CVE ID :CVE-2026-55429 Published : July 8, 2026, 12:16 a.m. | 58 minutes ago Description :Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2,…
CVE-2026-55428 – Coder: Route hijacking through lack of validation of agent-supplied AllowedIPs in tailnet coordinator
CVE ID :CVE-2026-55428 Published : July 8, 2026, 12:16 a.m. | 58 minutes ago Description :Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2,…
CVE-2026-55427 – Coder vulnerable to SSH config injection via unsanitized server-supplied values in `coder config-ssh`
CVE ID :CVE-2026-55427 Published : July 8, 2026, 12:16 a.m. | 58 minutes ago Description :Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2,…
CVE-2026-59705 – mem0 – OpenMemory API Unauthenticated Access via Memory Endpoints
CVE ID :CVE-2026-59705 Published : July 7, 2026, 11:16 p.m. | 1 hour, 58 minutes ago Description :mem0’s openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete…
CVE-2026-59706 – mem0 – Server-Side Request Forgery and Plaintext API Key Exposure via Unauthenticated Config Endpoints
CVE ID :CVE-2026-59706 Published : July 7, 2026, 10:16 p.m. | 58 minutes ago Description :mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery…
CVE-2026-55418 – FastGPT: S3 presign/read handlers do not bind the object key to the caller’s team (cross-team file disclosure)
CVE ID :CVE-2026-55418 Published : July 7, 2026, 10:16 p.m. | 58 minutes ago Description :FastGPT is an open source AI knowledge base platform. Prior to v4.15.0-beta5, two FastGPT file handlers authorize an…
CVE-2026-55408 – Koodo Reader: Remote code execution via malicious epub file
CVE ID :CVE-2026-55408 Published : July 7, 2026, 10:16 p.m. | 58 minutes ago Description :Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code…
CVE-2026-49229 – Actual: Disabled OpenID users keep access through existing session tokens
CVE ID :CVE-2026-49229 Published : July 7, 2026, 10:16 p.m. | 58 minutes ago Description :Actual is a local-first personal finance app. Prior to 26.6.0, in OpenID multi-user mode, disabling a user only…
CVE-2026-49033 – Stack-Based Buffer Overflow in Labcenter Proteus
CVE ID :CVE-2026-49033 Published : July 7, 2026, 10:16 p.m. | 58 minutes ago Description :The application contains a stack-based buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary…
CVE-2026-53645 – FOSSBilling’s missing self-edit prevention in staff permission management allows persistent privilege escalation
CVE ID :CVE-2026-53645 Published : July 6, 2026, 11:16 p.m. | 1 hour, 57 minutes ago Description :FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged…