.96 on Android Input use after free (ID 495939)
A vulnerability, which was classified as critical, was found in Google Chrome on Android. This impacts an unknown function of
CVE-2026-8509 | Google Chrome up to 148.0.7778.96 WebML heap-based overflow (ID 493310)
A vulnerability has been found in Google Chrome and classified as critical. Affected is an unknown function of the component
CVE-2026-8510 | Google Chrome up to 148.0.7778.96 on Windows Skia external control of assumed-immutable web parameter (ID 502636)
A vulnerability was found in Google Chrome on Windows and classified as problematic. Affected by this vulnerability is an unknown
CVE-2026-8511 | Google Chrome up to 148.0.7778.96 UI use after free (ID 495108)
A vulnerability was found in Google Chrome. It has been classified as critical. Affected by this issue is some unknown
CVE-2026-8512 | Google Chrome up to 148.0.7778.96 Fileystem use after free (ID 495782)
A vulnerability was found in Google Chrome. It has been declared as critical. This affects an unknown part of the
CVE-2026-8514 | Google Chrome up to 148.0.7778.96 Aura use after free (ID 495948)
A vulnerability was found in Google Chrome. It has been rated as critical. This vulnerability affects unknown code of the
CVE-2026-8515 | Google Chrome up to 148.0.7778.96 HID use after free (ID 495999)
A vulnerability categorized as critical has been discovered in Google Chrome. This issue affects some unknown processing of the component
CVE-2026-44636 | saitoha libsixel up to 1.8.7-r1 SIXEL Encoder sixel_encode_highcolor heap-based overflow (GHSA-hx93-w8p2-ffh5)
A vulnerability identified as critical has been detected in saitoha libsixel up to 1.8.7-r1. Impacted is the function sixel_encode_highcolor of
CVE-2026-44637 | saitoha libsixel up to 1.8.7-r1 SIXEL Encoder sixel_decode_raw_impl integer overflow (GHSA-9jm7-77gr-qghv)
A vulnerability labeled as problematic has been found in saitoha libsixel up to 1.8.7-r1. The affected element is the function
CVE-2026-44638 | saitoha libsixel up to 1.8.7-r1 null pointer dereference (GHSA-wpx3-h5g8-qr3w)
A vulnerability marked as problematic has been reported in saitoha libsixel up to 1.8.7-r1. The impacted element is an unknown
CVE-2026-8516 | Google Chrome up to 148.0.7778.96 DataTransfer information disclosure (ID 496393)
A vulnerability described as problematic has been identified in Google Chrome. This affects an unknown function of the component DataTransfer.
CVE-2026-42327 | rust-openssl up to 0.10.78 X509Ref::ocsp_responders certificate validation (GHSA-xp3w-r5p5-63rr)
A vulnerability classified as problematic has been found in rust-openssl up to 0.10.78. This impacts the function X509Ref::ocsp_responders. Performing a
CVE-2026-44666 | zelon88 HRConvert2 up to 3.3.7 convertCore.php sanitizeString os command injection (GHSA-f74g-4wj8-j35h)
A vulnerability classified as critical was found in zelon88 HRConvert2 up to 3.3.7. Affected is the function sanitizeString of the
CVE-2026-44662 | rust-openssl up to 0.10.78 Crypter heap-based overflow (GHSA-xv59-967r-8726)
A vulnerability, which was classified as critical, has been found in rust-openssl up to 0.10.78. Affected by this vulnerability is
CVE-2026-45369 | universal-tool-calling-protocol python-utcp up to 1.1.1 cli_communication_protocol.py _substitute_utcp_args os command injection (GHSA-33p6-5jxp-p3x4)
A vulnerability, which was classified as critical, was found in universal-tool-calling-protocol python-utcp up to 1.1.1. Affected by this issue is
CVE-2026-45370 | universal-tool-calling-protocol python-utcp up to 1.1.1 cli_communication_protocol.py _prepare_environment exposure of sensitive information through environmental variables (GHSA-5v57-8rxj-3p2r)
A vulnerability has been found in universal-tool-calling-protocol python-utcp up to 1.1.1 and classified as problematic. This affects the function _prepare_environment
CVE-2026-44661 | universal-tool-calling-protocol python-utcp up to 1.1.1 HTTPS Endpoint register_manual server-side request forgery (GHSA-39j6-4867-gg4w)
A vulnerability was found in universal-tool-calling-protocol python-utcp up to 1.1.1 and classified as critical. This vulnerability affects the function register_manual
CVE-2026-44673 | CESNET libyang up to SO 5.2.14 LYB src/parser_lyb.c lyb_read_string integer overflow (GHSA-vw2p-pq79-92xh)
A vulnerability was found in CESNET libyang up to SO 5.2.14. It has been classified as problematic. This issue affects
CVE-2026-44679 | Tuist up to 1.180.9 Forgot Password allocation of resources (GHSA-v7gr-7ww5-w4cx)
A vulnerability was found in Tuist up to 1.180.9. It has been declared as problematic. Impacted is an unknown function
CVE-2026-44647 | theonedev up to 15.0.1 path traversal (GHSA-59wq-74xg-w85v)
A vulnerability was found in theonedev onedev up to 15.0.1. It has been rated as critical. The affected element is
CVE-2026-6811 | MongoDB PHP Driver 1.21.5/2.1.8 recursion
A vulnerability categorized as problematic has been discovered in MongoDB PHP Driver 1.21.5/2.1.8. The impacted element is an unknown function.
CVE-2026-42847 | MacWarrior clipbucket-v5 up to up to 5.5.3 Authenticated Admin Endpoint action_logs.php fetch_action_logs Type sql injection (GHSA-x33j-5cqg-vrrc)
A vulnerability identified as critical has been detected in MacWarrior clipbucket-v5 up to up to 5.5.3. This affects the function
CVE-2026-44671 | Zitadel up to 3.4.9/4.14.x ldap injection (GHSA-rxvx-hhpj-q6px)
A vulnerability labeled as problematic has been found in Zitadel up to 3.4.9/4.14.x. This impacts an unknown function. Such manipulation
Rocky Linux 9 RLSA-2026-16802 krb5 Major Security Vulnerability Uncovered
Important: krb5 security updateLinuxSecurity – Security AdvisoriesRead More
Ubuntu OS 22.04 RSA-2022-45672 Kernel Serious Local Elevation Vulnerability
Important: kernel security updateLinuxSecurity – Security AdvisoriesRead More
Rocky Linux 9 RLSA-2027-17845 jq Serious Security Fix for Memory Leak
Important: jq security updateLinuxSecurity – Security AdvisoriesRead More
Rocky Linux 9 RLSA-2023-45612 GIMP High Risk Remote Code Exploit Alert
Important: gimp:2.8 security updateLinuxSecurity – Security AdvisoriesRead More
Rocky Linux 8 RLSA-2026-17891 git-lfs Significant Downtime Notification
Important: git-lfs security updateLinuxSecurity – Security AdvisoriesRead More
Rocky Linux 8 kernel-rt Local Privilege Escalation Advisory RLSA-2026-16196
Important: kernel-rt security updateLinuxSecurity – Security AdvisoriesRead More
CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities (Severity: MEDIUM)
Palo Alto Networks Security AdvisoriesRead More
CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing (Severity: MEDIUM)
Palo Alto Networks Security AdvisoriesRead More
CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution (Severity: HIGH)
Palo Alto Networks Security AdvisoriesRead More
CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching (Severity: MEDIUM)
Palo Alto Networks Security AdvisoriesRead More
CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B) (Severity: MEDIUM)
Palo Alto Networks Security AdvisoriesRead More
CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability (Severity: MEDIUM)
Palo Alto Networks Security AdvisoriesRead More
CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities (Severity: MEDIUM)
Palo Alto Networks Security AdvisoriesRead More
CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface (Severity: MEDIUM)
Palo Alto Networks Security AdvisoriesRead More
CVE-2026-20182 | Cisco Catalyst SD-WAN Manager up to 20.3.2 improper authentication (cisco-sa-sdwan-rpa2-v69WY2SW)
A vulnerability has been found in Cisco Catalyst SD-WAN Manager and classified as critical. This vulnerability affects unknown code. The
CVE-2026-42594 | Gotenberg up to 8.31.x PDF File c.Reset echo.Context race condition (GHSA-r33j-c622-r6qp)
A vulnerability was found in Gotenberg up to 8.31.x and classified as problematic. This issue affects the function c.Reset of
CVE-2025-62305 | HCL AION 2.1.0 insertion of sensitive information into sent data (KB0130636)
A vulnerability was found in HCL AION 2.1.0. It has been classified as problematic. Impacted is an unknown function. This
CVE-2025-62310 | HCL AION 2.1.0 cleartext transmission (KB0130636)
A vulnerability was found in HCL AION 2.1.0. It has been declared as problematic. The affected element is an unknown
CVE-2025-62311 | HCL AION 2.1.0 Backend Service cleartext transmission (KB0130636)
A vulnerability was found in HCL AION 2.1.0. It has been rated as problematic. The impacted element is an unknown
CVE-2025-62312 | HCL AION 2.1.0 insufficiently protected credentials (KB0130636)
A vulnerability categorized as problematic has been discovered in HCL AION 2.1.0. This affects an unknown function. Executing a manipulation
CVE-2026-40893 | Gotenberg up to 8.30.x PDF File System:FileName file inclusion (GHSA-62p3-hvxx-fxg4)
A vulnerability identified as problematic has been detected in Gotenberg up to 8.30.x. This impacts an unknown function of the
CVE-2026-42592 | Gotenberg up to 8.31.x Internal Service toctou (GHSA-2pmr-289p-44r3)
A vulnerability labeled as problematic has been found in Gotenberg up to 8.31.x. Affected is an unknown function of the
CVE-2026-42593 | Gotenberg up to 8.31.x PDF File path traversal (GHSA-3cv5-q585-h563)
A vulnerability marked as critical has been reported in Gotenberg up to 8.31.x. Affected by this vulnerability is an unknown
CVE-2025-62313 | HCL AION 2.1.0 excessive authentication (KB0130636)
A vulnerability described as problematic has been identified in HCL AION 2.1.0. Affected by this issue is some unknown functionality.
CVE-2025-62316 | HCL AION 2.1.0 HTTP Response Header ui layer (KB0130636)
A vulnerability classified as problematic has been found in HCL AION 2.1.0. This affects an unknown part of the component
CVE-2026-42283 | devspace-sh devspace up to 6.3.20 UI Server WebSocket missing authentication (GHSA-hqwm-7x7x-8379)
A vulnerability classified as critical was found in devspace-sh devspace up to 6.3.20. This vulnerability affects unknown code of the