Currently free during beta - premium features coming soon. Subscribe now to lock in early access.
CVE

EU Regulatory Changes

262 changes tracked across 24 compliance frameworks including DORA, NIS2, GDPR, EU AI Act, Cyber Resilience Act, and more.

All DORA NIS2 GDPR CSRD MaRisk ISO27001 EU_AI_ACT CRA DSA DMA eIDAS2 SOC2 PCI_DSS HIPAA ISO42001 AMLD6 PSD3 DATA_ACT GPSR CER EUDR CVE BREACH AI_SAFETY
CVE 28 Jun 2026 nvd
CVE-2026-2053 (CVSS 8.3) — The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does...
A new vulnerability, CVE-2026-2053, has been published with a CVSS score of 8.3, indicating a high severity risk. The issue affects the WSO2 API Manager, specifically its message flow component, wh...
Read analysis →
CVE 28 Jun 2026 nvd
CVE-2026-53914 (CVSS 6.7) — In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization ...
A new vulnerability, CVE-2026-53914, has been published with a CVSS score of 6.7, affecting JetBrains Kotlin versions prior to 2.4.20. The issue allows code execution through unsafe deserialization...
Read analysis →
CVE 28 Jun 2026 nvd
CVE-2026-57926 (CVSS 2.6) — In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a proto...
A new vulnerability has been published under CVE-2026-57926, affecting JetBrains YouTrack versions prior to 2026.2.16593. The issue involves a prototype pollution attack in the websandbox bridge, w...
Read analysis →
CVE 28 Jun 2026 nvd
CVE-2026-12415 (CVSS 9.8) — The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a...
A critical vulnerability has been published under CVE-2026-12415, affecting the Invoice Generator plugin for WordPress up to version 1.0. The flaw, rated 9.8 on the CVSS scale, allows privilege esc...
Read analysis →
CVE 28 Jun 2026 nvd
CVE-2026-58053 (CVSS 9.9) — Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's contai...
A critical vulnerability, CVE-2026-58053, has been published with a CVSS score of 9.9, affecting Gitea act_runner when using the Docker backend up to version act 0.262.0. The flaw allows a maliciou...
Read analysis →
CVE 27 Jun 2026 nvd
CVE-2026-56123 (CVSS 8.1) — socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability...
CVE 27 Jun 2026 nvd
CVE-2026-50548 (CVSS 9.8) — Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent te...
CVE 27 Jun 2026 nvd
CVE-2026-50549 (CVSS 9.8) — Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent te...
CVE 27 Jun 2026 nvd
CVE-2026-7531 (CVSS 9.8) — Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CV...
CVE 27 Jun 2026 nvd
CVE-2026-48930 (CVSS 9.8) — A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to sile...
CVE 27 Jun 2026 nvd
CVE-2026-54636 (CVSS 9.0) — Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the...
CVE 26 Jun 2026 nvd
CVE-2025-71336 (CVSS 9.8) — Flowise before 3.0.6 (affected versions 2.2.7-patch.1 and earlier) contains an unsandboxe...
CVE 26 Jun 2026 nvd
CVE-2025-71338 (CVSS 10.0) — Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/pro...
CVE 26 Jun 2026 kev
KEV: CVE-2026-12569 — PTC Windchill and FlexPLM (PTC Windchill and FlexPLM Improper Input Validation Vulnerability)
CVE 26 Jun 2026 kev
KEV: CVE-2026-20230 — Cisco Unified Communications Manager (Cisco Unified Communications Manager Server-Side Request ...
CVE 26 Jun 2026 nvd
CVE-2026-56351 (CVSS 8.2) — n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and...
CVE 26 Jun 2026 nvd
CVE-2026-39948 (CVSS 9.8) — Cacti is an open source performance and fault management framework. In versions 1.2.30 an...
CVE 26 Jun 2026 nvd
CVE-2026-40079 (CVSS 9.8) — Cacti is an open source performance and fault management framework. Versions 1.2.30 and p...
CVE 26 Jun 2026 nvd
CVE-2026-56786 (CVSS 9.8) — RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 fun...
CVE 26 Jun 2026 nvd
CVE-2025-71327 (CVSS 9.1) — Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/accoun...