PULSE
LIVE45signals / 24h
FEED
ransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcare
← All CVEs
CVE WatchJul 9, 2026

CVE-2026-50813

An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension cha

CVSS

6.1

Medium

EPSS

0.1%

p2

KEV

Exploit Today

0

0-100

Published: Jul 8, 2026 · Last modified: Jul 9, 2026 · CWE-126

EPSS · 30d
0.1%EPSS · 30 days0.1%
2026-07-092026-07-16
Technical description

An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension changeset concat/changegroup merge path

Official references
Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-256468.1 HIG
57.4%
17LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer. The images that trigger this vulnerability are valid per the PNG specification. This vulnerability is fixed in 1.6.55.2d
CVE-2026-52608.2 HIG
50.0%
15A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.2d
CVE-2026-504686.5 MED
49.6%
15Buffer over-read in SQL Server allows an authorized attacker to disclose information over a network.2d
CVE-2026-504456.5 MED
47.7%
14Buffer over-read in Windows RDP allows an unauthorized attacker to disclose information over a network.1d
CVE-2026-505046.5 MED
46.4%
14Buffer over-read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.2d
CVE-2026-441857.3 HIG
44.6%
13Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.17h