CVE-2026-10591

Same vendor

• CVE-2026-9255 — Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary t... (7.8 HIGH)
• CVE-2026-31431 — In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly r... (7.8 HIGH)
• CVE-2026-6437 — Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver (aws-efs-csi-driver) before v3.0.1 ... (6.5 MEDIUM)
• CVE-2026-5747 — An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allo... (7.5 HIGH)
• CVE-2026-4270 — Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.... (5.5 MEDIUM)

Same CWE

• CVE-2026-0271 — A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to exec...
• CVE-2026-50570 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (8.5 HIGH)
• CVE-2026-26422 — clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation (8.4 HIGH)
• CVE-2026-50590 — In Mimecast Incydr before 2.6.0, arbitrary file access can occur (4.5 MEDIUM)
• CVE-2026-10997 — Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install... (6.5 MEDIUM)