Low-severity CVEs

9517 low-severity CVEs (2374 with public PoCs). Browse the most dangerous vulnerabilities.

Top Low-severity CVEs
CVESeverityScorePublishedSummary
CVE-2026-56377Low3.32026-06-30ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attack…
CVE-2026-56369Low3.72026-06-30ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can explo…
CVE-2026-56365Low3.72026-06-30ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure conditio…
CVE-2026-56364Low1.92026-06-30ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files…
CVE-2026-56363Low3.32026-06-30ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attack…
CVE-2026-56361Low3.32026-06-30ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer o…
CVE-2026-54696Low3.72026-06-30Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an o…
CVE-2026-9836Low3.52026-06-30IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability.
CVE-2026-58371Low3.12026-06-30SeaweedFS before 4.30 reflects the callback query parameter verbatim into responses served with Content-Type application/javascript in the shared writeJson hel…
CVE-2026-10654Low3.12026-06-30A race condition in the Zephyr Bluetooth Classic RFCOMM host stack (subsys/bluetooth/host/classic/rfcomm.c) mishandles a simultaneous bidirectional session dis…
CVE-2026-13758Low3.72026-06-29CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) for…
CVE-2026-57946Low3.72026-06-29Invidious before version 2.20260626.0 contains a broken access control vulnerability that allows unauthenticated attackers to retrieve private playlist content…
CVE-2026-13746Low3.62026-06-29Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could trigger this issue by su…
CVE-2026-13587Low3.72026-06-29A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the component Li…
CVE-2026-13574Low3.32026-06-29A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst…
CVE-2026-13573Low3.32026-06-29A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of t…
CVE-2026-13570Low3.52026-06-29A vulnerability was detected in SourceCodester Inventory Management System 1.0. Impacted is an unknown function of the file /api/users_handler.php of the compo…
CVE-2026-13558Low3.52026-06-29A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of t…
CVE-2025-0824Low3.72026-06-29Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28. This issue affects Hitachi Virtual Storage Platfo…
CVE-2026-13523Low3.32026-06-29A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Execu…