nuget

901 tracked vulnerabilities.

CVE-2026-23952 MEDIUM
Magick.NET < 14.10.2 - Denial of Service via MSL Comment Tag Parsing
Jan 22, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-23874 MEDIUM
ImageMagick <7.1.2-13 - Buffer Overflow
Jan 20, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-22770 MEDIUM
ImageMagick <7.1.2-13 - Memory Corruption
Jan 20, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-22611 LOW
AWSSDK.Core 4.0.0-4.0.3.2 - Improper Input Validation in Region Input Field
Jan 10, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-68924 HIGH
Umbraco UmbracoForms <8.13.16 - Authenticated RCE
Jan 16, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-68950 MEDIUM
ImageMagick < 7.1.2-12 - Denial of Service via Circular MVG Reference
Dec 30, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-68618 MEDIUM
ImageMagick < 7.1.2-12 - Denial of Service via Malicious SVG File
Dec 30, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-67291 MEDIUM
Piranha CMS v12.1 - Stored Cross-Site Scripting in Media Module Name Field
Dec 22, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-67290 MEDIUM
Piranha CMS v12.1 - Stored Cross-Site Scripting in Page Settings Excerpt Field
Dec 22, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-67288 CRITICAL
Umbraco CMS 16.3.3 - Arbitrary File Upload via Crafted PDF File
Dec 22, 2025
CVSS 10.0
EPSS 0.01
CVE-2025-68469 LOW
ImageMagick < 7.1.1-14 - Heap-based Buffer Overflow via Crafted TIFF File
Dec 18, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-14759 MEDIUM
Amazon S3 Encryption Client for .NET < 3.2.0 - Use of a Broken or Risky Cryptographic Algorithm
Dec 17, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-65581 MEDIUM
Volosoft ABP Framework 5.1.0-10.0.0-rc.2 - Open Redirect via Account Module ReturnUrl Parameter
Dec 16, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-66628 HIGH
ImageMagick <7.1.9 - Buffer Overflow
Dec 10, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-66625 MEDIUM
Umbraco CMS 10.0.0-13.12.0 - Authenticated Arbitrary File Existence Enumeration via Dictionary Upload
Dec 09, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-64113 CRITICAL
Emby Server < 4.9.1.81 - Unauthenticated Weak Password Recovery Mechanism
Dec 09, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-66631 CRITICAL
CSLA .NET < 6.0.0 - Remote Code Execution via WcfProxy NetDataContractSerializer Deserialization
Dec 09, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-65955 MEDIUM
ImageMagick <7.1.2-9 & 6.9.13-34 - Memory Corruption
Dec 02, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-64095 CRITICAL NUCLEI
Dnnsoftware Dotnetnuke < 10.1.1 - Unrestricted File Upload
Oct 28, 2025
CVSS 10.0
EPSS 0.45
CVE-2025-64094 MEDIUM
Dnnsoftware Dotnetnuke < 10.1.1 - XSS
Oct 28, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-62802 MEDIUM
DNN <10.1.1 - Info Disclosure
Oct 28, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-62594 MEDIUM
ImageMagick < 7.1.2-8 - Denial of Service via CLAHEImage Function
Oct 27, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-61413 MEDIUM
Piranha CMS v12.0 - Stored Cross-Site Scripting in Markdown Blocks
Oct 23, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-62171 MEDIUM
ImageMagick < 6.9.13-32 - Integer Overflow in BMP Decoder on 32-bit Systems
Oct 17, 2025
CVSS 5.9
EPSS 0.01
CVE-2025-11849 CRITICAL
mammoth < 1.11.0 - Directory Traversal via DOCX Image External Link
Oct 17, 2025
CVSS 9.3
EPSS 0.01