1053
Total CVEs
9
KEV Entries
69
Critical
409
High
391
Medium
135
Articles
CVE Feed
1053 CVEs
CVE-2026-31843
CRITICAL
10.0
The goodoneuz/pay-uz Laravel package (<= 2.2.24) contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment ...
CVE-2026-6349
CRITICAL
10.0
The
iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.
CVE-2026-5588
CRITICAL
10.0
: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules).
PKIX draft CompositeVerifier accepts empty signature sequen...
CVE-2026-5598
CRITICAL
10.0
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).
Non-constant time comparisons risk private key leakage in FrodoKEM.
This issue affects BC-...
CVE-2026-34865
CRITICAL
10.0
Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2026-4149
CRITICAL
10.0
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Au...
CVE-2026-20147
CRITICAL
9.9
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vul...
CVE-2026-20180
CRITICAL
9.9
A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit...
CVE-2026-20186
CRITICAL
9.9
A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit...
CVE-2026-39842
CRITICAL
9.9
OpenRemote is an open-source IoT platform. Versions 1.21.0 and below contain two interrelated expression injection vulnerabilities in the rules engine that allow arbitrary code execution on the server...
CVE-2026-27681
CRITICAL
9.9
Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete dat...
CVE-2026-35031
CRITICAL
9.9
Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the subtitle upload endpoint (POST /Videos/{itemId}/Subtitles), where the Format field i...
CVE-2026-38526
CRITICAL
9.9
An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVE-2026-3596
CRITICAL
9.8
The Riaxe Product Customizer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.2. The plugin registers an unauthenticated AJAX action ('wp_ajax_nopri...
CVE-2026-4880
CRITICAL
9.8
The Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication ...
CVE-2026-1555
CRITICAL
9.8
The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the io_img_upload() function in all versions up to, and including, 1.2024. This makes it...
CVE-2026-20184
CRITICAL
9.8
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.
...
CVE-2026-3461
CRITICAL
9.8
The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the `express_pay_product_page_pay_for_order()` fun...
CVE-2025-63939
CRITICAL
9.8
Improper input handling in /Grocery/search_products_itname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitem_name POST parameter.
CVE-2025-65135
CRITICAL
9.8
In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fromdate POST parameter.
CVE-2026-33824
CRITICAL
9.8
Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.
CVE-2026-39808
CRITICAL
9.8
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code ...
CVE-2026-39813
CRITICAL
9.8
A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via <insert attack vector here...
CVE-2026-40288
CRITICAL
9.8
PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the workflow engine is vulnerable to arbitrary command and code execution through untrus...
CVE-2026-6264
CRITICAL
9.8
A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend...
CVE-2026-22562
CRITICAL
9.8
A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code exec...
CVE-2026-22563
CRITICAL
9.8
A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network.
Affected Products:
UniFi Play PowerAmp (Version 1.0....
CVE-2026-22564
CRITICAL
9.8
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.
Affected Products:
UniFi Play ...
CVE-2026-5058
CRITICAL
9.8
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication i...
CVE-2026-5059
CRITICAL
9.8
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authenti...
CVE-2026-27303
CRITICAL
9.6
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exp...
CVE-2026-39399
CRITICAL
9.6
NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can supply a...
CVE-2026-34621
CRITICAL
9.6
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could res...
CVE-2026-40173
CRITICAL
9.4
Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered on...
CVE-2026-40504
CRITICAL
9.3
Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting scripts with many string lit...
CVE-2026-40959
CRITICAL
9.3
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.
CVE-2026-6348
CRITICAL
9.3
WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine...
CVE-2026-6350
CRITICAL
9.3
MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.
CVE-2025-14813
CRITICAL
9.3
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules). This vulnerability is associated with program files G3413CTRBlo...
CVE-2025-15610
CRITICAL
9.3
Deserialization of untrusted data vulnerability in OpenText, Inc RightFax on Windows, 64 bit, 32 bit allows Object Injection.This issue affects RightFax: through 25.4.
CVE-2026-5387
CRITICAL
9.3
The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privil...
CVE-2026-27243
CRITICAL
9.3
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerab...
CVE-2026-27245
CRITICAL
9.3
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerab...
CVE-2026-27246
CRITICAL
9.3
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execu...
CVE-2026-27304
CRITICAL
9.3
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitatio...
CVE-2026-34615
CRITICAL
9.3
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exp...
CVE-2026-35033
CRITICAL
9.3
Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain an unauthenticated arbitrary file read vulnerability via ffmpeg argument injection through the StreamOptions quer...
CVE-2026-23891
CRITICAL
9.3
Decidim is a participatory democracy framework. In versions below 0.30.5 and 0.31.0.rc1 through 0.31.0, a stored code execution vulnerability in the user name field allows a low-privileged attacker to...
CVE-2026-40042
CRITICAL
9.3
Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting unsafe XML parsing in the TextParser helper. Attackers ...
CVE-2026-40044
CRITICAL
9.3
Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PH...
CVE-2026-4810
CRITICAL
9.3
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit (ADK) versions 1.7.0 (and 2.0.0a1) through 1.28.1 (and 2.0.0a2) on Python (OSS), Cloud Run, and GKE allows an ...
CVE-2019-25709
CRITICAL
9.3
CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data directory. Attackers can extract delete...
CVE-2026-31845
CRITICAL
9.3
A reflected cross-site scripting (XSS) vulnerability exists in Rukovoditel CRM version 3.6.4 and earlier in the Zadarma telephony API endpoint (/api/tel/zadarma.php). The application directly reflects...
CVE-2026-5189
CRITICAL
9.2
CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access ...
CVE-2026-6270
CRITICAL
9.1
@fastify/middie versions 9.3.1 and earlier do not register inherited middleware directly on child plugin engine instances. When a Fastify application registers authentication middleware in a parent sc...
CVE-2025-41118
CRITICAL
9.1
Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage (COS).
If the database is configured to use Tencent C...
CVE-2026-33807
CRITICAL
9.1
@fastify/express v4.0.4 and earlier contains a path handling bug in the onRegister function that causes middleware paths to be doubled when inherited by child plugins. When a child plugin is registere...
CVE-2026-33808
CRITICAL
9.1
Impact@fastify/express v4.0.4 and earlier fails to normalize URLs before passing them to Express middleware when Fastify router normalization options are enabled. This allows complete bypass of path-s...
CVE-2026-6388
CRITICAL
9.1
A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace bounda...
CVE-2025-8095
CRITICAL
9.1
The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitable for stored encodings and enterprise application...
CVE-2026-34457
CRITICAL
9.1
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior to 7.15.2 contain a configuration-dependent authentication bypass in deployments where OAuth2 Proxy ...
CVE-2026-40289
CRITICAL
9.1
PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the browser bridge (praisonai browser start) is vulnerable to unauthenticated remote ses...
CVE-2026-40313
CRITICAL
9.1
PraisonAI is a multi-agent teams system. In versions 4.5.139 and below, the GitHub Actions workflows are vulnerable to ArtiPACKED attack, a known credential leakage vector caused by using actions/chec...
CVE-2026-4365
CRITICAL
9.1
The LearnPress plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the `delete_question_answer()` function in all versions up to, and including, 4.3.2...
CVE-2026-6100
CRITICAL
9.1
Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when a memory allocation fails with a `MemoryError` and the decompression instance is re-us...
CVE-2026-40322
CRITICAL
9.0
SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered with securityLevel set to "loose", and the resulting SVG is injected into the ...
CVE-2026-33805
CRITICAL
9.0
@fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy has added its own headers via rewriteRequestHeaders. This all...
CVE-2026-2449
CRITICAL
9.0
Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Executi...
CVE-2026-26149
CRITICAL
9.0
Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to bypass a security feature over a network.
CVE-2026-6138
HIGH
8.9
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation...
CVE-2026-6139
HIGH
8.9
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of...
CVE-2026-6140
HIGH
8.9
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulatio...
CVE-2026-6154
HIGH
8.9
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performin...
CVE-2026-6155
HIGH
8.9
A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of...
CVE-2026-6156
HIGH
8.9
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipula...
CVE-2026-6195
HIGH
8.9
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler...
CVE-2026-6112
HIGH
8.9
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the ar...
CVE-2026-6113
HIGH
8.9
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component C...
CVE-2026-6114
HIGH
8.9
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a ...
CVE-2026-6115
HIGH
8.9
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argum...
CVE-2026-6116
HIGH
8.9
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The mani...
CVE-2026-6131
HIGH
8.9
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The m...
CVE-2026-6132
HIGH
8.9
A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulati...
CVE-2023-3634
HIGH
8.8
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, in...
CVE-2025-14868
HIGH
8.8
The Career Section plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Path Traversal and Arbitrary File Deletion in all versions up to, and including, 1.6. This is due to miss...
CVE-2026-1620
HIGH
8.8
The Livemesh Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.0. This is due to insufficient sanitization of the template name pa...
CVE-2026-3614
HIGH
8.8
The AcyMailing plugin for WordPress is vulnerable to privilege escalation in all versions From 9.11.0 up to, and including, 10.8.1 due to a missing capability check on the `wp_ajax_acymailing_router` ...
CVE-2026-40308
HIGH
8.8
My Calendar is a WordPress plugin for managing calendar events. In versions 3.7.6 and below, the mc_ajax_mcjs_action AJAX endpoint, registered for unauthenticated users, passes user-supplied arguments...
CVE-2026-34393
HIGH
8.8
Weblate is a web based localization tool. In versions prior to 5.17, the user patching API endpoint didn't properly limit the scope of edits. This issue has been fixed in version 5.17.
CVE-2026-40261
HIGH
8.8
Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase() method, which appends the $sourceR...
CVE-2026-40316
HIGH
8.8
OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain an RCE vulnerability in the .github/workflo...
CVE-2026-5617
HIGH
8.8
The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the handle_return_to_admin() function trusting a client-control...
CVE-2026-6299
HIGH
8.8
Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-6300
HIGH
8.8
Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6301
HIGH
8.8
Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6302
HIGH
8.8
Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6307
HIGH
8.8
Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6315
HIGH
8.8
Use after free in Permissions in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a craft...
CVE-2026-6316
HIGH
8.8
Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6317
HIGH
8.8
Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6358
HIGH
8.8
Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Critica...
CVE-2026-6359
HIGH
8.8
Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML...
CVE-2026-6360
HIGH
8.8
Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6363
HIGH
8.8
Type Confusion in V8 in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-24893
HIGH
8.8
openITCOCKPIT is an open source monitoring tool built for different monitoring engines. openITCOCKPIT Community Edition prior to version 5.5.2 contains a command injection vulnerability that allows an...
CVE-2026-26167
HIGH
8.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-26178
HIGH
8.8
Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.
CVE-2026-32157
HIGH
8.8
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-32171
HIGH
8.8
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
CVE-2026-32225
HIGH
8.8
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-33120
HIGH
8.8
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.
CVE-2026-35196
HIGH
8.8
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability exists in the main/inc/ajax/gradebook.ajax.php endpoint within the expo...
CVE-2026-38529
HIGH
8.8
A Broken Object-Level Authorization (BOLA) in the /Settings/UserController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily reset user passwords and perform a ful...
CVE-2026-39815
HIGH
8.8
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or comm...
CVE-2026-40291
HIGH
8.8
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification vulnerability in the PUT /api/users/{id} endpoint allows any authentic...
CVE-2026-1462
HIGH
8.8
A vulnerability in the `TFSMLayer` class of the `keras` package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of `.keras` models, even when `sa...
CVE-2019-25697
HIGH
8.8
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requ...
CVE-2019-25710
HIGH
8.8
Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Attackers can inject malici...
CVE-2026-5144
HIGH
8.8
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog...
CVE-2026-40262
HIGH
8.7
Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset delivery handler serves uploaded files inline and relies on magic-byte detection for content type, which do...
CVE-2026-2336
HIGH
8.7
A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a ...
CVE-2026-33082
HIGH
8.7
DataEase is an open source data visualization analysis tool. Versions 2.10.20 and below contain a SQL injection vulnerability in the dataset export functionality. The expressionTree parameter in POST ...
CVE-2026-33083
HIGH
8.7
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the orderDirection parameter used in dataset-related endpoints...
CVE-2026-33084
HIGH
8.7
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the sort parameter of the /de2api/datasetData/enumValueObj end...
CVE-2026-33121
HIGH
8.7
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the API datasource saving process. The deTableName field from ...
CVE-2026-35469
HIGH
8.7
spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocati...
CVE-2026-39313
HIGH
8.7
mcp-framework is a framework for building Model Context Protocol (MCP) servers. In versions 0.2.21 and below, the readRequestBody() function in the HTTP transport concatenates request body chunks into...
CVE-2026-40246
HIGH
8.7
free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceId...
CVE-2026-40247
HIGH
8.7
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for reading Traffic Influence Subscriptions checks whether the influenceId ...
CVE-2026-40248
HIGH
8.7
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether the...
CVE-2026-40502
HIGH
8.7
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient ...
CVE-2026-40900
HIGH
8.7
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplied...
CVE-2026-6351
HIGH
8.7
MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files.
CVE-2026-3505
HIGH
8.7
Allocation of resources without limits or throttling vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).This issue affects BC-JAVA: before 1.84.
Unbounded PGP AEAD chu...
CVE-2026-35569
HIGH
8.7
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in SEO-related fields (SEO Title and Meta Description),...
CVE-2026-40192
HIGH
8.7
Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attack...
CVE-2026-4682
HIGH
8.7
Certain HP DeskJet All in One devices
may be vulnerable to remote code execution caused by a buffer overflow when
specially crafted Web Services for Devices (WSD) scan requests are improperly
validate...
CVE-2026-25654
HIGH
8.7
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3). Affected products do not properly validate user authorization when processing password reset requests. This could allow an a...
CVE-2026-27668
HIGH
8.7
A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could a...
CVE-2026-27928
HIGH
8.7
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-34617
HIGH
8.7
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could result in privilege escalation. A low-privileged attacker could exploit this vuln...
CVE-2026-30806
HIGH
8.7
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Network Report. This issue affects Pandora FMS: from 777 through 800
CVE-2026-30809
HIGH
8.7
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800
CVE-2026-30813
HIGH
8.7
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800
CVE-2026-32272
HIGH
8.7
Craft Commerce is an ecommerce platform for Craft CMS. In versions 5.0.0 through 5.5.4, an SQL injection vulnerability exists where the ProductQuery::hasVariant and VariantQuery::hasProduct properties...
CVE-2026-34186
HIGH
8.7
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via custom fields. This issue affects Pandora FMS: from 777 through 800
CVE-2026-40040
HIGH
8.7
Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint....
CVE-2019-25706
HIGH
8.7
Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sensitive information by sending a simple GET request....
CVE-2026-22734
HIGH
8.6
Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions a...
CVE-2026-33122
HIGH
8.6
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the API datasource update process. When a new table definition...
CVE-2026-33207
HIGH
8.6
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql m...
CVE-2026-27290
HIGH
8.6
Adobe Framemaker versions 2022.8 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the appl...
CVE-2026-27305
HIGH
8.6
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system...
CVE-2026-34160
HIGH
8.6
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the PENS (Package Exchange Notification Services) plugin endpoint at public/plugin/Pens/pens.php is accessibl...
CVE-2026-34622
HIGH
8.6
Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability ...
CVE-2026-35032
HIGH
8.6
Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the LiveTV M3U tuner endpoint (POST /LiveTv/TunerHosts), where the tuner URL is not vali...
CVE-2026-30804
HIGH
8.6
Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 through 800
CVE-2018-25258
HIGH
8.6
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers ca...
CVE-2019-25689
HIGH
8.6
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious paylo...
CVE-2019-25691
HIGH
8.6
Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitatio...
CVE-2019-25695
HIGH
8.6
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a paylo...
CVE-2019-25701
HIGH
8.6
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers c...
CVE-2019-25705
HIGH
8.6
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field...
CVE-2026-40318
HIGH
8.5
SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and prior, the /api/av/removeUnusedAttributeView endpoint constructs a filesystem path using the user-controlled id par...
CVE-2026-22676
HIGH
8.5
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the...
CVE-2026-4145
HIGH
8.5
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated pr...
CVE-2026-0207
HIGH
8.5
A vulnerability exists in FlashBlade whereby sensitive information may be logged under specific conditions.
CVE-2026-38527
HIGH
8.5
A Server-Side Request Forgery (SSRF) in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying a crafted POST request.
CVE-2026-5936
HIGH
8.5
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal netwo...
CVE-2026-6204
HIGH
8.5
LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires...
CVE-2026-40499
HIGH
8.4
radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary commands by embedding a newline byte in ...
CVE-2026-4857
HIGH
8.4
IdentityIQ 8.5, all
IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ
8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug
Pages Read Only capabili...
CVE-2026-27306
HIGH
8.4
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Attacker re...
CVE-2026-32091
HIGH
8.4
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
CVE-2026-32162
HIGH
8.4
Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.
CVE-2026-32190
HIGH
8.4
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-32221
HIGH
8.4
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.
CVE-2026-33114
HIGH
8.4
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-33115
HIGH
8.4
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40287
HIGH
8.4
PraisonAI is a multi-agent teams system. Versions 4.5.138 and below are vulnerable to arbitrary code execution through automatic, unsanitized import of a tools.py file from the current working directo...
CVE-2026-30811
HIGH
8.4
Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpoint. This issue affects Pandora FMS: from 777 through 800
CVE-2026-35553
HIGH
8.4
Bluetooth ACPI Drivers provided by Dynabook Inc. contain a stack-based buffer overflow vulnerability. An attacker may execute arbitrary code by modifying certain registry values.
CVE-2026-40899
HIGH
8.3
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a JDBC parameter blocklist bypass vulnerability in the MySQL datasource configuration. The Mysq...
CVE-2026-6442
HIGH
8.3
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding speci...
CVE-2026-39884
HIGH
8.3
mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Versions 3.4.0 and prior contain an argument injection vulnerability in the port_forward tool in src/tools/p...
CVE-2026-6297
HIGH
8.3
Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit...
CVE-2026-6304
HIGH
8.3
Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. ...
CVE-2026-6309
HIGH
8.3
Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro...
CVE-2026-6310
HIGH
8.3
Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr...
CVE-2026-6311
HIGH
8.3
Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a ...
CVE-2026-6314
HIGH
8.3
Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. (Chro...
CVE-2026-6328
HIGH
8.3
Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux (QUIC protocol implementation, packet processing module, STREAM frame ha...
CVE-2026-3324
HIGH
8.2
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.
CVE-2026-40193
HIGH
8.2
maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module where user-supplied usernames are interpolated into LDAP search f...
CVE-2026-34632
HIGH
8.2
Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged lo...
CVE-2025-7389
HIGH
8.2
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server
through the adopted authority of the AdminServer proces...
CVE-2026-32316
HIGH
8.2
jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvp_string_append() and jvp_string_copy_replace_bad functions, where concatenating string...
CVE-2026-1116
HIGH
8.2
A Cross-site Scripting (XSS) vulnerability was identified in the `from_dict` method of the `AppLollmsMessage` class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of...
CVE-2026-3605
HIGH
8.1
An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulner...
CVE-2026-40259
HIGH
8.1
SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publ...
CVE-2026-40960
HIGH
8.1
Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods or secure.http_mods, then a crafted mod can intercept the req...
CVE-2026-41113
HIGH
8.1
sagredo qmail before 2026.04.07 allows tls_quit remote code execution because of popen in notlshosts_auto in qmail-remote.c.
CVE-2026-5785
HIGH
8.1
Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module.
CVE-2026-22828
HIGH
8.1
A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary ...
CVE-2026-33827
HIGH
8.1
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
CVE-2026-38530
HIGH
8.1
A Broken Object-Level Authorization (BOLA) in the /Controllers/Lead/LeadController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently ...
CVE-2026-38532
HIGH
8.1
A Broken Object-Level Authorization (BOLA) in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently...
CVE-2026-25205
HIGH
8.1
Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.This issue affects Escargot:commit hash
97e8115ab1110bc502b4b5e4a0c689a71520d335
.
CVE-2026-25208
HIGH
8.1
Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
CVE-2026-28291
HIGH
8.1
simple-git enables running native Git commands from JavaScript. Versions up to and including 3.31.1 allow execution of arbitrary commands through Git option manipulation, bypassing safety checks meant...
CVE-2026-40393
HIGH
8.1
In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca.
CVE-2026-33435
HIGH
8.0
Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain circ...
CVE-2026-6290
HIGH
8.0
Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with access...
CVE-2026-27912
HIGH
8.0
Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2026-33826
HIGH
8.0
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.
CVE-2026-35589
HIGH
8.0
nanobot is a personal AI assistant. Versions prior to 0.1.5 contain a Cross-Site WebSocket Hijacking (CSWSH) vulnerability exists in the bridge's WebSocket server in bridge/src/server.ts, resulting fr...
CVE-2026-22619
HIGH
7.8
Eaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an attacker with access to the software package. This...
CVE-2026-40176
HIGH
7.8
Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::generateP4Command() method, which constructs shel...
CVE-2026-5397
HIGH
7.8
It has been identified that a vulnerability (CWE-427) exists in the UPS (Uninterruptible Power Supply) management application, whereby improper permissions on the installation directory allow a malici...
CVE-2026-20930
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-23657
HIGH
7.8
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-26143
HIGH
7.8
Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-26153
HIGH
7.8
Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.
CVE-2026-26156
HIGH
7.8
Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2026-26159
HIGH
7.8
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
CVE-2026-26160
HIGH
7.8
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
CVE-2026-26161
HIGH
7.8
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.
CVE-2026-26162
HIGH
7.8
Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally.
CVE-2026-26163
HIGH
7.8
Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-26168
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-26170
HIGH
7.8
Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
CVE-2026-26172
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-26176
HIGH
7.8
Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized attacker to elevate privileges locally.
CVE-2026-26179
HIGH
7.8
Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-26180
HIGH
7.8
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-26181
HIGH
7.8
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2026-26183
HIGH
7.8
Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally.
CVE-2026-26184
HIGH
7.8
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-27238
HIGH
7.8
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita...
CVE-2026-27283
HIGH
7.8
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this...
CVE-2026-27284
HIGH
7.8
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory str...
CVE-2026-27287
HIGH
7.8
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An...
CVE-2026-27289
HIGH
7.8
Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure....
CVE-2026-27291
HIGH
7.8
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o...
CVE-2026-27292
HIGH
7.8
Adobe Framemaker versions 2022.8 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...
CVE-2026-27293
HIGH
7.8
Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o...
CVE-2026-27294
HIGH
7.8
Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure...
CVE-2026-27295
HIGH
7.8
Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this...
CVE-2026-27296
HIGH
7.8
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. E...
CVE-2026-27297
HIGH
7.8
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. E...
CVE-2026-27298
HIGH
7.8
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context...
CVE-2026-27310
HIGH
7.8
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of ...
CVE-2026-27311
HIGH
7.8
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of ...
CVE-2026-27312
HIGH
7.8
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of ...
CVE-2026-27313
HIGH
7.8
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of ...
CVE-2026-27907
HIGH
7.8
Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
CVE-2026-27909
HIGH
7.8
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
CVE-2026-27910
HIGH
7.8
Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2026-27911
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-27914
HIGH
7.8
Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.
CVE-2026-27915
HIGH
7.8
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-27916
HIGH
7.8
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-27918
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2026-27919
HIGH
7.8
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-27920
HIGH
7.8
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-27923
HIGH
7.8
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-27924
HIGH
7.8
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-27927
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-32069
HIGH
7.8
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-32074
HIGH
7.8
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-32076
HIGH
7.8
Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
CVE-2026-32077
HIGH
7.8
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-32078
HIGH
7.8
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-32089
HIGH
7.8
Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.
CVE-2026-32090
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.
CVE-2026-32152
HIGH
7.8
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32153
HIGH
7.8
Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
CVE-2026-32154
HIGH
7.8
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32155
HIGH
7.8
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32158
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32159
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32160
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32163
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-32164
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-32165
HIGH
7.8
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-32168
HIGH
7.8
Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-32183
HIGH
7.8
Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.
CVE-2026-32184
HIGH
7.8
Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally.
CVE-2026-32189
HIGH
7.8
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-32192
HIGH
7.8
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-32197
HIGH
7.8
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-32198
HIGH
7.8
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-32199
HIGH
7.8
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-32200
HIGH
7.8
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2026-32222
HIGH
7.8
Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2026-33023
HIGH
7.8
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in load...
CVE-2026-33095
HIGH
7.8
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-33098
HIGH
7.8
Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-33101
HIGH
7.8
Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
CVE-2026-33825
HIGH
7.8
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.
CVE-2026-34618
HIGH
7.8
Illustrator versions 30.2, 29.8.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi...
CVE-2026-34627
HIGH
7.8
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita...
CVE-2026-34628
HIGH
7.8
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita...
CVE-2026-34629
HIGH
7.8
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita...
CVE-2026-34630
HIGH
7.8
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of ...
CVE-2026-34631
HIGH
7.8
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this iss...
CVE-2026-4150
HIGH
7.8
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is ...
CVE-2026-4151
HIGH
7.8
GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is ...
CVE-2026-4152
HIGH
7.8
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inter...
CVE-2026-4153
HIGH
7.8
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inter...
CVE-2026-4154
HIGH
7.8
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is ...
CVE-2026-5054
HIGH
7.8
NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker m...
CVE-2026-5055
HIGH
7.8
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attack...
CVE-2026-5493
HIGH
7.8
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installation...
CVE-2026-5494
HIGH
7.8
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installation...
CVE-2026-5495
HIGH
7.8
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installation...
CVE-2026-5496
HIGH
7.8
Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ...
CVE-2026-34242
HIGH
7.7
Weblate is a web based localization tool. In versions prior to 5.17, the ZIP download feature didn't verify downloaded files, potentially following symlinks outside the repository. This issue has bee...
CVE-2026-27913
HIGH
7.7
Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-34619
HIGH
7.7
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature ...
CVE-2026-40683
HIGH
7.7
In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the user_enabled_invert configuration option is False (the default). The _l...
CVE-2026-32271
HIGH
7.7
Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 through 5.5.4, there is an SQL injection vulnerability in the Commerce TotalRevenue widget which allow...
CVE-2026-34853
HIGH
7.7
Permission bypass vulnerability in the LBS module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-63029
HIGH
7.6
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WC Lovers WCFM Marketplace allows SQL Injection.This issue affects WCFM Marketplace: from n/a thro...
CVE-2026-4525
HIGH
7.5
If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault, Vault forwarded the Vault token to the auth plugin back...
CVE-2024-2374
HIGH
7.5
The XML parsers within multiple WSO2 products accept user-supplied XML data without properly configuring to prevent the resolution of external entities. This omission allows malicious actors to craft ...
CVE-2026-3489
HIGH
7.5
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insuf...
CVE-2026-3599
HIGH
7.5
The Riaxe Product Customizer plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter keys within 'product_data' of the /wp-json/InkXEProductDesignerLite/add-item-to-cart REST A...
CVE-2026-40170
HIGH
7.5
ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack buf...
CVE-2026-40245
HIGH
7.5
Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions 4.2.1 and below contain an information disclosure vulnerability in the UDR (Unified Data Repos...
CVE-2026-40901
HIGH
7.5
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTr...
CVE-2026-5050
HIGH
7.5
The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 7.0.0 due to successful_reque...
CVE-2024-33618
HIGH
7.5
Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1
allows attackers to consume excessive amounts of disk space via network interface.
CVE-2026-33806
HIGH
7.5
Impact:
Fastify applications using schema.body.content for per-content-type body validation can have validation bypassed entirely by prepending a space to the Content-Type header. The body is still p...
CVE-2026-40719
HIGH
7.5
Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved.
CVE-2026-6372
HIGH
7.5
Missing Authorization vulnerability in Plisio Accept Cryptocurrencies with Plisio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept Cryptocurrencies wit...
CVE-2026-23666
HIGH
7.5
Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-23708
HIGH
7.5
A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through...
CVE-2026-26154
HIGH
7.5
Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.
CVE-2026-26171
HIGH
7.5
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.
CVE-2026-27282
HIGH
7.5
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability...
CVE-2026-32071
HIGH
7.5
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
CVE-2026-32178
HIGH
7.5
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32203
HIGH
7.5
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.
CVE-2026-33096
HIGH
7.5
Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
CVE-2026-33116
HIGH
7.5
Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.
CVE-2026-40164
HIGH
7.5
jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed (0x432A9843) for all JSON object hash table ope...
CVE-2026-4352
HIGH
7.5
The JetEngine plugin for WordPress is vulnerable to SQL Injection via the Custom Content Type (CCT) REST API search endpoint in all versions up to, and including, 3.8.6.1. This is due to the `_cct_sea...
CVE-2026-22566
HIGH
7.5
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials.
Affected Products:
UniFi Play PowerAmp (Version 1...
CVE-2026-32605
HIGH
7.5
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by p...
CVE-2026-33901
HIGH
7.5
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that coul...
CVE-2026-33908
HIGH
7.5
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the `DestroyXM...
CVE-2026-34188
HIGH
7.5
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Event Response execution. This issue affects Pandora FMS: from 777 through 800
CVE-2026-4155
HIGH
7.5
ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected i...
CVE-2026-4156
HIGH
7.5
ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat...
CVE-2026-4157
HIGH
7.5
ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ...
CVE-2026-33804
HIGH
7.4
@fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic does not account...
CVE-2026-41015
HIGH
7.4
radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use the latest version from git (not a release)...
CVE-2026-41035
HIGH
7.4
In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, m...
CVE-2026-32631
HIGH
7.4
Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricki...
CVE-2026-33667
HIGH
7.4
OpenProject is an open-source project management application. In versions prior to 17.3.0, 2FA OTP verification in the confirm_otp action of the two_factor_authentication module has no rate limiting, ...
CVE-2026-2332
HIGH
7.4
In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques outlined here:
* https://w4ke.info/2025/06/18/funky...
CVE-2026-2450
HIGH
7.4
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant ...
CVE-2026-32156
HIGH
7.4
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.
CVE-2026-25207
HIGH
7.4
Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
CVE-2026-6135
HIGH
7.4
A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of the argument page can lead to ...
CVE-2026-6136
HIGH
7.4
A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to stack-based b...
CVE-2026-6137
HIGH
7.4
A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPassword ...
CVE-2026-6157
HIGH
7.4
A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. The manipulation of the argument apcliS...
CVE-2026-6168
HIGH
7.4
A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid5g causes s...
CVE-2026-6186
HIGH
7.4
A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument...
CVE-2026-6194
HIGH
7.4
A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. Th...
CVE-2026-6196
HIGH
7.4
A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based b...
CVE-2026-6197
HIGH
7.4
A flaw has been found in Tenda F456 1.0.0.5. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Executing a manipulation of the argument mit_ssid can lead to ...
CVE-2026-6198
HIGH
7.4
A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-ba...
CVE-2026-6199
HIGH
7.4
A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. I...
CVE-2026-6200
HIGH
7.4
A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the argument menufacturer/Go caus...
CVE-2026-6120
HIGH
7.4
A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results...
CVE-2026-6121
HIGH
7.4
A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO c...
CVE-2026-6122
HIGH
7.4
A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page lea...
CVE-2026-6123
HIGH
7.4
A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of the argument entrys result...
CVE-2026-6124
HIGH
7.4
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of th...
CVE-2026-6133
HIGH
7.4
A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to stack-ba...
CVE-2026-6134
HIGH
7.4
A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation of the argument q...
CVE-2026-3690
HIGH
7.4
OpenClaw Canvas Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploi...
CVE-2026-23772
HIGH
7.3
Dell Storage Manager - Replay Manager for Microsoft Servers, version(s) 8.0, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially ex...
CVE-2026-41082
HIGH
7.3
In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.
CVE-2026-4667
HIGH
7.3
HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability.
CVE-2026-6384
HIGH
7.3
A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` function allows an attacker to write beyond an allocated buffer by processing a speci...
CVE-2026-32149
HIGH
7.3
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.
CVE-2026-33021
HIGH
7.3
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixel_encoder_encode_bytes() because sixel_frame_init(...
CVE-2026-34856
HIGH
7.3
UAF vulnerability in the communication module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-4158
HIGH
7.3
KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of...
CVE-2026-5231
HIGH
7.2
The WP Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'utm_source' parameter in all versions up to, and including, 14.16.4. This is due to insufficient input sani...
CVE-2026-3876
HIGH
7.2
The Prismatic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'prismatic_encoded' pseudo-shortcode in all versions up to, and including, 3.7.3. This is due to insufficient in...
CVE-2025-40897
HIGH
7.2
An access control vulnerability was discovered in the Threat Intelligence functionality due to a specific access restriction not being properly enforced for users with view-only privileges. An authent...
CVE-2026-20205
HIGH
7.2
In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session...
CVE-2026-2834
HIGH
7.2
The Age Verification & Identity Verification by Token of Trust plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ parameter in all versions up to, and including, 3...
CVE-2026-3643
HIGH
7.2
The Accessibly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in all versions up to, and including, 3.0.3. The plugin registers REST API endpoints at `/otm-ac/v1/up...
CVE-2026-39971
HIGH
7.2
Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending functionality in include/functions.inc.php inserts $_SERVER['HTTP_HOST'] directly into the Message-ID SMT...
CVE-2026-5694
HIGH
7.2
The Quick Interest Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'loan-amount' and 'loan-period' parameters in all versions up to, and including, 3.1.5 due to insuff...
CVE-2026-6361
HIGH
7.2
Heap buffer overflow in PDFium in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a s...
CVE-2025-61848
HIGH
7.2
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7....
CVE-2026-3017
HIGH
7.2
The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserializa...
CVE-2026-33715
HIGH
7.2
Chamilo LMS is an open-source learning management system. In version 2.0-RC.2, the file public/main/inc/ajax/install.ajax.php is accessible without authentication on fully installed instances because,...
CVE-2026-39387
HIGH
7.2
BoidCMS is an open-source, PHP-based flat-file CMS for building simple websites and blogs, using JSON as its database. Versions prior to 2.1.3 are vulnerable to a critical Local File Inclusion (LFI) a...
CVE-2026-40315
HIGH
7.2
PraisonAI is a multi-agent teams system. Prior to 4.5.133, there is an SQL identifier injection vulnerability in SQLiteConversationStore where the table_prefix configuration value is directly concaten...
CVE-2026-40688
HIGH
7.2
A out-of-bounds write vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow attacker to execute unauthorized code or commands vi...
CVE-2026-4388
HIGH
7.2
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field (Text Box input type) in form submissions in all versions up to, and including, 1.15.40. ...
CVE-2026-6227
HIGH
7.2
The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the `block_name` parameter of the `/wp-json/backwpup/v1/getblock` REST endpoint in all versions up to, and including, 5.6.6 ...
CVE-2026-0234
HIGH
7.2
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access...
CVE-2026-5217
HIGH
7.2
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2....
CVE-2025-54502
HIGH
7.1
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resultin...
CVE-2026-40503
HIGH
7.1
OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memo...
CVE-2026-6409
HIGH
7.1
A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or deep...
CVE-2025-40899
HIGH
7.1
A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges c...
CVE-2026-20204
HIGH
7.1
In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a ...
CVE-2026-40090
HIGH
7.1
Zarf is an Airgap Native Packager Manager for Kubernetes. Versions 0.23.0 through 0.74.1 contain an arbitrary file write vulnerability in the zarf package inspect sbom and zarf package inspect documen...
CVE-2026-26151
HIGH
7.1
Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32188
HIGH
7.1
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-33019
HIGH
7.1
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling ...
CVE-2026-33020
HIGH
7.1
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixel_frame_convert_to_rgb...
CVE-2026-33714
HIGH
7.1
Chamilo is an open-source learning management system (LMS). Version 2.0.0-RC.2 contains a SQL Injection vulnerability in the statistics AJAX endpoint, which is an incomplete fix for CVE-2026-30881. Wh...
CVE-2026-34256
HIGH
7.1
Due to a missing authorization check in SAP ERP and SAP S/4HANA (Private Cloud and On-Premise), an authenticated attacker could execute a particular ABAP report to overwrite any existing eight?charact...
CVE-2026-34602
HIGH
7.1
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/course_rel_users endpoint is vulnerable to Insecure Direct Object Reference (IDOR), allowing an auth...
CVE-2026-34984
HIGH
7.1
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Versions 2.2.0 and below contain a vulnerability in runtime/template/...
CVE-2026-38528
HIGH
7.1
Krayin CRM v2.2.x was discovered to contain a SQL injection vulnerability via the rotten_lead parameter at /Lead/LeadDataGrid.php.
CVE-2026-4344
HIGH
7.1
A maliciously crafted HTML payload in a component name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the...
CVE-2026-4345
HIGH
7.1
A maliciously crafted HTML payload, stored in a design name and exported to CSV, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious a...
CVE-2026-4369
HIGH
7.1
A maliciously crafted HTML payload in an assembly variant name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerabilit...
CVE-2025-3756
HIGH
7.1
A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks coul...
CVE-2026-40039
HIGH
7.1
Pachno 1.0.6 contains an open redirection vulnerability that allows attackers to redirect users to arbitrary external websites by manipulating the return_to parameter. Attackers can craft malicious lo...
CVE-2026-40043
HIGH
7.1
Pachno 1.0.6 contains an authentication bypass vulnerability in the runSwitchUser() action that allows authenticated low-privilege users to escalate privileges by manipulating the original_username co...
CVE-2026-40436
HIGH
7.1
The ZTE ZXEDM iEMS product has a password reset vulnerability for any user.Because the management of the cloud EMS portal does not properly control access to the user list acquisition function, attack...
CVE-2018-25257
HIGH
7.1
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileFo...
CVE-2019-25693
HIGH
7.1
ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collection_...
CVE-2019-25699
HIGH
7.1
Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and bo...
CVE-2019-25703
HIGH
7.1
ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Attacker...
CVE-2019-25707
HIGH
7.1
eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send...
CVE-2019-25713
HIGH
7.1
MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Charge[group_total] parameter. Attacke...
CVE-2026-5053
HIGH
7.1
NoMachine External Control of File Path Arbitrary File Deletion Vulnerability. This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker m...
CVE-2026-5809
HIGH
7.1
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topic_add() and topic_edit() action hand...
CVE-2026-4134
HIGH
7.0
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to execute code with elevated p...
CVE-2026-25184
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.
CVE-2026-26152
HIGH
7.0
Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
CVE-2026-26165
HIGH
7.0
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2026-26166
HIGH
7.0
Double free in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2026-26173
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-26174
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
CVE-2026-26177
HIGH
7.0
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-26182
HIGH
7.0
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-27908
HIGH
7.0
Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.
CVE-2026-27917
HIGH
7.0
Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.
CVE-2026-27921
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
CVE-2026-27922
HIGH
7.0
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-27926
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-27929
HIGH
7.0
Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.
CVE-2026-32068
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVE-2026-32070
HIGH
7.0
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-32073
HIGH
7.0
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-32075
HIGH
7.0
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-32080
HIGH
7.0
Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally.
CVE-2026-32082
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVE-2026-32083
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVE-2026-32086
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-32087
HIGH
7.0
Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-32093
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-32150
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-32195
HIGH
7.0
Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-32219
HIGH
7.0
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2026-32224
HIGH
7.0
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
CVE-2026-33018
HIGH
7.0
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the load_gif() function in fromgif.c, where a single ...
CVE-2026-33099
HIGH
7.0
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-33100
HIGH
7.0
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-33104
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2026-39906
HIGH
7.0
Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hashe...
CVE-2026-39907
HIGH
7.0
Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LF...
CVE-2026-4786
HIGH
7.0
Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open()" API could have commands injected into the u...
CVE-2026-40260
MEDIUM
6.9
pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craf...
CVE-2026-40249
MEDIUM
6.9
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/poli...
CVE-2026-0827
MEDIUM
6.9
During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, during installation or when using hardware...
CVE-2026-39963
MEDIUM
6.9
Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the serendipity_setCookie() function in include/functions_config.inc.php uses $_SERVER['HTTP_HOST'] without validation as ...
CVE-2026-40104
MEDIUM
6.9
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 1.8-rc-1, 17.0.0-rc-1 and 17.5.0-rc-1 and prior include a resource exhaustion vulnerab...
CVE-2026-0209
MEDIUM
6.9
Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured.
CVE-2026-2399
MEDIUM
6.9
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause critical files overwritten with text data when a Web Admin user alters the P...
CVE-2026-2402
MEDIUM
6.9
CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker to gain access to the user account by performing an arbitrary number of authenticati...
CVE-2026-24032
MEDIUM
6.9
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3 with UMC). The affected application contains an authentication weakness due to insufficient validation of user identity in the...
CVE-2026-2404
MEDIUM
6.9
CWE-116 Improper Encoding or Escaping of Output vulnerability exists that could cause log injection and forged log when an attacker alters the POST /j_security check request payload.
CVE-2026-37980
MEDIUM
6.9
A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with `manage-realm` or `manage-organizations` administrative privileges can exploit a Stored Cros...
CVE-2026-39422
MEDIUM
6.9
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability through the application name or icon fields when creating an app...
CVE-2026-39423
MEDIUM
6.9
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an Eval Injection vulnerability in the Markdown rendering engine that allows any user capable of interacting with ...
CVE-2026-4832
MEDIUM
6.9
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port.
CVE-2026-21013
MEDIUM
6.9
Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information.
CVE-2026-28553
MEDIUM
6.9
Vulnerability of improper permission control in the theme setting module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2026-39979
MEDIUM
6.9
jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts a counted buffer with an explicit length parameter, but its e...
CVE-2026-6142
MEDIUM
6.9
A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. Affected by this vulnerability is an unknown functionality of the file /admin/room...
CVE-2026-6148
MEDIUM
6.9
A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. P...
CVE-2026-6149
MEDIUM
6.9
A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation ...
CVE-2026-6151
MEDIUM
6.9
A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument...
CVE-2026-6152
MEDIUM
6.9
A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation of the a...
CVE-2026-6153
MEDIUM
6.9
A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /util/StaffDetailsFunction.php. Such manipulation of the argument ST...
CVE-2026-6158
MEDIUM
6.9
A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. T...
CVE-2026-6161
MEDIUM
6.9
A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argume...
CVE-2026-6163
MEDIUM
6.9
A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument ...
CVE-2026-6164
MEDIUM
6.9
A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results i...
CVE-2026-6165
MEDIUM
6.9
A weakness has been identified in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/Login_check.php. Executing a manipulation of the argum...
CVE-2026-6166
MEDIUM
6.9
A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php. The manipula...
CVE-2026-6167
MEDIUM
6.9
A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown function of the file /subject-print.php. The manipulation of the argument ID results in sql injectio...
CVE-2026-6182
MEDIUM
6.9
A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of ...
CVE-2026-6183
MEDIUM
6.9
A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected by this issue is some unknown functionality of the file /web/index.php. Performing a manipulation of...
CVE-2026-6187
MEDIUM
6.9
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chk_prod_availability. The manipulation ...
CVE-2026-6188
MEDIUM
6.9
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. This manipulation of the argument ID causes ...
CVE-2026-6189
MEDIUM
6.9
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argum...
CVE-2026-6193
MEDIUM
6.9
A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql in...
CVE-2026-6224
MEDIUM
6.9
A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javasc...
CVE-2019-25711
MEDIUM
6.9
SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized buffer in the Name field during registration. A...
CVE-2019-25712
MEDIUM
6.9
BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can trig...
CVE-2026-6110
MEDIUM
6.9
A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generate_thoughts of the file metagpt/strategy/tot.py of the component Tree-of-Thought Solver. The man...
CVE-2026-6126
MEDIUM
6.9
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing...
CVE-2026-6129
MEDIUM
6.9
A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing auth...
CVE-2026-6130
MEDIUM
6.9
A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component Model Context Protocol Server M...
CVE-2026-6105
MEDIUM
6.9
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component ...
CVE-2026-40253
MEDIUM
6.8
openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no...
CVE-2026-28741
MEDIUM
6.8
Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to validate CSRF tokens on an authentication endpoint which allows an attacker to update a user's aut...
CVE-2026-33220
MEDIUM
6.8
Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't perform proper access control. This issue has been fi...
CVE-2026-32223
MEDIUM
6.8
Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.
CVE-2025-31991
MEDIUM
6.8
Rate Limiting for attempting a user login is not being properly enforced, making HCL DevOps Velocity susceptible to brute-force attacks past the unsuccessful login attempt limit. This vulnerability i...
CVE-2026-21012
MEDIUM
6.8
External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege.
CVE-2026-34864
MEDIUM
6.8
Boundary-unlimited vulnerability in the application read module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-0390
MEDIUM
6.7
Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.
CVE-2026-25691
MEDIUM
6.7
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all vers...
CVE-2026-32167
MEDIUM
6.7
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
CVE-2026-32176
MEDIUM
6.7
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
CVE-2026-39809
MEDIUM
6.7
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5, FortiClientEMS 7.2.0 through 7.2.12, FortiClientEMS...
CVE-2026-39814
MEDIUM
6.7
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.1 through 7.4.12, FortiWeb 7.2.7 through 7.2.12, FortiWeb 7.0.10 through 7....
CVE-2026-25206
MEDIUM
6.7
Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
CVE-2026-34863
MEDIUM
6.7
Out-of-bounds write vulnerability in the file system.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-43937
MEDIUM
6.6
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit thi...
CVE-2026-20202
MEDIUM
6.6
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a...
CVE-2026-21010
MEDIUM
6.6
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions.
CVE-2026-3488
MEDIUM
6.5
The WP Statistics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14.16.4. This is due to missing capability checks on multiple AJAX handlers includin...
CVE-2026-4666
MEDIUM
6.5
The wpForo Forum plugin for WordPress is vulnerable to unauthorized modification of data due to the use of `extract($args, EXTR_OVERWRITE)` on user-controlled input in the `edit()` method of `classes/...
CVE-2026-4817
MEDIUM
6.5
The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to Time-based Blind SQL Injection via the 'order' and 'orderby' parameters in the /lms/stm-lms/...
CVE-2026-22616
MEDIUM
6.5
Eaton Intelligent Power Protector (IPP) software allows repeated authentication attempts against the web interface login page due to insufficient rate‑limiting controls. This security issue has been f...
CVE-2026-3773
MEDIUM
6.5
The Accessibility Suite by Ability, Inc plugin for WordPress is vulnerable to SQL Injection via the 'scan_id' parameter in all versions up to, and including, 4.20. This is due to insufficient escaping...
CVE-2026-3861
MEDIUM
6.5
LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs, potentially causing the iOS device...
CVE-2025-15470
MEDIUM
6.5
The Eleganzo theme for WordPress is vulnerable to arbitrary directory deletion due to insufficient path validation in the akd_required_plugin_callback function in all versions up to, and including, 1....
CVE-2025-15636
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Emarket-design YouTube Showcase allows Stored XSS.This issue affects YouTube Showcase: from n/a th...
CVE-2026-20078
MEDIUM
6.5
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacke...
CVE-2026-20081
MEDIUM
6.5
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacke...
CVE-2026-3590
MEDIUM
6.5
Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with ac...
CVE-2026-40105
MEDIUM
6.5
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 10.4-rc-1, through 16.10.15, 17.0.0-rc-1, through 17.4.7 and 17.5.0-rc-1 through 17.1...
CVE-2026-6385
MEDIUM
6.5
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is...
CVE-2025-53847
MEDIUM
6.5
A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6...
CVE-2026-22155
MEDIUM
6.5
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 ...
CVE-2026-22573
MEDIUM
6.5
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5 all versions, FortiSOAR PaaS 7.4 all ...
CVE-2026-2582
MEDIUM
6.5
The The Germanized for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution via 'account_holder' parameter in all versions up to, and including, 3.20.5. This is due to the s...
CVE-2026-26155
MEDIUM
6.5
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2026-27677
MEDIUM
6.5
Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), an attacker could update and delete child entities via OData services without proper authorization. T...
CVE-2026-27678
MEDIUM
6.5
Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without proper...
CVE-2026-27679
MEDIUM
6.5
Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without prope...
CVE-2026-27925
MEDIUM
6.5
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.
CVE-2026-32151
MEDIUM
6.5
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.
CVE-2026-32201
MEDIUM
6.5
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-34261
MEDIUM
6.5
Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing...
CVE-2026-34264
MEDIUM
6.5
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the ...
CVE-2026-34370
MEDIUM
6.5
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the notebook module contains an Insecure Direct Object Reference (IDOR) vulnerability that allows any authent...
CVE-2026-35034
MEDIUM
6.5
Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a denial of service vulnerability in the SyncPlay group creation endpoint (POST /SyncPlay/New), where an authenti...
CVE-2026-40446
MEDIUM
6.5
Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a7152...
CVE-2026-3689
MEDIUM
6.5
OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication ...
CVE-2026-5207
MEDIUM
6.5
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied param...
CVE-2026-5162
MEDIUM
6.4
The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagram_follow_text' setting in all versions up to, and including, 1...
CVE-2025-13364
MEDIUM
6.4
The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'put_wpgm' shortcode in all versions ...
CVE-2026-1572
MEDIUM
6.4
The Livemesh Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 9.0....
CVE-2026-2840
MEDIUM
6.4
The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eeb_mailto' shortcode in all versions up to, and including, 2.4...
CVE-2026-3299
MEDIUM
6.4
The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitizat...
CVE-2026-3875
MEDIUM
6.4
The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocs_feedback_form' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient i...
CVE-2026-3878
MEDIUM
6.4
The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdocs_options[icon_size]' parameter in all versions up to, and including, 2.2.9 due to insufficient input saniti...
CVE-2026-3885
MEDIUM
6.4
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_box' shortcode in all versions up to, and including, 7.4.9 due to ...
CVE-2026-5070
MEDIUM
6.4
The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery...
CVE-2026-3659
MEDIUM
6.4
The WP Circliful plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode attribute of the [circliful] shortcode and via multiple shortcode attributes of the [circliful...
CVE-2026-3998
MEDIUM
6.4
The WM JqMath plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' shortcode attribute of the [jqmath] shortcode in all versions up to and including 1.3. This is due to in...
CVE-2026-4005
MEDIUM
6.4
The Coachific Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userhash' shortcode attribute in all versions up to and including 1.0. This is due to insufficient in...
CVE-2026-4011
MEDIUM
6.4
The Power Charts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the [pc] shortcode in all versions up to, and including, 0.1.0. This is due to insuffi...
CVE-2026-5717
MEDIUM
6.4
The VI: Include Post By plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class_container' attribute of the 'include-post-by-cat' shortcode in all versions up to, and includin...
CVE-2026-1607
MEDIUM
6.4
The Surbma | Booking.com Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `surbma-bookingcom` shortcode in all versions up to, and including, 2.1 due to ins...
CVE-2026-4059
MEDIUM
6.4
The ShopLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the woolentor_quickview_button shortcode's button_text attribute in all versions up to, and including, 3.3.5. This ...
CVE-2026-3498
MEDIUM
6.4
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'clientId' block attribute in all versions up to, and including, 2.2.15. This is due to insufficient input...
CVE-2026-4895
MEDIUM
6.4
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 12.8.9 This is due to insufficient input sanitiza...
CVE-2025-40745
MEDIUM
6.3
A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (Al...
CVE-2026-27299
MEDIUM
6.3
Adobe Framemaker versions 2022.8 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to ...
CVE-2026-34626
MEDIUM
6.3
Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability ...
CVE-2026-39420
MEDIUM
6.3
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the L...
CVE-2026-39421
MEDIUM
6.3
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw...
CVE-2026-34861
MEDIUM
6.3
Race condition vulnerability in the thermal management module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-34862
MEDIUM
6.3
Race condition vulnerability in the power consumption statistics module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-6179
MEDIUM
6.3
Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser
CVE-2026-41030
MEDIUM
6.2
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges.
CVE-2026-32072
MEDIUM
6.2
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
CVE-2026-25204
MEDIUM
6.2
Deserialization of untrusted data vulnerability in Samsung Open Source Escarogt Java Script allows denial of service condition via process abort.
This issue affects escarogt prior to commit hash
97...
CVE-2026-33947
MEDIUM
6.2
jq is a command-line JSON processor. In versions 1.8.1 and below, functions jv_setpath(), jv_getpath(), and delpaths_sorted() in jq's src/jv_aux.c use unbounded recursion whose depth is controlled by ...
CVE-2026-40169
MEDIUM
6.2
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a ya...
CVE-2026-40312
MEDIUM
6.2
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicou...
CVE-2026-32146
MEDIUM
6.2
Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download.
Dependency names from gleam.toml and ...
CVE-2024-10242
MEDIUM
6.1
The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. This allows an attacker to inject malicious script payloads into the input param...
CVE-2025-6024
MEDIUM
6.1
The authentication endpoint fails to encode user-supplied input before rendering it in the web page, allowing for script injection.
An attacker can leverage this by injecting malicious scripts into th...
CVE-2026-3355
MEDIUM
6.1
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘crsearch’ parameter in all versions up to, and including, 5.101.0 due to insufficient...
CVE-2026-40255
MEDIUM
6.1
AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through 8.1.3, and @adonisjs/core versions pri...
CVE-2026-4032
MEDIUM
6.1
The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comment shortcode in versions up to, and including, 0.10.1 due to insufficient input...
CVE-2026-1852
MEDIUM
6.1
The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation...
CVE-2026-20059
MEDIUM
6.1
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
Th...
CVE-2026-20170
MEDIUM
6.1
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed thi...
CVE-2026-40186
MEDIUM
6.1
ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses...
CVE-2026-40500
MEDIUM
6.1
ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that allows authenticated administrators to supply arbi...
CVE-2026-4091
MEDIUM
6.1
The OPEN-BRAIN plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.0. This is due to missing nonce verification on the settings form in the func_...
CVE-2026-40919
MEDIUM
6.1
A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacker...
CVE-2025-69993
MEDIUM
6.1
Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting (XSS) via the bindPopup() method. This method renders user-supplied input as raw HTML without sanitization, allowing a...
CVE-2026-0512
MEDIUM
6.1
Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL, that if accessed b...
CVE-2026-21331
MEDIUM
6.1
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerab...
CVE-2026-26169
MEDIUM
6.1
Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally.
CVE-2026-27674
MEDIUM
6.1
Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker could supply crafted input that is interpreted by the application and caus...
CVE-2026-32088
MEDIUM
6.1
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical at...
CVE-2026-32196
MEDIUM
6.1
Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-33822
MEDIUM
6.1
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2026-34257
MEDIUM
6.1
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the pag...
CVE-2026-34614
MEDIUM
6.1
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerab...
CVE-2026-34852
MEDIUM
6.1
Stack overflow vulnerability in the media platform.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-39956
MEDIUM
6.1
jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes its arguments directly to jv_string_indexes() witho...
CVE-2026-6203
MEDIUM
6.1
The User Registration & Membership plugin for WordPress is vulnerable to Open Redirect in versions up to and including 5.1.4. This is due to insufficient validation of user-supplied URLs passed via th...
CVE-2026-5226
MEDIUM
6.1
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient outpu...
CVE-2025-12624
MEDIUM
6.0
Active access tokens are not revoked or invalidated when a user account is locked within WSO2 Identity Server. This failure to enforce revocation allows previously issued, valid tokens to remain usabl...
CVE-2026-22615
MEDIUM
6.0
Due to improper
input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is
possible for an attacker with admin privileges and access to the local system to
inject malicious code...
CVE-2026-20136
MEDIUM
6.0
A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges t...
CVE-2026-40091
MEDIUM
6.0
SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions 1.49.0 through 1.51.0, when SpiceDB starts with log level info, the startup "...
CVE-2025-61624
MEDIUM
6.0
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') [CWE-22] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions,...
CVE-2025-68649
MEDIUM
6.0
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all ...
CVE-2026-39810
MEDIUM
6.0
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via <insert attack vector here>
CVE-2026-40265
MEDIUM
5.9
Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/{noteID}/assets/{assetID} is registered without authentication middleware, ...
CVE-2025-54510
MEDIUM
5.9
Missing lock check in AMD Platform Security Processor in AMD EPYC™ 9005 Series CPUs allows a privileged attacker to potentially impact guest confidentiality via local access.
CVE-2026-22618
MEDIUM
5.9
A security misconfiguration was identified in Eaton Intelligent Power Protector (IPP), where an HTTP response header was set with an insecure attribute, potentially exposing users to web‑based attacks...
CVE-2026-6414
MEDIUM
5.9
@fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separators (%2F) before filesystem resolution, while Fastify's router treats them as literal characters. This mismatch allows a...
CVE-2026-6370
MEDIUM
5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Mini Ajax Cart for WooCommerce allows Stored XSS.This issue affects Mini Ajax Cart for ...
CVE-2026-32226
MEDIUM
5.9
Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-25209
MEDIUM
5.9
Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
CVE-2026-33900
MEDIUM
5.9
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-189 and 6.9.13-44, the viff encoder contains an integer truncation/wraparoun...
CVE-2026-34859
MEDIUM
5.9
UAF vulnerability in the kernel module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2025-15621
MEDIUM
5.7
Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication
CVE-2026-22617
MEDIUM
5.7
Eaton Intelligent Power Protector (IPP) uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. Thi...
CVE-2026-21742
MEDIUM
5.7
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 ...
CVE-2026-23653
MEDIUM
5.7
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an authorized attacker to disclose information over a network.
CVE-2026-23670
MEDIUM
5.7
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
CVE-2026-4913
MEDIUM
5.7
Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled.
CVE-2026-34854
MEDIUM
5.7
UAF vulnerability in the kernel module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2026-34855
MEDIUM
5.7
Out-of-bounds write vulnerability in the kernel module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2023-20585
MEDIUM
5.6
Insuffient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised HV to trigger an out of bounds condition without RMP checks resulting in a potential...
CVE-2026-34867
MEDIUM
5.6
Double free vulnerability in the multi-mode input system.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-0636
MEDIUM
5.5
Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is assoc...
CVE-2026-20161
MEDIUM
5.5
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected devic...
CVE-2026-39984
MEDIUM
5.5
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimesta...
CVE-2026-40915
MEDIUM
5.5
A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-b...
CVE-2026-40918
MEDIUM
5.5
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-boun...
CVE-2026-6245
MEDIUM
5.5
A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Bec...
CVE-2026-20806
MEDIUM
5.5
Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.
CVE-2026-27222
MEDIUM
5.5
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the ap...
CVE-2026-27258
MEDIUM
5.5
DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt ...
CVE-2026-27285
MEDIUM
5.5
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabi...
CVE-2026-27286
MEDIUM
5.5
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to discl...
CVE-2026-27300
MEDIUM
5.5
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to discl...
CVE-2026-27301
MEDIUM
5.5
Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose se...
CVE-2026-27930
MEDIUM
5.5
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
CVE-2026-27931
MEDIUM
5.5
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
CVE-2026-32079
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-32081
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-32084
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-32085
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally.
CVE-2026-32181
MEDIUM
5.5
Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
CVE-2026-32212
MEDIUM
5.5
Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
CVE-2026-32214
MEDIUM
5.5
Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
CVE-2026-32215
MEDIUM
5.5
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32216
MEDIUM
5.5
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally.
CVE-2026-32217
MEDIUM
5.5
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32218
MEDIUM
5.5
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-33103
MEDIUM
5.5
Improper access control in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to disclose information locally.
CVE-2026-33902
MEDIUM
5.5
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX express...
CVE-2026-33905
MEDIUM
5.5
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an sp...
CVE-2026-40183
MEDIUM
5.5
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL encoder has an heap write overflow when a user specifies that the ima...
CVE-2026-40310
MEDIUM
5.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with wh...
CVE-2026-40311
MEDIUM
5.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash ...
CVE-2026-6160
MEDIUM
5.5
A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatbox_PHP of the file chatbox.sql of the component Endpoint. Performing a manipulation res...
CVE-2024-4867
MEDIUM
5.4
The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious actor to inject script...
CVE-2026-1880
MEDIUM
5.4
An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources durin...
CVE-2026-3369
MEDIUM
5.4
The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded image title in versions up to, and including, 1.7.9 due to insuffici...
CVE-2026-3428
MEDIUM
5.4
A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a Ti...
CVE-2026-5363
MEDIUM
5.4
Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation. The web interface encrypts the admin password client-side using RS...
CVE-2026-1509
MEDIUM
5.4
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Arbitrary WordPress Action Execution in all versions up to, and including, 3.15.1. This is due to the plugin's `output_action_hook()` f...
CVE-2026-1636
MEDIUM
5.4
A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticated user to execute code with elevated privileges.
CVE-2026-33889
MEDIUM
5.4
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in the @apostrophecms/color-field module, where color v...
CVE-2026-39350
MEDIUM
5.4
Istio is an open platform to connect, manage, and secure microservices. In versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1, the serviceAccounts and notServiceAccounts fields ...
CVE-2026-6383
MEDIUM
5.4
A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This ...
CVE-2024-23104
MEDIUM
5.4
An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0...
CVE-2025-61886
MEDIUM
5.4
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 throu...
CVE-2026-27288
MEDIUM
5.4
Adobe Experience Manager versions FP11.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable f...
CVE-2026-34212
MEDIUM
5.4
Docmost is open-source collaborative wiki and documentation software. In versions prior to 0.71.0, improper neutralization of attachment URLs in Docmost allows a low-privileged authenticated user to s...
CVE-2026-34213
MEDIUM
5.4
Docmost is open-source collaborative wiki and documentation software. Starting in version 0.3.0 and prior to version 0.71.0, improper authorization in Docmost allows a low-privileged authenticated use...
CVE-2026-34623
MEDIUM
5.4
Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environm...
CVE-2026-34624
MEDIUM
5.4
Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environm...
CVE-2026-34625
MEDIUM
5.4
Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environm...
CVE-2026-4914
MEDIUM
5.4
Stored XSS in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to obtain limited information from other user sessions. User interaction is required.
CVE-2026-21011
MEDIUM
5.4
Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock.
CVE-2026-33740
MEDIUM
5.4
EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Email/importEml endpoint contains an Insecure Direct Object Reference (IDOR) vulne...
CVE-2026-3358
MEDIUM
5.4
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized private course enrollment in all versions up to, and including, 3.9.7. This is due to missing po...
CVE-2026-40922
MEDIUM
5.3
SiYuan is an open-source personal knowledge management system. In versions 3.6.1 through 3.6.3, a prior fix for XSS in bazaar README rendering (incomplete fix for CVE-2026-33066) enabled the Lute HTML...
CVE-2026-5052
MEDIUM
5.3
Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially lead...
CVE-2026-0718
MEDIUM
5.3
The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ultp_shareCou...
CVE-2026-24749
MEDIUM
5.3
The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in templates or otherwise accessed via DBFile:...
CVE-2026-3581
MEDIUM
5.3
The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is au...
CVE-2026-3595
MEDIUM
5.3
The Riaxe Product Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.2. This is due to the plugin registering a REST API route at POST /wp-...
CVE-2026-4160
MEDIUM
5.3
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference via the 'submission_id' parameter in v...
CVE-2026-6410
MEDIUM
5.3
@fastify/static versions 8.0.0 through 9.1.0 allow path traversal when directory listing is enabled via the list option. The dirList.path() function resolves directories outside the configured static ...
CVE-2026-1314
MEDIUM
5.3
The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the send_post_pages_j...
CVE-2026-1782
MEDIUM
5.3
The MetForm Pro plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 3.9.7 This is due to the payment integrations (Stripe/PayPal) trusting a user-sub...
CVE-2026-20152
MEDIUM
5.3
A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requireme...
CVE-2026-21726
MEDIUM
5.3
The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/r...
CVE-2026-33888
MEDIUM
5.3
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the getRestQuery method of the @apostrophecms/piece-type m...
CVE-2026-3642
MEDIUM
5.3
The e-shot™ form builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.2. The eshot_form_builder_update_field_data() AJAX handler lacks any capabi...
CVE-2026-3649
MEDIUM
5.3
The Katalogportal PDF Sync plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.0. The katalogportal_popup_shortcode() function is registered as an AJAX ...
CVE-2026-39857
MEDIUM
5.3
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the choices and counts query parameters of the REST API, w...
CVE-2026-40179
MEDIUM
5.3
Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of ...
CVE-2026-4812
MEDIUM
5.3
The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Post/Page Disclosure in versions up to and including 6.7.0. This is due to AJAX field query en...
CVE-2025-13822
MEDIUM
5.3
MCPHub in versions below 0.11.0 is vulnerable to authentication bypass. Some endpoints are not protected by authentication middleware, allowing an unauthenticated attacker to perform actions in the na...
CVE-2025-15565
MEDIUM
5.3
The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the redirect function in all versions up to, and including, 8.3.0. This mak...
CVE-2026-2400
MEDIUM
5.3
CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability exists that could cause application user credentials to reset when a Web Admin user alters the POST /setPCBEDesc req...
CVE-2026-2403
MEDIUM
5.3
CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettin...
CVE-2026-2405
MEDIUM
5.3
CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creation and denial of service when a Web Admin user floods the system with POST /hel...
CVE-2026-34069
MEDIUM
5.3
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the...
CVE-2026-39424
MEDIUM
5.3
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administra...
CVE-2026-5713
MEDIUM
5.3
The "profiling.sampling" module (Python 3.15+) and "asyncio introspection capabilities" (3.14+, "python -m asyncio ps" and "python -m asyncio pstree") features could be used to read and write addresse...
CVE-2026-33899
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when `Magick` parses an XML file it is possible that a single ...
CVE-2026-39940
MEDIUM
5.3
ChurchCRM is an open-source church management system. Prior to 7.0.0, it was possible in many places across the ChurchCRM application to create a link that, when visited by an authenticated user, woul...
CVE-2026-40041
MEDIUM
5.3
Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changi...
CVE-2026-6141
MEDIUM
5.3
A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parse_url.ts. Executing a manipulation can lead...
CVE-2026-6143
MEDIUM
5.3
A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file src-tauri/src/proxy/server.rs of the component ProxyServer. T...
CVE-2026-6150
MEDIUM
5.3
A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of the argument serviceId leads to cross si...
CVE-2026-6159
MEDIUM
5.3
A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such man...
CVE-2026-6190
MEDIUM
5.3
A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a manipulation of the argument Name res...
CVE-2026-6191
MEDIUM
5.3
A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead ...
CVE-2026-6201
MEDIUM
5.3
A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manipu...
CVE-2026-6202
MEDIUM
5.3
A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection....
CVE-2026-6215
MEDIUM
5.3
A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulation...
CVE-2026-6218
MEDIUM
5.3
A vulnerability was found in aandrew-me ytDownloader up to 3.20.2. Affected by this issue is the function createTextNode of the component Error Details Panel. The manipulation results in cross site sc...
CVE-2026-6231
MEDIUM
5.3
The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequ...
CVE-2019-25708
MEDIUM
5.3
Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious re...
CVE-2026-6108
MEDIUM
5.3
A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py of the component Mode...
CVE-2026-6109
MEDIUM
5.3
A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component...
CVE-2026-6111
MEDIUM
5.3
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of the file metagpt/utils/common.py. The manipulation of the argument img_url_or_b64...
CVE-2026-6117
MEDIUM
5.3
A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload Endp...
CVE-2026-6118
MEDIUM
5.3
A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function add_mcp_server of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This manipulati...
CVE-2026-6119
MEDIUM
5.3
A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get of the component API Endpoint. Such manipulation leads to server-side request for...
CVE-2026-6125
MEDIUM
5.3
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler....
CVE-2026-3691
MEDIUM
5.3
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is...
CVE-2026-4135
MEDIUM
5.2
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to perform an arbitrary file wr...
CVE-2026-21003
MEDIUM
5.2
Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions.
CVE-2025-36579
MEDIUM
5.1
Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leadin...
CVE-2026-40118
MEDIUM
5.1
UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to...
CVE-2026-1564
MEDIUM
5.1
Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role.
CVE-2026-40096
MEDIUM
5.1
immich is a high performance self-hosted photo and video management solution. Versions prior to 2.7.3 contain an open redirect vulnerability in the shared album functionality, where the album name is ...
CVE-2026-5160
MEDIUM
5.1
Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer val...
CVE-2026-24906
MEDIUM
5.1
October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a Stored Cross-Site Scripting (XSS) vulnerability in the Backend Editor Settings. The Markup ...
CVE-2026-24907
MEDIUM
5.1
October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting (XSS) vulnerability in the Event Log mail preview feature. When...
CVE-2026-33892
MEDIUM
5.1
A vulnerability has been identified in Industrial Edge Management Pro V1 (All versions >= V1.7.6 < V1.15.17), Industrial Edge Management Pro V2 (All versions >= V2.0.0 < V2.1.1), Industrial Edge Manag...
CVE-2026-34161
MEDIUM
5.1
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, a Stored Cross-Site Scripting (XSS) vulnerability exists in the social post attachment upload functionality, ...
CVE-2026-39425
MEDIUM
5.1
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability that allows authenticated users to inject arbitrary HTML and Jav...
CVE-2026-39426
MEDIUM
5.1
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability where the frontend's MdRenderer.vue component parses custom <ifr...
CVE-2025-15632
MEDIUM
5.1
A vulnerability has been found in 1Panel-dev MaxKB up to 2.4.2. Impacted is an unknown function of the file ui/src/chat.ts of the component MdPreview. Such manipulation leads to cross site scripting. ...
CVE-2026-21008
MEDIUM
5.1
Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information.
CVE-2026-21014
MEDIUM
5.1
Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability.
CVE-2026-34238
MEDIUM
5.1
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a he...
CVE-2026-34866
MEDIUM
5.1
Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2026-40038
MEDIUM
5.1
Pachno 1.0.6 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads into POST parameters. Attackers can in...
CVE-2026-40447
MEDIUM
5.1
Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined behavior.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
CVE-2026-6162
MEDIUM
5.1
A vulnerability has been found in PHPGurukul Company Visitor Management System 2.0. This impacts an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdate...
CVE-2026-6216
MEDIUM
5.1
A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such man...
CVE-2026-6220
MEDIUM
5.1
A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handle...
CVE-2017-20239
MEDIUM
5.1
MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by injecting malicious code through the location hash parameter. Attackers can craft U...
CVE-2026-6107
MEDIUM
5.1
A flaw has been found in 1Panel-dev MaxKB up to 2.6.1. This issue affects some unknown processing of the file apps/common/middleware/chat_headers_middleware.py of the component ChatHeadersMiddleware. ...
CVE-2026-6106
MEDIUM
5.1
A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/static_headers_middleware.py of the com...
CVE-2026-41034
MEDIUM
5.0
ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion (via pictFmla.cbBufInCtlStm and other vectors), leading to an information leak and ASLR bypass.
CVE-2026-33440
MEDIUM
5.0
Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and didn't restrict possible redirects. This issue has ...
CVE-2026-34244
MEDIUM
5.0
Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission (granted by the per-project "Administration" role) can configure machine translation servic...
CVE-2026-40256
MEDIUM
5.0
Weblate is a web based localization tool. In versions prior to 5.17, repository-boundary validation relies on string prefix checks on resolved absolute paths. In multiple code paths, the check uses st...
CVE-2026-40916
MEDIUM
5.0
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM ...
CVE-2026-40917
MEDIUM
5.0
A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious I...
CVE-2026-34262
MEDIUM
5.0
Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer
CVE-2026-39418
MEDIUM
5.0
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto() with the MSG_FASTOPEN flag. This allows authentica...
CVE-2026-4979
MEDIUM
5.0
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to blind Server-Side Request Forgery in all versions up to, and...
CVE-2026-34164
MEDIUM
4.9
Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox ...
CVE-2026-40962
MEDIUM
4.9
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.
CVE-2026-20148
MEDIUM
4.9
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit t...
CVE-2026-22692
MEDIUM
4.9
October is a Content Management System (CMS) and web platform. Versions prior to 3.7.13 and versions 4.0.0 through 4.1.4 contain a sandbox bypass vulnerability in the optional Twig safe mode feature (...
CVE-2026-25125
MEDIUM
4.9
October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulnerability in the INI settings parser. Because PHP's ...
CVE-2026-27673
MEDIUM
4.9
Due to a missing authorization check, SAP S/4HANA (Private Cloud and On-Premise) allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations...
CVE-2026-39811
MEDIUM
4.9
A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions m...
CVE-2026-33472
MEDIUM
4.8
Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority() that allows an attacker to bypass th...
CVE-2026-40505
MEDIUM
4.8
MuPDF mutool does not sanitize PDF metadata fields before writing them to terminal output, allowing attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata. Attackers can embe...
CVE-2026-1711
MEDIUM
4.8
Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role.
CVE-2026-20132
MEDIUM
4.8
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduc...
CVE-2026-26291
MEDIUM
4.8
Stored cross-site scripting vulnerability exists in GROWI v7.4.6 and earlier. If this vulnerability is exploited, an arbitrary script may be executed in a user's web browser.
CVE-2026-25133
MEDIUM
4.8
October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting (XSS) vulnerability in the SVG sanitization logic. The regex pa...
CVE-2026-39812
MEDIUM
4.8
A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 al...
CVE-2026-6184
MEDIUM
4.8
A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Tit...
CVE-2026-6192
MEDIUM
4.8
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. Th...
CVE-2026-6219
MEDIUM
4.8
A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function child_process.exec of the file src/compressor.js of the component Compressor Feature. This manipulatio...
CVE-2026-20060
MEDIUM
4.7
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is due...
CVE-2026-21006
MEDIUM
4.7
Improper access control in Samsung DeX prior to SMR Apr-2026 Release 1 allows physical attackers to access to hidden notification contents.
CVE-2026-34857
MEDIUM
4.7
UAF vulnerability in the communication module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-20928
MEDIUM
4.6
Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-20945
MEDIUM
4.6
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-22154
MEDIUM
4.6
An improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS...
CVE-2026-26175
MEDIUM
4.6
Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-33193
MEDIUM
4.6
Docmost is open-source collaborative wiki and documentation software. Versions prior to 0.70.0 are vulnerable to a stored cross-site scripting (XSS) attack due to improper handling of MIME type spoofi...
CVE-2026-39417
MEDIUM
4.6
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execution vulnerability still exists in the MCP node of ...
CVE-2026-2728
MEDIUM
4.6
LibreNMS versions before 26.3.0 are affected by an authenticated Cross-site Scripting vulnerability on the showconfig page. Successful exploitation requires administrative privileges. Exploitation cou...
CVE-2026-33657
MEDIUM
4.6
EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have a stored HTML injection vulnerability that allows any authenticated user with standard (non-admini...
CVE-2025-43935
MEDIUM
4.4
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper resource shutdown or release vulnerability. A high privileged attacker with local access could potentially exploit this vulnerab...
CVE-2026-3551
MEDIUM
4.4
The Custom New User Notification plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's admin settings in all versions up to, and including, 1.2.0. This is due to insuffici...
CVE-2026-3995
MEDIUM
4.4
The OPEN-BRAIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'API Key' settings field in all versions up to, and including, 0.5.0. This is due to insufficient input sanitiz...
CVE-2026-2396
MEDIUM
4.4
The List View Google Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the event description in all versions up to, and including, 7.4.3 due to insufficient input sanitiza...
CVE-2026-27906
MEDIUM
4.4
Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.
CVE-2026-32220
MEDIUM
4.4
Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
CVE-2026-4479
MEDIUM
4.4
The WholeSale Products Dynamic Pricing Management WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2 due to insu...
CVE-2026-21007
MEDIUM
4.4
Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard.
CVE-2023-5872
MEDIUM
4.3
In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint.
CVE-2024-58343
MEDIUM
4.3
Vision Helpdesk before 5.7.0 (patched in 5.6.10) allows attackers to read user profiles via modified serialized cookie data to vis_client_id.
CVE-2025-15635
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Online Order for Clover allows Cross Site Request Forgery.This issue affects Smart Online Order for Clover: from n/a through 1.6.0.
CVE-2025-53444
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in DeluxeThemes Userpro allows Cross Site Request Forgery.This issue affects Userpro: from n/a before 5.1.11.
CVE-2026-1541
MEDIUM
4.3
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.15.1. This is due to the plugin's `fusion_get_post_custom_field(...
CVE-2026-20061
MEDIUM
4.3
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit ...
CVE-2026-20203
MEDIUM
4.3
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a...
CVE-2026-33214
MEDIUM
4.3
Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been fi...
CVE-2026-4002
MEDIUM
4.3
The Petje.af plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 2.1.8. This is due to missing nonce validation in the ajax_revoke_token() function whi...
CVE-2026-4949
MEDIUM
4.3
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Missing Authorization in all versions up...
CVE-2026-6293
MEDIUM
4.3
The Inquiry Form to Posts or Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting in version 1.0. This is due to missing nonce validation on th...
CVE-2025-59809
MEDIUM
4.3
A server-side request forgery (ssrf) vulnerability [CWE-918] vulnerability in Fortinet FortiSOAR PaaS 7.6.4, FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 ...
CVE-2026-22576
MEDIUM
4.3
A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all ve...
CVE-2026-27672
MEDIUM
4.3
The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of sensitive information. This vulnerability has a low...
CVE-2026-27676
MEDIUM
4.3
Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Technical Object Structures), an attacker could update and delete child entities via exposed OData services without proper ...
CVE-2026-32202
MEDIUM
4.3
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-33146
MEDIUM
4.3
Docmost is open-source collaborative wiki and documentation software. An authorization bypass vulnerability in versions 0.70.0 through 0.70.2 exposes restricted child page titles and text snippets thr...
CVE-2026-33829
MEDIUM
4.3
Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-34225
MEDIUM
4.3
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.7.2 and below contain a Blind Server Side Request Forgery in the functionality that allows...
CVE-2026-4109
MEDIUM
4.3
The Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the get_item_pe...
CVE-2026-33534
MEDIUM
4.3
EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have an authenticated Server-Side Request Forgery (SSRF) vulnerability that allows bypassing the intern...
CVE-2026-3371
MEDIUM
4.3
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.9.7. This is due to missing authoriz...
CVE-2026-24318
MEDIUM
4.2
Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Platform, an unauthenticated attacker could obtain valid session tokens and reuse them to gain unautho...
CVE-2025-43883
MEDIUM
4.1
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper check for unusual or exceptional conditions vulnerability. A high privileged attacker with local access could potentially exploi...
CVE-2026-39845
MEDIUM
4.1
Weblate is a web based localization tool. In versions prior to 5.17, the webhook add-on did not utilize existing SSRF protections. This issue has been fixed in version 5.17. If developers are unable t...
CVE-2026-22574
MEDIUM
4.1
A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all ve...
CVE-2026-27683
MEDIUM
4.1
SAP BusinessObjects Business Intelligence application allows an authenticated attacker to inject malicious JavaScript payloads through crafted URLs. When a victim accesses the URL, the script executes...
CVE-2026-21009
MEDIUM
4.1
Improper check for exceptional conditions in Recents prior to SMR Apr-2026 Release 1 allows physical attacker to bypass App Pinning.
CVE-2026-34858
MEDIUM
4.1
UAF vulnerability in the communication module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-34860
MEDIUM
4.1
Access control vulnerability in the memo module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2026-33414
MEDIUM
4.0
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the ...
CVE-2026-0232
MEDIUM
4.0
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform...
CVE-2026-33555
MEDIUM
4.0
An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with...
CVE-2026-40385
MEDIUM
4.0
In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.
CVE-2026-40386
MEDIUM
4.0
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
CVE-2026-40394
MEDIUM
4.0
Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (daemon panic) for certain amounts of prefetched data. The setup of an HTTP/2 sessi...
CVE-2026-40395
MEDIUM
4.0
Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service (daemon panic) for shared VCL. The headerplus.write_req0() function from vmod_headerplus updates the underlying req0...
CVE-2026-40396
MEDIUM
4.0
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A malicious client could send an HTTP/1 request, wait long enough until the session re...
CVE-2026-40263
LOW
3.7
Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the login endpoint performs bcrypt password verification only when the supplied username exists, returning immediatel...
CVE-2026-33877
LOW
3.7
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a timing side-channel vulnerability in the password reset endpoint (/api/v1/@apostrophecms/login/re...
CVE-2024-8010
LOW
3.5
The component accepts XML input through the publisher without disabling external entity resolution. This allows malicious actors to submit a crafted XML payload that exploits the unescaped external en...
CVE-2026-34454
LOW
3.5
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in...
CVE-2026-33659
LOW
3.5
EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Attachment/fromImageUrl endpoint is vulnerable to Server-Side Request Forgery (SSR...
CVE-2026-21727
LOW
3.3
---
title: Cross-Tenant Legacy Correlation Disclosure and Deletion
draft: false
hero:
image: /static/img/heros/hero-legal2.svg
content: "# Cross-Tenant Legacy Correlation Disclosure and Deletion"
...
CVE-2026-3155
LOW
3.1
The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 3.8.0. This is due to the plugin not properly verifying that a user ...
CVE-2026-33212
LOW
3.1
Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't have...
CVE-2026-6312
LOW
3.1
Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML pa...
CVE-2026-6313
LOW
3.1
Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (...
CVE-2026-39419
LOW
3.1
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame...
CVE-2026-40947
LOW
2.9
Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path.
CVE-2026-41080
LOW
2.9
libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
CVE-2025-52641
LOW
2.9
HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide insights into the underlying e...
CVE-2026-33948
LOW
2.9
jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows validation bypass via embedded NUL bytes. When readi...
CVE-2026-40354
LOW
2.9
Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.
CVE-2026-27769
LOW
2.7
Mattermost versions 10.11.x <= 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connected using the Conntexted Wor...
CVE-2026-27316
LOW
2.7
A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed admi...
CVE-2026-34849
LOW
2.5
UAF vulnerability in the screen management module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-21741
LOW
2.4
An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may al...
CVE-2026-2401
LOW
2.4
CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an at...
CVE-2026-27307
LOW
2.4
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could ex...
CVE-2026-27308
LOW
2.4
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could ex...
CVE-2026-34851
LOW
2.2
Race condition vulnerability in the event notification module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-30812
LOW
2.1
Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site Scripting via event comments. This issue affects Pandora FMS: from 777 through 800
CVE-2026-27675
LOW
2.0
SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to...
CVE-2026-0233
LOW
2.0
A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code ...
CVE-2026-34850
LOW
1.9
Race condition vulnerability in the notification service.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-27820
LOW
1.7
zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zs...
CVE-2026-32270
LOW
1.7
Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 through 5.5.4, the PaymentsController::actionPay discloses some order data to unauthenticated users wh...
CVE-2025-12141
LOW
1.3
In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifications:write” or “alert.notifications.receivers:test” that are granted as part...
CVE-2026-30459
UNKNOWN
An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-ma...
CVE-2026-30656
UNKNOWN
A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3.41 when parsing job files containing the fdp_pli option. The callback function str_fdp_pli_cb() does not validate the in...
CVE-2026-31987
UNKNOWN
JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors.
Users are advised to upgrade to Airflow version that contains fix.
Users are recommended to upgrade to...
CVE-2026-37100
UNKNOWN
An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio range...
CVE-2026-37336
UNKNOWN
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php.
CVE-2026-37337
UNKNOWN
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php.
CVE-2026-37338
UNKNOWN
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_user.php.
CVE-2026-37339
UNKNOWN
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_genre.php.
CVE-2026-37340
UNKNOWN
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/edit_music.php.
CVE-2026-37341
UNKNOWN
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php.
CVE-2026-37342
UNKNOWN
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php.
CVE-2026-37343
UNKNOWN
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php.
CVE-2026-37344
UNKNOWN
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php.
CVE-2026-37345
UNKNOWN
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php.
CVE-2026-37346
UNKNOWN
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_account.php?emp_id=.
CVE-2026-37347
UNKNOWN
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_employee.php.
CVE-2026-5426
UNKNOWN
Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote...
CVE-2024-53412
UNKNOWN
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads...
CVE-2025-54550
UNKNOWN
The example example_xcom that was included in airflow documentation implemented unsafe pattern of reading value
from xcom in the way that could be exploited to allow UI user who had access to modify X...
CVE-2025-67841
UNKNOWN
Nordic Semiconductor IronSide SE for nRF54H20 before 23.0.2+17 has an Algorithmic complexity issue.
CVE-2026-25219
UNKNOWN
The `access_key` and `connection_string` connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as...
CVE-2026-30364
UNKNOWN
CentSDR commit e40795 was discovered to contain a stack overflow in the "Thread1" function.
CVE-2026-30461
UNKNOWN
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/Installer.php and the function add_git_submodule.
CVE-2026-30615
UNKNOWN
A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute arbitrary commands on a victim system. When Windsurf processes attacker-controlled HTML content, malicious ins...
CVE-2026-30616
UNKNOWN
Jaaz 1.0.30 contains a remote code execution vulnerability in its MCP STDIO command execution handling. A remote attacker can send crafted network requests to the network-accessible Jaaz application, ...
CVE-2026-30617
UNKNOWN
LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remote attacker can access the publicly exposed MCP management i...
CVE-2026-30624
UNKNOWN
Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers configuration feature. The application allows users to define MCP servers using a JSON configuration contain...
CVE-2026-30625
UNKNOWN
Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Al...
CVE-2026-30778
UNKNOWN
The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL.
This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0.
Users are recomm...
CVE-2026-30993
UNKNOWN
Slah CMS v1.5.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the session() function at config.php. This vulnerability is exploitable via a crafted input.
CVE-2026-30994
UNKNOWN
Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials.
CVE-2026-30995
UNKNOWN
Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerability via the id parameter in the vereador_ver.php endpoint.
CVE-2026-30996
UNKNOWN
An issue in the file handling logic of the component download.php of SAC-NFe v2.0.02 allows attackers to execute a directory traversal and read arbitrary files from the system via a crafted GET reques...
CVE-2026-40728
UNKNOWN
Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a thr...
CVE-2026-40729
UNKNOWN
Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Mo...
CVE-2026-40730
UNKNOWN
Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGril...
CVE-2026-40734
UNKNOWN
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zahlan Categories Images categories-images allows DOM-Based XSS.This issue affects Categories Imag...
CVE-2026-40737
UNKNOWN
Authorization Bypass Through User-Controlled Key vulnerability in VillaTheme COMPE compe-woo-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects...
CVE-2026-40740
UNKNOWN
Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through <= 3.9.7.
CVE-2026-40742
UNKNOWN
Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio AB Testing: fro...
CVE-2026-40744
UNKNOWN
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue af...
CVE-2026-40745
UNKNOWN
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This ...
CVE-2026-40763
UNKNOWN
Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor...
CVE-2026-40764
UNKNOWN
Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through <= 1....
CVE-2026-40778
UNKNOWN
Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Majestic Support: f...
CVE-2026-40784
UNKNOWN
Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe...
CVE-2026-40786
UNKNOWN
Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through <= ...
CVE-2026-5088
UNKNOWN
Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts.
The _make_salt and _make_salt_bcrypt methods will attept to load Crypt::URandom and then Bytes::R...
CVE-2026-5758
UNKNOWN
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve ...
CVE-2026-6296
UNKNOWN
Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-6298
UNKNOWN
Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur...
CVE-2026-6303
UNKNOWN
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6305
UNKNOWN
Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
CVE-2026-6306
UNKNOWN
Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
CVE-2026-6308
UNKNOWN
Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page....
CVE-2026-6318
UNKNOWN
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-6319
UNKNOWN
Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted ...
CVE-2026-6362
UNKNOWN
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted video file. (Chromium security severity: Hi...
CVE-2026-6364
UNKNOWN
Out of bounds read in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted file. (Chromium security sev...
CVE-2025-61260
UNKNOWN
A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) configuration files. The attack is triggered when a use...
CVE-2025-65132
UNKNOWN
alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting (XSS) in /public/admin/edit_room.php which allows an attacker to inject and execute arbitrary JavaScript via the room_id GET...
CVE-2025-65133
UNKNOWN
A SQL injection vulnerability exists in the School Management System (version 1.0) by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the affect...
CVE-2025-65134
UNKNOWN
In manikandan580 School-management-system 1.0, a reflected cross-site scripting (XSS) vulnerability exists in /studentms/admin/contact-us.php via the email POST parameter.
CVE-2025-65136
UNKNOWN
In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php via the pagedes POST parameter.
CVE-2025-69893
UNKNOWN
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 h...
CVE-2025-70023
UNKNOWN
An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6.
CVE-2026-24069
UNKNOWN
Kiuwan SAST improperly authorizes SSO logins for locally disabled mapped user accounts, allowing disabled users to continue accessing the application. Kiuwan Cloud was affected, and Kiuwan SAST on-pre...
CVE-2026-30480
UNKNOWN
A Local File Inclusion (LFI) vulnerability in the NFSen module (nfsen.inc.php) of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesyste...
CVE-2026-31049
UNKNOWN
An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code and escalate privileges via the CSV registration field
CVE-2026-31908
UNKNOWN
Header injection vulnerability in Apache APISIX.
The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers.
This issue affects Apache APISIX: from 2....
CVE-2026-31923
UNKNOWN
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.
This can occur due to `ssl_verify` in openid-connect plugin configuration being set to false by default.
This issue aff...
CVE-2026-31924
UNKNOWN
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.
tencent-cloud-cls log export uses plaintext HTTP
This issue affects Apache APISIX: from 2.99.0 through 3.15.0.
Users a...
CVE-2026-33929
UNKNOWN
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache PDFBox Examples.
This issue affects the
ExtractEmbeddedFiles example in Apache PDFBox: from 2.0...
CVE-2026-37589
UNKNOWN
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/manage_storage_unit.php.
CVE-2026-37590
UNKNOWN
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/manage_rent.php.
CVE-2026-37591
UNKNOWN
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view_details.php.
CVE-2026-37592
UNKNOWN
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storage/admin/maintenance/manage_pricing.php.
CVE-2026-37593
UNKNOWN
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php.
CVE-2026-37594
UNKNOWN
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_employee.php.
CVE-2026-37595
UNKNOWN
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_employee.php.
CVE-2026-37596
UNKNOWN
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php.
CVE-2026-37597
UNKNOWN
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php.
CVE-2026-37598
UNKNOWN
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution (RCE) via /scheduler/classes/SystemSettings.php?f=update_settings.
CVE-2026-37600
UNKNOWN
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view_details.php.
CVE-2026-37601
UNKNOWN
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php.
CVE-2026-37602
UNKNOWN
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manage_user.php.
CVE-2026-38533
UNKNOWN
An improper authorization vulnerability in the /api/v1/users/{id} endpoint of Snipe-IT v8.4.0 allows authenticated attackers with the users.edit permission to modify sensitive authentication and accou...
CVE-2026-5752
UNKNOWN
Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal.
CVE-2026-5754
UNKNOWN
Reflected Cross-Site Scripting (XSS) Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized ac...
CVE-2026-5756
UNKNOWN
Unauthenticated Configuration File Modification Vulnerability in DRC Central Office Services (COS) allows an attacker to modify the server's configuration file, potentially leading to mass data exfilt...
CVE-2025-15441
UNKNOWN
The Form Maker by 10Web WordPress plugin before 1.15.38 does not properly prepare SQL queries when the "MySQL Mapping" feature is in use, which could make SQL Injection attacks possible in certain co...
CVE-2025-51414
UNKNOWN
In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page.
CVE-2025-63743
UNKNOWN
Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, t...
CVE-2025-66236
UNKNOWN
Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Som...
CVE-2025-66769
UNKNOWN
A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service (DoS) via a crafted XFA packet.
CVE-2025-69624
UNKNOWN
Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert(). When app.alert() is called with more than one argument and the fi...
CVE-2025-69627
UNKNOWN
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc(). During execution, an internal XID object is allocated an...
CVE-2025-70936
UNKNOWN
Vtiger CRM 8.4.0 contains a reflected cross-site scripting (XSS) vulnerability in the MailManager module. Improper handling of user-controlled input in the _folder parameter allows a specially crafted...
CVE-2026-22565
UNKNOWN
An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding.
Affected Products:
UniFi Play PowerAmp (Versio...
CVE-2026-26460
UNKNOWN
A HTML Injection vulnerability exists in the Dashboard module of Vtiger CRM 8.4.0. The application fails to properly neutralize user-supplied input in the tabid parameter of the DashBoardTab view (get...
CVE-2026-29628
UNKNOWN
A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file.
CVE-2026-29955
UNKNOWN
The `/registercrd` endpoint in KubePlus 4.14 in the kubeconfiggenerator component is vulnerable to command injection. The component uses `subprocess.Popen()` with `shell=True` parameter to execute she...
CVE-2026-30997
UNKNOWN
An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2026-30998
UNKNOWN
An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file.
CVE-2026-30999
UNKNOWN
A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2026-31048
UNKNOWN
An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message.
CVE-2026-31280
UNKNOWN
An issue in the Bluetooth RFCOMM service of Parani M10 Motorcycle Intercom v2.1.3 allows unauthorized attackers to cause a Denial of Service (DoS) via supplying crafted RFCOMM frames.
CVE-2026-31281
UNKNOWN
Totara LMS v19.1.5 and before is vulnerable to HTLM Injection. An attacker can inject malicious HTLM code in a message and send it to all the users in the application, resulting in executing the code ...
CVE-2026-31282
UNKNOWN
Totara LMS v19.1.5 and before is vulnerable to Incorrect Access Control. The login page code can be manipulated to reveal the login form. An attacker can chain that with missing rate-limit on the logi...
CVE-2026-31283
UNKNOWN
In Totara LMS v19.1.5 and before, the forgot password API does not implement rate limiting for the target email address. which can be used for an Email Bombing attack.
CVE-2026-31414
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_conntrack_expect: use expect->helper
Use expect->helper in ctnetlink and /proc to dump the helper name.
Using nfct_h...
CVE-2026-31415
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
ipv6: avoid overflows in ip6_datagram_send_ctl()
Yiming Qian reported :
<quote>
I believe I found a locally triggerable kernel bu...
CVE-2026-31416
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nfnetlink_log: account for netlink header size
This is a followup to an old bug fix: NLMSG_DONE needs to account
for th...
CVE-2026-31417
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
net/x25: Fix overflow when accumulating packets
Add a check to ensure that `x25_sock.fraglen` does not overflow.
The `fraglen` al...
CVE-2026-31418
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: drop logically empty buckets in mtype_del
mtype_del() counts empty slots below n->pos in k, but it only drops th...
CVE-2026-31419
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
net: bonding: fix use-after-free in bond_xmit_broadcast()
bond_xmit_broadcast() reuses the original skb for the last slave
(determ...
CVE-2026-31420
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
bridge: mrp: reject zero test interval to avoid OOM panic
br_mrp_start_test() and br_mrp_start_in_test() accept the user-supplied
...
CVE-2026-31421
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
net/sched: cls_fw: fix NULL pointer dereference on shared blocks
The old-method path in fw_classify() calls tcf_block_q() and
dere...
CVE-2026-31422
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
net/sched: cls_flow: fix NULL pointer dereference on shared blocks
flow_change() calls tcf_block_q() and dereferences q->handle to...
CVE-2026-31423
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_hfsc: fix divide-by-zero in rtsc_min()
m2sm() converts a u32 slope to a u64 scaled value. For large inputs
(e.g. m...
CVE-2026-31424
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP
Weiming Shi says:
xt_match and xt_target ...
CVE-2026-31425
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
rds: ib: reject FRMR registration before IB connection is established
rds_ib_get_mr() extracts the rds_ib_connection from conn->c_...
CVE-2026-31426
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
ACPI: EC: clean up handlers on probe failure in acpi_ec_setup()
When ec_install_handlers() returns -EPROBE_DEFER on reduced-hardwa...
CVE-2026-31427
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp
process_sdp() declares union nf_inet_addr rtp_addr o...
CVE-2026-31428
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD
__build_packet_message() manually constructs the NFULA_P...
CVE-2026-33858
UNKNOWN
Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly tru...
CVE-2026-34476
UNKNOWN
Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP.
This issue affects Apache SkyWalking MCP: 0.1.0.
Users are recommended to upgrade to version 0.2.0, which fixes ...
CVE-2026-35337
UNKNOWN
Deserialization of Untrusted Data vulnerability in Apache Storm.
Versions Affected:
before 2.8.6.
Description:
When processing topology credentials submitted via the Nimbus Thrift API, Storm deseri...
CVE-2026-35565
UNKNOWN
Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata in Apache Storm UI
Versions Affected: before 2.8.6
Description: The Storm UI visualization component interpolates topology metad...
CVE-2026-36872
UNKNOWN
Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_book.php.
CVE-2026-36873
UNKNOWN
Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_admin.php.
CVE-2026-36874
UNKNOWN
Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_student.php.
CVE-2026-36919
UNKNOWN
Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php.
CVE-2026-36920
UNKNOWN
Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php.
CVE-2026-36922
UNKNOWN
Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/view_category.php.
CVE-2026-36923
UNKNOWN
Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/bookings/view_booking.php.
CVE-2026-36937
UNKNOWN
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/view_details.php.
CVE-2026-36938
UNKNOWN
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/rooms/view_room.php.
CVE-2026-36941
UNKNOWN
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manage_room.php.
CVE-2026-36942
UNKNOWN
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php.
CVE-2026-36943
UNKNOWN
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/manage_repair.php.
CVE-2026-36944
UNKNOWN
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerale to SQL injection in the file/rsms/admin/repairs/view_details.php.
CVE-2026-36945
UNKNOWN
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/clients/manage_client.php
CVE-2026-36946
UNKNOWN
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view_details.php.
CVE-2026-36947
UNKNOWN
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/view_service.php.
CVE-2026-36948
UNKNOWN
Sourcecodester Online Thesis Archiving System v1.0 is vulnerale to SQL injection in the file /otas/view_archive.php.
CVE-2026-36950
UNKNOWN
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in /otas/projects_per_department.php.
CVE-2026-36952
UNKNOWN
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php.
CVE-2026-3830
UNKNOWN
The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injec...
CVE-2026-5085
UNKNOWN
Solstice::Session versions through 1440 for Perl generates session ids insecurely.
The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the...
CVE-2026-5086
UNKNOWN
Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks.
For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timi...
CVE-2026-31413
UNKNOWN
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix unsound scalar forking in maybe_fork_scalars() for BPF_OR
maybe_fork_scalars() is called for both BPF_AND and BPF_OR when...
CVE-2026-23900
UNKNOWN
Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.0.0-6.0.2 have been discovered.
Latest Headlines
135 articles
RSS Feed Sources
The Hacker News
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
2026-04-17 03:22
The Register
Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researcher says
2026-04-16 22:45
BleepingComputer
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
2026-04-16 22:26
BleepingComputer
ZionSiphon malware designed to sabotage water treatment systems
2026-04-16 22:04
BleepingComputer
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
2026-04-16 20:19
Dark Reading
North Korea Uses ClickFix to Target macOS Users' Data
2026-04-16 19:42
Dark Reading
'Harmless' Global Adware Transforms Into an AV Killer
2026-04-16 19:07
The Register
North Korea targets macOS users in latest heist
2026-04-16 18:20
The Hacker News
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
2026-04-16 17:52
BleepingComputer
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
2026-04-16 16:58
The Record
New Jersey men given lengthy sentences for running North Korean laptop farms
2026-04-16 16:38
Dark Reading
Two-Factor Authentication Breaks Free from the Desktop
2026-04-16 15:28
BleepingComputer
Google expands Gemini AI use to fight malicious ads on its platform
2026-04-16 15:24
Dark Reading
Microsoft's Original Windows Secure Boot Certificate Is Expiring
2026-04-16 15:16
The Register
Americans who masterminded Nork IT worker fraud sentenced to 200 months behind bars
2026-04-16 15:13
BleepingComputer
New ATHR vishing platform uses AI voice agents for automated attacks
2026-04-16 14:09
BleepingComputer
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
2026-04-16 14:02
The Record
Cargo thieving hackers running sophisticated remote access campaigns, researchers find
2026-04-16 13:16
The Hacker News
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
2026-04-16 13:05
The Register
Git identity spoof fools Claude into giving bad code the nod
2026-04-16 12:57
BleepingComputer
Cisco says critical Webex Services flaw requires customer action
2026-04-16 12:01
The Record
Ukrainian emergency services and hospitals hit by espionage campaign using new AgingFly malware
2026-04-16 12:00
The Hacker News
[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
2026-04-16 11:55
The Register
Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed
2026-04-16 11:49
The Hacker News
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
2026-04-16 11:27
The Hacker News
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
2026-04-16 11:02
BleepingComputer
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
2026-04-16 10:35
The Hacker News
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
2026-04-16 10:30
The Register
Microsoft announces product it doesn't want you to buy: Extended security updates for old Exchange, and Skype for Biz
2026-04-16 10:01
BleepingComputer
US nationals behind DPRK IT worker 'laptop farm' sent to prison
2026-04-16 08:32
The Register
Server-room lock was nothing but a crock
2026-04-16 08:00
BleepingComputer
Microsoft: April Windows Server 2025 update may fail to install
2026-04-16 07:37
The Hacker News
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
2026-04-16 06:20
Dark Reading
6-Year Ransomware Campaign Targets Turkish Homes & SMBs
2026-04-16 06:00
The Record
Big tech fails to opt-out users requesting not to be tracked much of the time, new research says
2026-04-16 00:44
The Register
Google Chrome lacks protection against one of the most basic and common ways to track users online
2026-04-16 00:28
BleepingComputer
Critical Nginx UI auth bypass flaw now actively exploited in the wild
2026-04-15 22:35
BleepingComputer
New AgingFly malware used in attacks on Ukraine govt, hospitals
2026-04-15 21:57
Dark Reading
Critical MCP Integration Flaw Puts NGINX at Risk
2026-04-15 21:45
The Register
Anthropic's Project Glasswing CVE tally is still anyone's guess
2026-04-15 21:33
BleepingComputer
WordPress plugin suite hacked to push malware to thousands of sites
2026-04-15 20:33
The Record
NIST to limit work on CVE entries as submissions surge
2026-04-15 20:11
The Record
Teen arrested in Northern Ireland over cyberattack on school network
2026-04-15 19:45
Dark Reading
Navigating the Unique Security Risks of Asia's Digital Supply Chain
2026-04-15 19:30
BleepingComputer
Signed software abused to deploy antivirus-killing scripts
2026-04-15 17:59
The Register
Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP
2026-04-15 17:52
The Hacker News
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
2026-04-15 17:09
BleepingComputer
Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
2026-04-15 16:20
The Register
Automotive data biz Autovista blames ransomware for service disruption
2026-04-15 16:18
The Record
UK warns businesses to address cyber risks amid Anthropic AI panic
2026-04-15 16:00
Dark Reading
Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now
2026-04-15 15:12
BleepingComputer
CISA flags Windows Task Host vulnerability as exploited in attacks
2026-04-15 14:51
Dark Reading
Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests
2026-04-15 14:38
The Record
Educational company McGraw Hill says Salesforce misconfiguration led to data leak
2026-04-15 14:28
BleepingComputer
Rolling Networks: Securing the Transportation Sector
2026-04-15 14:00
The Register
French cops free mother and son after 20-hour crypto kidnap ordeal
2026-04-15 13:29
The Hacker News
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
2026-04-15 12:56
The Hacker News
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
2026-04-15 12:37
The Record
Sweden says pro-Russian hackers attempted to breach thermal power plant
2026-04-15 12:15
Dark Reading
Microsoft, Salesforce Patch AI Agent Data Leak Flaws
2026-04-15 12:00
The Register
Ancient Excel bug comes out of retirement for active attacks
2026-04-15 11:46
BleepingComputer
Microsoft: April updates trigger BitLocker key prompts on some servers
2026-04-15 11:41
The Register
Raspberry Pi OS ends open-door policy for sudo
2026-04-15 11:35
The Hacker News
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
2026-04-15 11:30
BleepingComputer
Microsoft fixes bug behind Windows Server 2025 automatic upgrades
2026-04-15 10:24
The Register
UK told its Big Tech habit is now a national security risk
2026-04-15 10:15
The Hacker News
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
2026-04-15 08:40
The Register
Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't warned users
2026-04-15 08:01
The Hacker News
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
2026-04-15 04:30
Dark Reading
Microsoft Bets $10 Billion to Boost Japan's AI, Cybersecurity
2026-04-15 00:00
BleepingComputer
Microsoft adds Windows protections for malicious Remote Desktop files
2026-04-14 22:23
BleepingComputer
Crypto-exchange Kraken extorted by hackers after insider breach
2026-04-14 21:58
Krebs on Security
Patch Tuesday, April 2026 Edition
2026-04-14 21:47
Dark Reading
Privilege Elevation Dominates Massive Microsoft Patch Update
2026-04-14 21:22
The Register
Commvault has a Ctrl+Z for rogue AI agents
2026-04-14 20:57
The Register
Microsoft's massive Patch Tuesday: It's raining bugs
2026-04-14 20:40
BleepingComputer
Over 100 Chrome extensions in Web Store target users accounts and data
2026-04-14 20:33
Dark Reading
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
2026-04-14 20:20
The Record
New ‘JanaWare’ ransomware targeting Turkish citizens as cybercriminal ecosystem fragments
2026-04-14 19:35
BleepingComputer
Microsoft releases Windows 10 KB5082200 extended security update
2026-04-14 18:09
BleepingComputer
McGraw-Hill confirms data breach following extortion threat
2026-04-14 18:07
BleepingComputer
Windows 11 cumulative updates KB5083769 & KB5082052 released
2026-04-14 17:46
BleepingComputer
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
2026-04-14 17:41
The Record
Virginia enacts ban on precise geolocation data sales as momentum for similar prohibitions builds
2026-04-14 16:51
BleepingComputer
Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
2026-04-14 16:37
Dark Reading
Wargame Exercise Demonstrates How Social Media Manipulation Works
2026-04-14 16:06
The Hacker News
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
2026-04-14 15:57
BleepingComputer
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
2026-04-14 15:53
The Hacker News
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
2026-04-14 14:30
BleepingComputer
5 Ways Zero Trust Maximizes Identity Security
2026-04-14 14:02
The Hacker News
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
2026-04-14 13:55
The Record
Russia appears to block social media platform Bluesky amid wider internet restrictions
2026-04-14 13:51
The Register
No honor among thieves as 0APT threatens rival ransomware gang Krybit
2026-04-14 12:56
The Hacker News
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
2026-04-14 10:20
The Hacker News
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
2026-04-14 10:00
The Hacker News
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
2026-04-14 08:35
The Hacker News
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
2026-04-14 05:50
The Hacker News
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
2026-04-14 05:39
BleepingComputer
European Gym giant Basic-Fit data breach affects 1 million members
2026-04-13 21:50
The Register
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
2026-04-13 21:35
Dark Reading
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
2026-04-13 21:29
Dark Reading
Adobe Patches Actively Exploited Zero-Day That Lingered for Months
2026-04-13 20:52
The Record
Majority of Australian youth still use social media despite ban, researchers find
2026-04-13 20:21
BleepingComputer
Stolen Rockstar Games analytics data leaked by extortion gang
2026-04-13 20:08
BleepingComputer
Critical flaw in wolfSSL library enables forged certificate use
2026-04-13 19:56
Dark Reading
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
2026-04-13 19:10
BleepingComputer
FBI takedown of W3LL phishing service leads to developer arrest
2026-04-13 18:55
The Register
Fake Linux leader using Slack to con devs into giving up their secrets
2026-04-13 18:48
BleepingComputer
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
2026-04-13 17:39
BleepingComputer
New Booking.com data breach forces reservation PIN resets
2026-04-13 17:30
The Hacker News
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
2026-04-13 17:15
The Record
FBI, Indonesia take down W3LL phishing tool
2026-04-13 16:45
BleepingComputer
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
2026-04-13 15:37
Dark Reading
APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
2026-04-13 15:08
The Hacker News
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
2026-04-13 14:46
The Register
Booking.com warns reservation data may have checked out with intruders
2026-04-13 14:25
The Record
Hackers claim breach of Rockstar Games via cloud analytics platform
2026-04-13 14:15
BleepingComputer
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
2026-04-13 14:05
The Hacker News
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
2026-04-13 13:01
The Hacker News
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
2026-04-13 11:41
The Register
Gym giant Basic-Fit confirms data on a million members stolen in cyberattack
2026-04-13 11:22
The Register
Rockstar Games gets a taste of grand theft data amid ShinyHunters threat of 'Pay or leak'
2026-04-13 10:41
The Register
NHS pays £46K to prep next Microsoft licensing round
2026-04-13 09:27
The Hacker News
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
2026-04-13 09:15
The Hacker News
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
2026-04-13 06:50
The Register
China wants AI to prepare school lessons and mark homework
2026-04-13 02:09
The Register
Anthropic's mysterious Mythos AI threatens to upend the infosec world
2026-04-12 23:12
BleepingComputer
Critical Marimo pre-auth RCE flaw now under active exploitation
2026-04-12 14:20
The Hacker News
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
2026-04-12 05:54
The Hacker News
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
2026-04-12 04:25
BleepingComputer
Over 20,000 crypto fraud victims identified in international crackdown
2026-04-11 14:20
The Register
Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise
2026-04-11 11:11
The Register
Hungarian government creds left in the safe hands of 'FrankLampard'
2026-04-11 08:30
The Hacker News
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
2026-04-11 06:02
BleepingComputer
ChatGPT rolls out new $100 Pro subscription to challenge Claude
2026-04-11 02:08