Trending CVE

CVEs, die aktuell Aufmerksamkeit erhalten.
Medienbericht
  • EPSS 3.39%
  • Veröffentlicht 16.06.2026 18:01:33
  • Zuletzt bearbeitet 09.07.2026 00:17:26

Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ".

8.4

CVE-2026-55255

Warnung Medienbericht Exploit
  • EPSS 0.47%
  • Veröffentlicht 23.06.2026 16:28:20
  • Zuletzt bearbeitet 08.07.2026 13:39:12

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference (IDOR) vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to an...

Medienbericht Exploit
  • EPSS 0.18%
  • Veröffentlicht 04.07.2026 12:17:01
  • Zuletzt bearbeitet 08.07.2026 05:16:27

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad ("KVM: x86: Fix shadow paging use-after-free due to unexpected GFN") fixed a shadow paging mi...

10

CVE-2026-48282

Warnung Medienbericht
  • EPSS 28.58%
  • Veröffentlicht 30.06.2026 15:11:57
  • Zuletzt bearbeitet 08.07.2026 14:58:28

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitati...

9.8

CVE-2025-3248

Warnung Medienbericht Exploit
  • EPSS 99.99%
  • Veröffentlicht 07.04.2025 14:22:38
  • Zuletzt bearbeitet 06.11.2025 13:57:48

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.