1075
Total CVEs
4
KEV Entries
98
Critical
308
High
403
Medium
164
Articles
CVE Feed
1075 CVEs
CVE-2026-23600
CRITICAL
10.0
A remote authentication bypass vulnerability
exists in HPE AutoPass License Server (APLS).
CVE-2026-21718
CRITICAL
10.0
An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1.12.1 and prior, enabling any attackers to bypass the
authentication requirement and achieve pre-authenticated code execut...
CVE-2026-28409
CRITICAL
10.0
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. A...
CVE-2026-20127
CRITICAL
10.0
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, r...
CVE-2026-27597
CRITICAL
10.0
Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2.11.1, it is possible to escape the security boundraries set by `@enclave-vm/core`, which can be use...
CVE-2026-27613
CRITICAL
10.0
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. A vulnerability in versions prior to 2.01 allows unauthenticated remote attackers to bypass the web server's CGI parameter security c...
CVE-2026-26222
CRITICAL
10.0
Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes insecure .NET Remoting endpoints over TCP and HTTP/SOAP via Altec.RDCHostService.exe using the ObjectURI "doclinkServer.s...
CVE-2026-2749
CRITICAL
9.9
Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, ...
CVE-2026-28363
CRITICAL
9.9
In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free executio...
CVE-2026-27941
CRITICAL
9.9
OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT's GitHub repository use the `pull_request_target` event while checking out a...
CVE-2025-62878
CRITICAL
9.9
A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended ...
CVE-2026-24849
CRITICAL
9.9
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the `disposeDocument()` method in `EtherFaxActions.php` allows authenti...
CVE-2026-24908
CRITICAL
9.9
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an SQL injection vulnerability in the Patient REST API endpoint allows ...
CVE-2026-27595
CRITICAL
9.9
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (POST `/apps/:appId/agent`) has multiple security ...
CVE-2026-27626
CRITICAL
9.9
OliveTin gives access to predefined shell commands from a web interface. In versions up to and including 3000.10.0, OliveTin's shell mode safety check (`checkShellArgumentSafety`) blocks several dange...
CVE-2026-27702
CRITICAL
9.9
Budibase is a low code platform for creating internal tools, workflows, and admin panels. Prior to version 3.30.4, an unsafe `eval()` vulnerability in Budibase's view filtering implementation allows a...
CVE-2026-27728
CRITICAL
9.9
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.7, an OS command injection vulnerability in `NetworkPathMonitor.performTraceroute()` allows any authenticated...
CVE-2025-50187
CRITICAL
9.8
Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in versi...
CVE-2026-3431
CRITICAL
9.8
On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endp...
CVE-2025-11251
CRITICAL
9.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affec...
CVE-2025-11252
CRITICAL
9.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects w...
CVE-2025-12981
CRITICAL
9.8
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user regi...
CVE-2026-2251
CRITICAL
9.8
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow ...
CVE-2026-28268
CRITICAL
9.8
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password r...
CVE-2026-28408
CRITICAL
9.8
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its ow...
CVE-2026-28411
CRITICAL
9.8
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `extract()` function on the `$_REQUEST` superglobal allows an unauthenticated attacker to overwrite loc...
CVE-2026-27966
CRITICAL
9.8
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.8.0, the CSV Agent node in Langflow hardcodes `allow_dangerous_code=True`, which automatically exposes...
CVE-2026-28213
CRITICAL
9.8
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns...
CVE-2026-20129
CRITICAL
9.8
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin...
CVE-2026-2624
CRITICAL
9.8
Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass.This issue affects Antikor N...
CVE-2026-27637
CRITICAL
9.8
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.206, FreeScout's `TokenAuth` middleware uses a predictable authentication token computed as `MD5...
CVE-2026-27641
CRITICAL
9.8
Flask-Reuploaded provides file uploads for Flask. A critical path traversal and extension bypass vulnerability in versions prior to 1.5.0 allows remote attackers to achieve arbitrary file write and re...
CVE-2025-13942
CRITICAL
9.8
A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacker to execute operating system (OS) commands on an ...
CVE-2026-26198
CRITICAL
9.8
Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate queries, Ormar ORM constructs SQL expressions by passing user-supplied column names directly into `sql...
CVE-2026-27493
CRITICAL
9.5
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an una...
CVE-2025-30044
CRITICAL
9.4
In the endpoints "/cgi-bin/CliniNET.prd/utils/usrlogstat_simple.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat.pl", "/cgi-bin/CliniNET.prd/utils/userlogstat2.pl", and "/cgi-bin/CliniNET.prd/utils/dblogs...
CVE-2026-20781
CRITICAL
9.4
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can c...
CVE-2026-24731
CRITICAL
9.4
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can c...
CVE-2026-25851
CRITICAL
9.4
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can c...
CVE-2026-27028
CRITICAL
9.4
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can c...
CVE-2026-27767
CRITICAL
9.4
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can c...
CVE-2026-27772
CRITICAL
9.4
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can c...
CVE-2026-27947
CRITICAL
9.4
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.9, 25.0.87, and 6.8.154 have an authenticated Remote Code Execution vulnerability in the TNEF ...
CVE-2026-27495
CRITICAL
9.4
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in ...
CVE-2026-27497
CRITICAL
9.4
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could leverage the Merge node's S...
CVE-2026-27577
CRITICAL
9.4
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, additional exploits in the expression evaluation of n8n have been identified and patched following CV...
CVE-2025-11165
CRITICAL
9.4
A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine (VTools) that allows authenticated users with scripting privileges to bypass class and package restrictions enforced by Secu...
CVE-2025-12462
CRITICAL
9.3
A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path resulting in Blind SQL Injection.
This issue was fixe...
CVE-2025-14532
CRITICAL
9.3
DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can result in Remote Code Execution.
This issue was...
CVE-2026-2584
CRITICAL
9.3
A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially...
CVE-2026-2999
CRITICAL
9.3
IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary executable files from ...
CVE-2026-3000
CRITICAL
9.3
IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary DLL files from a remot...
CVE-2026-3422
CRITICAL
9.3
U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted ...
CVE-2026-3432
CRITICAL
9.3
On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint contains a code path that bypasses all authorization checks when provided with `credentialAccountUserId` and `providerId` par...
CVE-2026-2844
CRITICAL
9.3
Missing Authentication for Critical Function vulnerability in Microchip TimePictra allows Configuration/Environment Manipulation.This issue affects TimePictra: from 11.0 through 11.3 SP2.
CVE-2026-3010
CRITICAL
9.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: fro...
CVE-2025-15498
CRITICAL
9.3
Pro3W CMS if vulnerable to SQL injection attacks. Improper neutralization of input provided into a login form allows an unauthenticated attacker to bypass authentication and gain administrative privil...
CVE-2026-27751
CRITICAL
9.3
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attacke...
CVE-2026-27755
CRITICAL
9.3
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5...
CVE-2026-28515
CRITICAL
9.3
openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration fu...
CVE-2026-28516
CRITICAL
9.3
openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::UpdateParameter. The install.php and container-install.php handlers pass user-supplied input directly...
CVE-2026-28517
CRITICAL
9.3
openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in report_network_map.php. The application retrieves the 'dot' configuration parameter from the database...
CVE-2026-22207
CRITICAL
9.3
OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configura...
CVE-2026-27804
CRITICAL
9.3
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.3 and 9.1.1-alpha.4, an unauthenticated attacker can forge a Google authen...
CVE-2026-27969
CRITICAL
9.3
Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipu...
CVE-2025-1242
CRITICAL
9.3
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attack...
CVE-2026-21902
CRITICAL
9.3
An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-b...
CVE-2026-25785
CRITICAL
9.3
Path traversal vulnerability exists in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server Ver.9.4.7.3 and earlier, which may allow an attacker to tamper with arbitrary files and execute arbitr...
CVE-2026-27608
CRITICAL
9.3
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (`POST /apps/:appId/agent`) does not enforce autho...
CVE-2026-27614
CRITICAL
9.3
Bugsink is a self-hosted error tracking tool. In versions prior to 2.0.13, an unauthenticated attacker who can submit events to a Bugsink project can store arbitrary JavaScript in an event. The payloa...
CVE-2026-27743
CRITICAL
9.3
The SPIP referer_spam plugin versions prior to 1.3.0 contain an unauthenticated SQL injection vulnerability in the referer_spam_ajouter and referer_spam_supprimer action handlers. The handlers read th...
CVE-2026-27744
CRITICAL
9.3
The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted reque...
CVE-2025-14577
CRITICAL
9.3
Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote attacker is able to execute arbitrary PHP commands by sending specially crafted requests to /webcti/s...
CVE-2026-21410
CRITICAL
9.3
InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.
CVE-2026-22553
CRITICAL
9.3
All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in its MMadmServ web interface. Malicious users that use the vulnerable endpoint are potentially able t...
CVE-2026-26341
CRITICAL
9.3
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker wh...
CVE-2026-27507
CRITICAL
9.3
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows ful...
CVE-2026-27515
CRITICAL
9.3
Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session ID...
CVE-2026-27593
CRITICAL
9.3
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3 and 5.73.10, an attacker may leverage a vulnerability in the password reset feature to capture a user's ...
CVE-2026-0542
CRITICAL
9.2
ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability could enable an unauthenticated user, in certain circumstances, to...
CVE-2026-27739
CRITICAL
9.2
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery (SSRF) vulnerability in the Ang...
CVE-2026-3179
CRITICAL
9.2
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ASUSTOR ADM FTP Backup on Linux, x86, ARM, 64 bit allows Path Traversal.This issue affects ADM: from 4.1...
CVE-2026-27208
CRITICAL
9.2
bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to exe...
CVE-2026-27584
CRITICAL
9.2
Actual is a local-first personal finance tool. Prior to version 26.2.1, missing authentication middleware in the ActualBudget server component allows any unauthenticated user to query the SimpleFIN an...
CVE-2026-2750
CRITICAL
9.1
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from al...
CVE-2026-28370
CRITICAL
9.1
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitr...
CVE-2026-28215
CRITICAL
9.1
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instanc...
CVE-2026-27575
CRITICAL
9.1
Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to set weak passwords (e.g., 1234, password) without enforcing minimum strength req...
CVE-2026-27699
CRITICAL
9.1
The `basic-ftp` FTP client library for Node.js contains a path traversal vulnerability (CWE-22) in versions prior to 5.2.0 in the `downloadToDir()` method. A malicious FTP server can send directory li...
CVE-2025-40538
CRITICAL
9.1
A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via do...
CVE-2025-40539
CRITICAL
9.1
A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.
This issue requires administrative pr...
CVE-2025-40540
CRITICAL
9.1
A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.
This issue requires administrative pr...
CVE-2025-40541
CRITICAL
9.1
An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.
This issue require...
CVE-2025-30035
CRITICAL
9.0
The vulnerability enables an attacker to fully bypass authentication in CGM CLININET and gain access to any active user account by supplying only the username, without requiring a password or any othe...
CVE-2025-30042
CRITICAL
9.0
The CGM CLININET system provides smart card authentication; however, authentication is conducted locally on the client device, and, in reality, only the certificate number is used for access verificat...
CVE-2026-24663
CRITICAL
9.0
An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an unauthenticated attacker to achieve remote code
execution on the system by sending a crafted request to...
CVE-2026-27498
CRITICAL
9.0
n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenticated user with permission to create or modify workflows could chain the Read/Write Files from Disk ...
CVE-2026-27822
CRITICAL
9.0
RustFS is a distributed object storage system built in Rust. Prior to version 1.0.0-alpha.83, a Stored Cross-Site Scripting (XSS) vulnerability in the RustFS Console allows an attacker to execute arbi...
CVE-2026-3301
HIGH
8.9
A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Managemen...
CVE-2026-27830
HIGH
8.9
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and `javax.naming.Reference` instances. Several c3p0 `ConnectionPoolDataSource` impleme...
CVE-2026-27148
HIGH
8.9
Storybook is a frontend workshop for building user interface components and pages in isolation. Prior to versions 7.6.23, 8.6.17, 9.1.19, and 10.2.10, the WebSocket functionality in Storybook's dev se...
CVE-2026-27727
HIGH
8.9
mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality, including support for remote `factoryClassLocation` values, by whi...
CVE-2026-27590
HIGH
8.9
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's FastCGI path splitting logic computes the split index on a lowercased copy of the request path and the...
CVE-2025-10350
HIGH
8.8
SQL Injection vulnerability in "imageserver" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by GCM...
CVE-2025-50190
HIGH
8.8
Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via the GET openid.assoc_handle parameter with the /index.php script. This issue has been patch...
CVE-2025-50192
HIGH
8.8
Chamilo is a learning management system. Prior to version 1.11.30, there is a time-based SQL Injection in found in /main/webservices/registration.soap.php. This issue has been patched in version 1.11....
CVE-2025-50198
HIGH
8.8
Chamilo is a learning management system. Prior to version 1.11.30, Chamilo is vulnerable to deserialization of untrusted data in /plugin/vchamilo/views/import.php via POST configuration_file; POST cou...
CVE-2025-52468
HIGH
8.8
Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user data from CSV files. This flaw occurs due to insufficient sanitization o...
CVE-2026-21853
HIGH
8.8
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedd...
CVE-2026-3132
HIGH
8.8
The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMA_Widget_Admin::render_preview'. This is du...
CVE-2026-28562
HIGH
8.8
wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers ...
CVE-2019-25489
HIGH
8.8
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the hosting_id parameter. Attackers can send GET ...
CVE-2019-25490
HIGH
8.8
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' parameter. Attackers can send GET reques...
CVE-2019-25491
HIGH
8.8
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requ...
CVE-2019-25492
HIGH
8.8
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET reque...
CVE-2019-25493
HIGH
8.8
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'val' parameter. Attackers can send GET requ...
CVE-2019-25494
HIGH
8.8
Homey BNB V4 contains an SQL injection vulnerability in the administration panel login that allows unauthenticated attackers to bypass authentication by injecting SQL syntax into username and password...
CVE-2019-25495
HIGH
8.8
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviews_id parameter. Attackers can sen...
CVE-2019-25496
HIGH
8.8
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the products_id parameter. Attackers can mo...
CVE-2019-25497
HIGH
8.8
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the currency parameter. Attackers can send ...
CVE-2026-21654
HIGH
8.8
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection.This issue affects Fr...
CVE-2026-21656
HIGH
8.8
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may ...
CVE-2026-21657
HIGH
8.8
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may ...
CVE-2026-21658
HIGH
8.8
Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection.This issue affects...
CVE-2026-27939
HIGH
8.8
Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elev...
CVE-2026-1311
HIGH
8.8
The Worry Proof Backup plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.2.4 via the backup upload functionality. This makes it possible for authenticated at...
CVE-2026-1565
HIGH
8.8
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validati...
CVE-2026-27899
HIGH
8.8
WireGuard Portal (or wg-portal) is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending...
CVE-2026-27952
HIGH
8.8
Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, a Python sandbox escape vulnerability existed in Agenta's custom code evaluator. Agenta used RestrictedPython as a sand...
CVE-2026-27961
HIGH
8.8
Agenta is an open-source LLMOps platform. A Server-Side Template Injection (SSTI) vulnerability exists in versions prior to 0.86.8 in Agenta's API server evaluator template rendering. Although the vul...
CVE-2026-27976
HIGH
8.8
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor (`async_tar::Archive::unpack`) creates symlinks from the archive without validatio...
CVE-2026-1929
HIGH
8.8
The Advanced Woo Labels plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.37. This is due to the use of `call_user_func_array()` with user-controlled ...
CVE-2026-20126
HIGH
8.8
A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system.
This vulnerability is d...
CVE-2026-25131
HIGH
8.8
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in the OpenEMR order types...
CVE-2026-25746
HIGH
8.8
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 contain a SQL injection vulnerability in prescription that can be explo...
CVE-2026-26955
HIGH
8.8
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e...
CVE-2026-26965
HIGH
8.8
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstSte...
CVE-2026-27606
HIGH
8.8
Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary Fil...
CVE-2026-27615
HIGH
8.8
ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the `ManualAdbPath` settings variable, which determines the path of the ADB binary to be execut...
CVE-2026-27636
HIGH
8.8
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.206, FreeScout's file upload restriction list in `app/Misc/Helper.php` does not include `.htacce...
CVE-2026-27701
HIGH
8.8
LiveCode is an open-source, client-side code playground. Prior to commit e151c64c2bd80d2d53ac1333f1df9429fe6a1a11, LiveCode's `i18n-update-pull` GitHub Actions workflow is vulnerable to JavaScript inj...
CVE-2026-28193
HIGH
8.8
In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint
CVE-2025-13943
HIGH
8.8
A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute...
CVE-2026-22765
HIGH
8.8
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading...
CVE-2026-26331
HIGH
8.8
yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter) i...
CVE-2026-27483
HIGH
8.8
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenti...
CVE-2026-27586
HIGH
8.8
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in `ClientAuthentication.provision()` cause mTLS client certificate authentication to sil...
CVE-2024-47886
HIGH
8.7
Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution (RCE) within versions 1.11.12 to 1.11.26. By abusing mult...
CVE-2026-3336
HIGH
8.7
Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the fina...
CVE-2026-3338
HIGH
8.7
Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes.
Customers of A...
CVE-2026-21659
HIGH
8.7
Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to
exec...
CVE-2026-2359
HIGH
8.7
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by dropping connection durin...
CVE-2026-28426
HIGH
8.7
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with ...
CVE-2026-3304
HIGH
8.7
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed request...
CVE-2026-1241
HIGH
8.7
The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web management interface. The flaw stems from inadequate enforcement of access controls, a...
CVE-2026-22205
HIGH
8.7
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit lo...
CVE-2026-22206
HIGH
8.7
SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Att...
CVE-2026-27630
HIGH
8.7
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service (DoS) attack known as Slowloris. The server spawns a new OS thre...
CVE-2026-27633
HIGH
8.7
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service (DoS) vulnerability via memory exhaustion. Unauthenticated remote attackers c...
CVE-2026-27818
HIGH
8.7
TerriaJS-Server is a NodeJS Express server for TerriaJS, a library for building web-based geospatial data explorers. A validation bug in versions prior to 4.0.3 allows an attacker to proxy domains not...
CVE-2026-28274
HIGH
8.7
Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting (XSS) in the document upload functionality. Any user ...
CVE-2025-50180
HIGH
8.7
esm.sh is a no-build content delivery network (CDN) for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websit...
CVE-2025-69231
HIGH
8.7
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assess...
CVE-2026-26984
HIGH
8.7
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to versions 26.0.5, 27.0.2, and 28....
CVE-2026-27745
HIGH
8.7
The SPIP interface_traduction_objets plugin versions prior to 4.3.3 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untruste...
CVE-2026-27747
HIGH
8.7
The SPIP interface_traduction_objets plugin versions prior to 4.3.3 contain an authenticated SQL injection vulnerability in interface_traduction_objets_pipelines.php. When handling translation request...
CVE-2026-1773
HIGH
8.7
IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure comm...
CVE-2026-23678
HIGH
8.7
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management in...
CVE-2026-26340
HIGH
8.7
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access l...
CVE-2026-26342
HIGH
8.7
Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token (X-User-Token) with insufficient expiration. An attacker who obtains a valid token...
CVE-2026-27519
HIGH
8.7
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can...
CVE-2026-27520
HIGH
8.7
Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64...
CVE-2026-25085
HIGH
8.6
A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in
which an unexpected return value from the authentication routine is
later on processed as a legitimate value, resulting in an...
CVE-2026-27776
HIGH
8.6
IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed...
CVE-2026-1198
HIGH
8.6
SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the datab...
CVE-2026-26938
HIGH
8.6
Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, ...
CVE-2026-27696
HIGH
8.6
changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, changedetection.io is vulnerable to Server-Side Request Forgery (SSRF) because the URL validation ...
CVE-2026-27730
HIGH
8.6
esm.sh is a no-build content delivery network (CDN) for web development. Versions up to and including 137 have an SSRF vulnerability (CWE-918) in esm.sh’s `/http(s)` fetch route. The service tries to ...
CVE-2025-13776
HIGH
8.6
Multiple Finka programs use hard-coded Firebird database credentials (shared across all instances of this software). A malicious attacker in local network who knows default credentials is able to read...
CVE-2025-9120
HIGH
8.6
Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection.
The vulnerability could be exploited through an open port, po...
CVE-2026-24443
HIGH
8.6
EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the account management functionality of the Web Reports interface. The password change mechanism does not ...
CVE-2026-25965
HIGH
8.6
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick’s path security policy is enforced on the raw filen...
CVE-2026-27516
HIGH
8.6
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext within the administrative interface and HTTP responses, allowing recovery of valid cr...
CVE-2026-27732
HIGH
8.6
WWBN AVideo is an open source video platform. Prior to version 22.0, the `aVideoEncoder.json.php` API endpoint accepts a `downloadURL` parameter and fetches the referenced resource server-side without...
CVE-2026-0654
HIGH
8.5
Improper input handling in the administration web interface on TP-Link Deco BE25 v1.0 allows crafted input to be executed as part of an OS command. An authenticated adjacent attacker may execute arbi...
CVE-2026-28286
HIGH
8.5
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in the frontend/UI to prevent users from cr...
CVE-2026-23703
HIGH
8.5
The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege.
CVE-2026-27509
HIGH
8.5
Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled ...
CVE-2025-67491
HIGH
8.5
OpenEMR is a free and open source electronic health records and medical practice management application. Versions 5.0.0.5 through 7.0.3.4 have a stored cross-site scripting vulnerability in the ub04 h...
CVE-2026-27578
HIGH
8.5
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could inject arbitrary scripts in...
CVE-2026-27639
HIGH
8.5
Mercator is an open source web application designed to enable mapping of information systems. A stored Cross-Site Scripting (XSS) vulnerability exists in Mercator prior to version 2026.02.22 due to th...
CVE-2026-27640
HIGH
8.5
tfplan2md is software for converting Terraform plan JSON files into human-readable Markdown reports. Prior to version 1.26.1, a bug in tfplan2md affected several distinct rendering paths: AzApi resour...
CVE-2026-2914
HIGH
8.5
CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs
CVE-2026-21882
HIGH
8.4
theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via comm...
CVE-2026-1585
HIGH
8.4
An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the ...
CVE-2026-24497
HIGH
8.4
Stack-based Buffer Overflow vulnerability in SimTech Systems, Inc. ThinkWise allows Remote Code Inclusion.This issue affects ThinkWise: from 7 through 23.
CVE-2026-3223
HIGH
8.4
Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.
CVE-2026-2244
HIGH
8.4
A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script...
CVE-2026-25191
HIGH
8.4
The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory ...
CVE-2026-27965
HIGH
8.4
Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipu...
CVE-2026-3071
HIGH
8.4
Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model.
CVE-2025-52482
HIGH
8.3
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious ...
CVE-2026-0980
HIGH
8.3
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit t...
CVE-2026-2751
HIGH
8.3
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injec...
CVE-2023-31364
HIGH
8.3
Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine...
CVE-2026-28216
HIGH
8.3
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. `user-environments.resolver....
CVE-2025-67601
HIGH
8.3
A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert ...
CVE-2026-25554
HIGH
8.3
OpenSIPS versions 3.1 before 3.6.4 containing the auth_jwt module (prior to commit 3822d33) contain a SQL injection vulnerability in the jwt_db_authorize() function in modules/auth_jwt/authorize.c whe...
CVE-2026-27609
HIGH
8.3
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (`POST /apps/:appId/agent`) lacks CSRF protection....
CVE-2026-3100
HIGH
8.3
Improper Certificate Validation vulnerability in ASUSTOR ADM FTP Backup on Linux, x86, ARM, 64 bit allows Sniffing Attacks.This issue affects ADM: from 4.1.0 through 4.3.3.ROF1, from 5.0.0 through 5.1...
CVE-2026-3337
HIGH
8.2
Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis.
The impacted implementations ...
CVE-2026-2293
HIGH
8.2
A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization options are enabled.
This issue affects nest.Js: 11.1...
CVE-2026-27752
HIGH
8.2
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials. An attacker positioned to observe netwo...
CVE-2026-28406
HIGH
8.2
kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives u...
CVE-2026-28416
HIGH
8.2
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP r...
CVE-2026-2880
HIGH
8.2
A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-scoped middleware (for example, app.use('/secret', auth)).
When Fastify router no...
CVE-2026-27946
HIGH
8.2
ZITADEL is an open source identity management platform. Prior to versions 4.11.1 and 3.4.7, a vulnerability in Zitadel's self-management capability allowed users to mark their email and phone as verif...
CVE-2026-27627
HIGH
8.2
Karakeep is a elf-hostable bookmark-everything app. In version 0.30.0, when the Reddit metascraper plugin returns `readableContentHtml`, the HTML parsing subprocess uses it directly without running it...
CVE-2026-27700
HIGH
8.2
Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4.12.0 and 4.12.1, when using the AWS Lambda adapter (`hono/aws-lambda`) behind an Application Load Ba...
CVE-2026-25794
HIGH
8.2
ImageMagick is free and open-source software used for editing and manipulating digital images. `WriteUHDRImage` in `coders/uhdr.c` uses `int` arithmetic to compute the pixel buffer size. Prior to vers...
CVE-2026-28272
HIGH
8.1
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a confi...
CVE-2026-1779
HIGH
8.1
The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to incorrect authentication in the 'register_member'...
CVE-2026-27975
HIGH
8.1
Ajenti is a Linux and BSD modular server admin panel. Prior to version 2.2.13, an unauthenticated user could gain access to a server to execute arbitrary code on this server. This is fixed in the vers...
CVE-2026-28275
HIGH
8.1
Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 do not invalidate previously issued JWT access tokens after a user changes their password. As a res...
CVE-2025-67752
HIGH
8.1
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper (`oeHttp`/`oeHttpRequest`) disables SSL/T...
CVE-2026-22719
HIGH
8.1
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMw...
CVE-2026-24890
HIGH
8.1
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the patient portal signature e...
CVE-2026-25136
HIGH
8.1
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. A reflected Cross-site Scripting vulnerability w...
CVE-2026-25164
HIGH
8.1
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the REST API route table in `apis/routes/_rest_routes_standard.inc.php`...
CVE-2026-26985
HIGH
8.1
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Starting in version 24.0.0 and prior to v...
CVE-2026-27607
HIGH
8.1
RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.56 through 1.0.0-alpha.82, RustFS does not validate policy conditions in presigned POST uploads (PostObject), allow...
CVE-2026-3172
HIGH
8.1
Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server.
CVE-2026-20742
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input in...
CVE-2026-20764
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
providing malicious input via...
CVE-2026-20902
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input ...
CVE-2026-20910
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input int...
CVE-2026-21389
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input int...
CVE-2026-23702
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
sending malicious input injec...
CVE-2026-24452
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted template...
CVE-2026-24517
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input i...
CVE-2026-24689
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input in...
CVE-2026-24695
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input...
CVE-2026-25037
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
configuring a maliciously cr...
CVE-2026-25105
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious inpu...
CVE-2026-25109
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input i...
CVE-2026-25111
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input int...
CVE-2026-25195
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted firmwa...
CVE-2026-25196
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input int...
CVE-2026-25721
HIGH
8.0
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input int...
CVE-2026-28425
HIGH
8.0
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, an authenticated control panel user with access to Antlers-enabled inputs may be able to ac...
CVE-2026-3037
HIGH
8.0
An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an authenticated attacker to achieve remote code
execution on the system by modifying malicious input inje...
CVE-2026-27812
HIGH
8.0
Sub2API is an AI API gateway platform designed to distribute and manage API quotas from AI product subscriptions. A vulnerability in versions prior to 0.1.85 is a Password Reset Poisoning (Host Header...
CVE-2026-0752
HIGH
8.0
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that under certain circumstances, could have allowed an unauth...
CVE-2026-22720
HIGH
8.0
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative action...
CVE-2025-33179
HIGH
8.0
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might le...
CVE-2025-33180
HIGH
8.0
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escal...
CVE-2026-28364
HIGH
7.9
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems ...
CVE-2025-47373
HIGH
7.8
Memory Corruption when accessing buffers with invalid length during TA invocation.
CVE-2025-47375
HIGH
7.8
Memory corruption while handling different IOCTL calls from the user-space simultaneously.
CVE-2025-47376
HIGH
7.8
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
CVE-2025-47377
HIGH
7.8
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
CVE-2025-47379
HIGH
7.8
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
CVE-2025-47381
HIGH
7.8
Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.
CVE-2025-47385
HIGH
7.8
Memory Corruption when accessing trusted execution environment without proper privilege check.
CVE-2025-47386
HIGH
7.8
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
CVE-2025-59600
HIGH
7.8
Memory Corruption when adding user-supplied data without checking available buffer space.
CVE-2025-59603
HIGH
7.8
Memory Corruption when processing invalid user address with nonstandard buffer address.
CVE-2026-21385
HIGH
7.8
Memory corruption while using alignments for memory allocation.
CVE-2026-1442
HIGH
7.8
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker (or anyone paying attention), the firmware updates may be altered by an ...
CVE-2026-28211
HIGH
7.8
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A m...
CVE-2025-50199
HIGH
7.7
Chamilo is a learning management system. Prior to version 1.11.30, there is a blind SSRF vulnerability in /index.php via the POST openid_url parameter. This issue has been patched in version 1.11.30.
CVE-2026-27821
HIGH
7.7
GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in `src/filters/dmx_nhml.c`. The value of the xmlHeaderEnd...
CVE-2026-27938
HIGH
7.7
WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.9.1, the `wp-graphql/wp-graphql` repository contains a GitHub Actions workflow (`release.yml`) vulnerable to OS command injecti...
CVE-2026-20048
HIGH
7.7
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated, remote attacker to cause a denial of ser...
CVE-2026-27706
HIGH
7.7
Plane is an an open-source project management tool. Prior to version 1.2.2, a Full Read Server-Side Request Forgery (SSRF) vulnerability has been identified in the "Add Link" feature. This flaw allows...
CVE-2024-1524
HIGH
7.7
When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider (IDP) there is a risk that a local user store user's information may be replaced during the account pr...
CVE-2026-25891
HIGH
7.7
Fiber is an Express inspired web framework written in Go. A Path Traversal (CWE-22) vulnerability in Fiber allows a remote attacker to bypass the static middleware sanitizer and read arbitrary files o...
CVE-2026-27587
HIGH
7.7
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP `path` request matcher is intended to be case-insensitive, but when the match pattern contains pe...
CVE-2026-27588
HIGH
7.7
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP `host` request matcher is documented as case-insensitive, but when configured with a large host l...
CVE-2026-28403
HIGH
7.6
Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server (`ws://127.0.0.1:<httpPort+1>`) accepts connections from any origin without validating the HTTP...
CVE-2025-14343
HIGH
7.6
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dokuzsoft Technology Ltd. E-Commerce Product allows Reflected XSS.This issue affects E-Comm...
CVE-2026-27970
HIGH
7.6
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Versions prior to 21.2.0, 21.1.16, 20.3.17, and 19.2.19 have a cross...
CVE-2026-2460
HIGH
7.6
A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.
CVE-2026-25802
HIGH
7.6
New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRend...
CVE-2026-3105
HIGH
7.6
SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint used for retrieving contact activities. A vulnerability exists in the query construction for the Contact Activity timel...
CVE-2026-3180
HIGH
7.5
The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cgl_mail’ parameter in all...
CVE-2025-13673
HIGH
7.5
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient...
CVE-2026-2471
HIGH
7.5
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. Thi...
CVE-2025-10990
HIGH
7.5
A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead t...
CVE-2026-20792
HIGH
7.5
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks ...
CVE-2026-2252
HIGH
7.5
An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references.
This issue affect...
CVE-2026-2428
HIGH
7.5
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN (Insta...
CVE-2026-24445
HIGH
7.5
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks ...
CVE-2026-25113
HIGH
7.5
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks ...
CVE-2026-25114
HIGH
7.5
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks ...
CVE-2026-25945
HIGH
7.5
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks ...
CVE-2026-26305
HIGH
7.5
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks ...
CVE-2026-27836
HIGH
7.5
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF prote...
CVE-2026-28400
HIGH
7.5
Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime fla...
CVE-2026-28414
HIGH
7.5
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that en...
CVE-2026-1557
HIGH
7.5
The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to...
CVE-2026-26078
HIGH
7.5
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, when the `patreon_webhook_secret` site setting is blank, an attacker can forge valid webhook signa...
CVE-2026-26265
HIGH
7.5
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an IDOR vulnerability in the directory items endpoint allows any user, including anonymous users, ...
CVE-2026-27449
HIGH
7.5
Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing ...
CVE-2026-27635
HIGH
7.5
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.0, when model render generation is enabled, ...
CVE-2026-27831
HIGH
7.5
rldns is an open source DNS server. Version 2.3 has a heap-based out-of-bounds read that leads to denial of service. Version 1.4 contains a patch for the issue.
CVE-2026-27903
HIGH
7.5
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` perfo...
CVE-2026-27904
HIGH
7.5
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extgl...
CVE-2026-27959
HIGH
7.5
Koa is middleware for Node.js using ES2017 async functions. Prior to versions 3.1.2 and 2.16.4, Koa's `ctx.hostname` API performs naive parsing of the HTTP Host header, extracting everything before th...
CVE-2026-28276
HIGH
7.5
Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /u...
CVE-2025-14511
HIGH
7.5
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause denia...
CVE-2026-1388
HIGH
7.5
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause regula...
CVE-2026-1662
HIGH
7.5
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause Denia...
CVE-2026-1916
HIGH
7.5
The WPGSI: Spreadsheet Integration plugin for WordPress is vulnerable to unauthorized modification and loss of data due to missing capability checks and an insecure authentication mechanism on the `wp...
CVE-2026-20128
HIGH
7.5
A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit t...
CVE-2026-2416
HIGH
7.5
The Geo Mashup plugin for WordPress is vulnerable to SQL Injection via the 'sort' parameter in all versions up to, and including, 1.13.17. This is due to insufficient escaping on the user supplied par...
CVE-2026-25476
HIGH
7.5
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the session expiration check in `library/auth.inc.php` runs only when `...
CVE-2026-24481
HIGH
7.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagi...
CVE-2026-24485
HIGH
7.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the Decod...
CVE-2026-25899
HIGH
7.5
Fiber is an Express inspired web framework written in Go. In versions on the v3 branch prior to 3.1.0, the use of the `fiber_flash` cookie can force an unbounded allocation on any server. A crafted 10...
CVE-2026-25985
HIGH
7.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes Image...
CVE-2026-25989
HIGH
7.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one...
CVE-2026-3400
HIGH
7.4
A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wp...
CVE-2026-3377
HIGH
7.4
A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Performing a manipulation of the argument page results i...
CVE-2026-3378
HIGH
7.4
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The atta...
CVE-2026-3379
HIGH
7.4
A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overflo...
CVE-2026-3380
HIGH
7.4
A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page results in buffer overflow. The attack may ...
CVE-2026-3398
HIGH
7.4
A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. Executing a manipulation of the argument wanmode/PPPO...
CVE-2026-3399
HIGH
7.4
A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of the...
CVE-2026-3376
HIGH
7.4
A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument ...
CVE-2026-28372
HIGH
7.4
telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40...
CVE-2026-3271
HIGH
7.4
A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP2pListFilter of the file /goform/P2pListFilterof of the component httpd. The manipulation of the argument page results i...
CVE-2026-3272
HIGH
7.4
A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. This manipulation of the argument page caus...
CVE-2026-3273
HIGH
7.4
A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component httpd. Such manipulation of th...
CVE-2026-3274
HIGH
7.4
A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argu...
CVE-2026-3275
HIGH
7.4
A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Executing a manipulation of the argument entrys ca...
CVE-2026-27800
HIGH
7.4
Zed, a code editor, has a Zip Slip (Path Traversal) vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The `extract_zip()` function in `crates/util/src/ar...
CVE-2026-20010
HIGH
7.4
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an...
CVE-2026-20033
HIGH
7.4
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
This vul...
CVE-2026-20051
HIGH
7.4
A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, a...
CVE-2026-23627
HIGH
7.4
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an SQL injection vulnerability in the Immunization module allows any au...
CVE-2026-3165
HIGH
7.4
A vulnerability was determined in Tenda F453 1.0.0.3. Impacted is the function fromSetWifiGusetBasic of the file /goform/AdvSetWrlsafeset of the component httpd. This manipulation of the argument mit_...
CVE-2026-3166
HIGH
7.4
A vulnerability was identified in Tenda F453 1.0.0.3. The affected element is the function fromRouteStatic of the file /goform/RouteStatic of the component httpd. Such manipulation of the argument pag...
CVE-2026-3167
HIGH
7.4
A security flaw has been discovered in Tenda F453 1.0.0.3. The impacted element is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component httpd. Performing a manipulation ...
CVE-2026-3168
HIGH
7.4
A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromNatStaticSetting of the file /goform/NatStaticSetting of the component httpd. Executing a manipulation of the argume...
CVE-2026-3169
HIGH
7.4
A security vulnerability has been detected in Tenda F453 1.0.0.3. This impacts the function fromSafeEmailFilter of the file /goform/SafeEmailFilter of the component httpd. The manipulation of the argu...
CVE-2026-2459
HIGH
7.4
A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.
CVE-2026-25967
HIGH
7.4
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A c...
CVE-2026-25968
HIGH
7.4
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute...
CVE-2026-3044
HIGH
7.4
A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument b...
CVE-2026-20895
HIGH
7.3
The WebSocket backend uses charging station identifiers to uniquely
associate sessions but allows multiple endpoints to connect using the
same session identifier. This implementation results in pred...
CVE-2026-25711
HIGH
7.3
The WebSocket backend uses charging station identifiers to uniquely
associate sessions but allows multiple endpoints to connect using the
same session identifier. This implementation results in pred...
CVE-2026-25778
HIGH
7.3
The WebSocket backend uses charging station identifiers to uniquely
associate sessions but allows multiple endpoints to connect using the
same session identifier. This implementation results in pred...
CVE-2026-26290
HIGH
7.3
The WebSocket backend uses charging station identifiers to uniquely
associate sessions but allows multiple endpoints to connect using the
same session identifier. This implementation results in pred...
CVE-2026-27647
HIGH
7.3
The WebSocket backend uses charging station identifiers to uniquely
associate sessions but allows multiple endpoints to connect using the
same session identifier. This implementation results in pred...
CVE-2026-27652
HIGH
7.3
The WebSocket backend uses charging station identifiers to uniquely
associate sessions but allows multiple endpoints to connect using the
same session identifier. This implementation results in pred...
CVE-2026-27707
HIGH
7.3
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting in version 2.0.0 and prior to version 3.1.0, an authentication guard logic flaw in `POST /api/v1/auth...
CVE-2025-64999
HIGH
7.3
Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into t...
CVE-2026-28279
HIGH
7.3
osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the `osctrl-admin` environment configuration. An authenticated administrator can injec...
CVE-2026-25733
HIGH
7.3
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. Versions prior to 35.8.3, 38.5.4, and 39.3.1 hav...
CVE-2026-27616
HIGH
7.3
Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to upload SVG files as task attachments. SVG is an XML-based format that supports J...
CVE-2025-33181
HIGH
7.3
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escal...
CVE-2025-47383
HIGH
7.2
Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
CVE-2025-50189
HIGH
7.2
Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the POST resource[document][SQL_INJECTION_HERE] an...
CVE-2026-23750
HIGH
7.2
Golioth Pouch version 0.1.0 prior to [INSERT FIXED VERSION], fixed in commit 1b2219a1, contain a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a hea...
CVE-2025-68277
HIGH
7.2
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, when a link is sent via Secure Messaging, clicking the link opens the w...
CVE-2026-25743
HIGH
7.2
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, users with the "Forms administration" role can fill questionnaires ("fo...
CVE-2026-27624
HIGH
7.2
Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CV...
CVE-2026-27819
HIGH
7.2
Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the restoreConfig function in vikunja/pkg/modules/dump/restore.go of the go-vikunja/vikunja repository fails to ...
CVE-2026-1459
HIGH
7.2
A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.7)C0 could allow an authenticated a...
CVE-2026-22766
HIGH
7.2
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit...
CVE-2025-47378
HIGH
7.1
Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.
CVE-2025-50193
HIGH
7.1
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injection vulnerability in /plugin/vchamilo/views/import.php with the POST to_main_database parameter. This is...
CVE-2025-50194
HIGH
7.1
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/lang/check_parse_lang.php. This issue has been patched in version 1.11.3...
CVE-2025-50195
HIGH
7.1
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. This issue has been patched in versio...
CVE-2025-50196
HIGH
7.1
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/editinstance.php via the POST main_database parameter. This ...
CVE-2025-50197
HIGH
7.1
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/admin/sub_language_ajax.inc.php via the POST new_language parameter. This iss...
CVE-2025-52469
HIGH
7.1
Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo’s social network module allows an authenticated user to forcibly add ...
CVE-2025-58402
HIGH
7.1
The CGM CLININET application uses direct, sequential object identifiers "MessageID" without proper authorization checks. By modifying the parameter in the GET request, an attacker can access messages ...
CVE-2025-64427
HIGH
7.1
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticate...
CVE-2026-28557
HIGH
7.1
wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforo_synch_roles AJAX handler. Attackers a...
CVE-2025-15509
HIGH
7.1
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage.
CVE-2026-25147
HIGH
7.1
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, in `portal/portal_payment.php`, the patient id used for the page is tak...
CVE-2026-27757
HIGH
7.1
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication vulnerability that allows authenticated users to change account passwords without verifying the current password. A...
CVE-2026-27832
HIGH
7.1
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection (SQLi) vulnerability, exploitable through the `ad...
CVE-2026-28402
HIGH
7.1
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.2.2, a malicious or compromised validator that is e...
CVE-2026-25741
HIGH
7.1
Zulip is an open-source team collaboration tool. Prior to commit bf28c82dc9b1f630fa8e9106358771b20a0040f7, the API endpoint for creating a card update session during an upgrade flow was accessible to ...
CVE-2026-27967
HIGH
7.1
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools (`read_file`, `edit_file`). It allows reading and writing files **outside the project directory*...
CVE-2026-28230
HIGH
7.1
SteVe is an open-source EV charging station management system. In versions up to and including 3.11.0, when a charger sends a StopTransaction message, SteVe looks up the transaction solely by transact...
CVE-2026-25927
HIGH
7.1
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the DICOM viewer state API (e.g. upload or state save/load) accepts a ...
CVE-2026-26103
HIGH
7.1
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivi...
CVE-2026-27494
HIGH
7.1
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to...
CVE-2026-27598
HIGH
7.1
Dagu is a workflow engine with a built-in Web user interface. In versions up to and including 1.16.7, the `CreateNewDAG` API endpoint (`POST /api/v1/dags`) does not validate the DAG name before passin...
CVE-2026-27611
HIGH
7.1
FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the pa...
CVE-2026-27692
HIGH
7.1
iccDEV provides a set of libraries and tools for working with ICC color management profiles. In versions up to and including 2.3.1.4, heap-buffer-overflow read occurs during CIccTagTextDescription::Re...
CVE-2026-23982
HIGH
7.1
An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prev...
CVE-2026-23984
HIGH
7.1
An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated user with SQLLab access to bypass the read-only verification check when using a PostgreSQL database co...
CVE-2026-25591
HIGH
7.1
New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.10, a SQL LIKE wildcard injection vulnerability in the `/api/toke...
CVE-2025-50188
HIGH
7.0
Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the GET value parameter with the following scripts...
CVE-2025-50191
HIGH
7.0
Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script. This issue has been patched i...
CVE-2025-52998
HIGH
7.0
Chamilo is a learning management system. Prior to version 1.11.30, in the application, deserialization of data is performed, the data can be spoofed. An attacker can create objects of arbitrary classe...
CVE-2026-27896
HIGH
7.0
The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing in versions prior to 1.3.1. Go's standard library performs case-insensitive matching of JSON key...
CVE-2026-25127
HIGH
7.0
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the server does not properly validate user permission. Unauthorized use...
CVE-2026-25701
HIGH
7.0
An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a directory to achieve various effects like:
* gain access to possible private information found in ...
CVE-2026-27610
HIGH
7.0
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the `ConfigKeyCache` uses the same cache key for both master key and read-on...
CVE-2026-27127
HIGH
7.0
Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separa...
CVE-2025-30062
MEDIUM
6.9
In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit" function is vulnerable to SQL injection.
CVE-2025-52564
MEDIUM
6.9
Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML, such as under...
CVE-2026-0655
MEDIUM
6.9
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TP-Link Deco BE25 v1.0 (web modules) allows authenticated adjacent attacker to read arbitrary files or c...
CVE-2026-25477
MEDIUM
6.9
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.26.0, there is an Open Redirect vulnerability located at the /redirect-proxy endpoint. The flaw exists in the...
CVE-2026-3406
MEDIUM
6.9
A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manip...
CVE-2026-3409
MEDIUM
6.9
A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.exec_module of the file /api/v1/serve/awel/flow/import of the component ...
CVE-2026-3410
MEDIUM
6.9
A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/check_studid.php. Executing a manipulation o...
CVE-2026-3411
MEDIUM
6.9
A security vulnerability has been detected in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /admin_single_student_update.php. The mani...
CVE-2026-3413
MEDIUM
6.9
A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /admin_single_student.php. This manipulation of the argument ID causes sql i...
CVE-2026-3395
MEDIUM
6.9
A flaw has been found in MaxSite CMS up to 109.1. This impacts the function eval of the file application/maxsite/admin/plugins/editor_markitup/preview-ajax.php of the component MarkItUp Preview AJAX E...
CVE-2026-28559
MEDIUM
6.9
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers reque...
CVE-2026-21660
MEDIUM
6.9
Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, ex...
CVE-2026-27753
MEDIUM
6.9
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication bypass vulnerability that allows remote attackers to perform unlimited login attempts against the management interf...
CVE-2026-27754
MEDIUM
6.9
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictab...
CVE-2026-28351
MEDIUM
6.9
pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the co...
CVE-2026-28407
MEDIUM
6.9
malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extra...
CVE-2026-23939
MEDIUM
6.9
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in hexpm hexpm/hexpm ('Elixir.Hexpm.Store.Local' module) allows Relative Path Traversal. This vulnerability...
CVE-2026-27021
MEDIUM
6.9
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoint in the poll plugin lacked post visibility checks which allowed unauthorized ac...
CVE-2026-27887
MEDIUM
6.9
Spin is an open source developer tool for building and running serverless applications powered by WebAssembly. When Spin is configured to allow connections to a database or web server which could retu...
CVE-2026-3261
MEDIUM
6.9
A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settings/index.php of the component Setting Handler. This manipulation of the argument...
CVE-2026-27738
MEDIUM
6.9
The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, th...
CVE-2026-3133
MEDIUM
6.9
A vulnerability has been found in itsourcecode Document Management System 1.0. This issue affects some unknown processing of the file /loging.php of the component Login. The manipulation of the argume...
CVE-2026-3134
MEDIUM
6.9
A security flaw has been discovered in itsourcecode News Portal Project 1.0. The affected element is an unknown function of the file /newsportal/admin/edit-category.php. The manipulation of the argume...
CVE-2026-3135
MEDIUM
6.9
A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an unknown function of the file /admin/add-category.php. This manipulation of the argument Category caus...
CVE-2026-3148
MEDIUM
6.9
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes s...
CVE-2026-3151
MEDIUM
6.9
A vulnerability was detected in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /login/login.php. The manipulation of the argument email results in sql ...
CVE-2026-3152
MEDIUM
6.9
A flaw has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacher_id caus...
CVE-2026-3153
MEDIUM
6.9
A vulnerability has been found in itsourcecode Document Management System 1.0. Impacted is an unknown function of the file /register.php. Such manipulation of the argument Username leads to sql inject...
CVE-2026-3164
MEDIUM
6.9
A vulnerability was found in itsourcecode News Portal Project 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle results in sq...
CVE-2026-3200
MEDIUM
6.9
A vulnerability was identified in z-9527 admin 1.0/2.0. The affected element is the function checkName/register/login/getUser/getUsers of the file /server/controller/user.js. The manipulation leads to...
CVE-2026-25545
MEDIUM
6.9
Astro is a web framework. Prior to version 9.5.4, Server-Side Rendered pages that return an error with a prerendered custom error page (eg. `404.astro` or `500.astro`) are vulnerable to SSRF. If the `...
CVE-2026-27128
MEDIUM
6.9
Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, a Time-of-Check-Time-of-Use (TOCTOU) race condition exists in Craft CMS’s token validati...
CVE-2026-27195
MEDIUM
6.9
Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the `component-model-async` feature became the default, which brought with it a new implementation of `[Typed]Func::call_async` wh...
CVE-2026-27204
MEDIUM
6.9
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0, Wasmtime's implementation of WASI host interfaces are susceptible to guest-controlled resource exha...
CVE-2026-27461
MEDIUM
6.9
Pimcore is an Open Source Data & Experience Management Platform. In versions up to and including 11.5.14.1 and 12.3.2, the filter query parameter in the dependency listing endpoints is JSON-decoded an...
CVE-2026-27521
MEDIUM
6.9
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user cr...
CVE-2026-27572
MEDIUM
6.9
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0, Wasmtime's implementation of the `wasi:http/types.fields` resource is susceptible to panics when to...
CVE-2026-27585
MEDIUM
6.9
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the path sanitization routine in file matcher doesn't sanitize backslashes which can lead to bypassing path re...
CVE-2026-27589
MEDIUM
6.9
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local caddy admin API (default listen `127.0.0.1:2019`) exposes a state-changing `POST /load` endpoint tha...
CVE-2026-3042
MEDIUM
6.9
A vulnerability was detected in itsourcecode Event Management System 1.0. The affected element is an unknown function of the file /admin/index.php. Performing a manipulation of the argument ID results...
CVE-2026-3046
MEDIUM
6.9
A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /check_profile_old.php. The man...
CVE-2026-3053
MEDIUM
6.9
A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component Open...
CVE-2026-3068
MEDIUM
6.9
A weakness has been identified in itsourcecode Document Management System 1.0. This impacts an unknown function of the file /deluser.php. Executing a manipulation of the argument user2del can lead to ...
CVE-2026-3069
MEDIUM
6.9
A security vulnerability has been detected in itsourcecode Document Management System 1.0. Affected is an unknown function of the file /edtlbls.php. The manipulation of the argument field1 leads to sq...
CVE-2026-28338
MEDIUM
6.8
PMD is an extensible multilanguage static code analyzer. Prior to version 7.22.0, PMD's `vbhtml` and `yahtml` report formats insert rule violation messages into HTML output without escaping. When PMD ...
CVE-2026-28423
MEDIUM
6.8
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, when Glide image manipulation is used in insecure mode (which is not the default), the imag...
CVE-2026-27809
MEDIUM
6.8
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data (e.g. a literal run that extends past th...
CVE-2026-27933
MEDIUM
6.8
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Versions prior to 0.133.0 are vulnerable to session hijack via cook...
CVE-2026-27621
MEDIUM
6.8
TypiCMS is a multilingual content management system based on the Laravel framework. A Stored Cross-Site Scripting (XSS) vulnerability exists in the file upload module of TypiCMS prior to version 16.1....
CVE-2025-10010
MEDIUM
6.8
The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separ...
CVE-2026-2664
MEDIUM
6.8
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an u...
CVE-2025-9907
MEDIUM
6.7
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure...
CVE-2025-9908
MEDIUM
6.7
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructu...
CVE-2025-9909
MEDIUM
6.7
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//)...
CVE-2026-20099
MEDIUM
6.7
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform ...
CVE-2026-3091
MEDIUM
6.7
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files during installation by placing a malicious DLL in adva...
CVE-2026-27888
MEDIUM
6.6
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xf...
CVE-2026-28207
MEDIUM
6.6
Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command injection vulnerability (CWE-78) in the Zen C compiler allows local attackers to ex...
CVE-2026-27704
MEDIUM
6.6
The Dart and Flutter SDKs provide software development kits for the Dart programming language. In versions of the Dart SDK prior to 3.11.0 and the Flutter SDK prior to version 3.41.0, when the pub cli...
CVE-2026-27794
MEDIUM
6.6
LangGraph Checkpoint defines the base interface for LangGraph checkpointers. Prior to version 4.0.0, a Remote Code Execution vulnerability exists in LangGraph's caching layer when applications enable ...
CVE-2025-69250
MEDIUM
6.6
free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, the service reliably leaks d...
CVE-2025-69251
MEDIUM
6.6
free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, remote attackers can inject...
CVE-2025-69252
MEDIUM
6.6
free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 have a NULL Pointer Dereference ...
CVE-2025-69253
MEDIUM
6.6
free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information ...
CVE-2026-25501
MEDIUM
6.6
free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, SMF panics due to nil pointer ...
CVE-2026-26024
MEDIUM
6.6
free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, SMF panics and terminates when...
CVE-2026-26025
MEDIUM
6.6
free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, SMF panics and terminates when...
CVE-2026-27642
MEDIUM
6.6
free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, remote attackers can inject ...
CVE-2026-27643
MEDIUM
6.6
free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, the NEF component reliably lea...
CVE-2025-47371
MEDIUM
6.5
Transient DOS when an LTE RLC packet with invalid TB is received by UE.
CVE-2025-47384
MEDIUM
6.5
Transient DOS when MAC configures config id greater than supported maximum value.
CVE-2026-28412
MEDIUM
6.5
Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to...
CVE-2024-10938
MEDIUM
6.5
The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives to prevent the execution of certain scripts while allowing execution of known ma...
CVE-2026-1626
MEDIUM
6.5
An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept...
CVE-2026-1627
MEDIUM
6.5
An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if...
CVE-2026-20733
MEDIUM
6.5
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
CVE-2026-20791
MEDIUM
6.5
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
CVE-2026-22878
MEDIUM
6.5
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
CVE-2026-22890
MEDIUM
6.5
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
CVE-2026-24488
MEDIUM
6.5
OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax ...
CVE-2026-25774
MEDIUM
6.5
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
CVE-2026-27734
MEDIUM
6.5
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "conta...
CVE-2026-27773
MEDIUM
6.5
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
CVE-2026-27793
MEDIUM
6.5
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Prior to version 3.1.0, the `GET /api/v1/user/:id` endpoint returns the full settings object for any user, inc...
CVE-2026-28271
MEDIUM
6.5
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration functionality allows bypassing of SSRF protections through DNS rebinding attacks. Maliciou...
CVE-2026-28352
MEDIUM
6.5
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.11, the API endpoint used to manage event series is missing an...
CVE-2026-28424
MEDIUM
6.5
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, user email addresses were included in responses from the user fieldtype’s data endpoint for...
CVE-2026-26077
MEDIUM
6.5
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook endpoints (SendGrid, Mailjet, Mandrill, Postmark, SparkPost) in the `WebhooksContr...
CVE-2026-26934
MEDIUM
6.5
Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Service via Input Data Manipulation (CAPEC-15...
CVE-2026-26935
MEDIUM
6.5
Improper Input Validation (CWE-20) in the internal Content Connectors search endpoint in Kibana can lead Denial of Service via Input Data Manipulation (CAPEC-153)
CVE-2026-26937
MEDIUM
6.5
Uncontrolled Resource Consumption (CWE-400) in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation (CAPEC-153)
CVE-2026-27829
MEDIUM
6.5
Astro is a web framework. In versions 9.0.0 through 9.5.3, a bug in Astro's image pipeline allows bypassing `image.domains` / `image.remotePatterns` restrictions, enabling the server to fetch content ...
CVE-2026-27943
MEDIUM
6.5
OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, the eye exam (eye_mag) view loads data by `form_id` (or ...
CVE-2026-28217
MEDIUM
6.5
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, the `userCollection` GraphQL query accepts an arbitrary collection ID and returns the full collection data — includin...
CVE-2026-28226
MEDIUM
6.5
Phishing Club is a phishing simulation and man-in-the-middle framework. Prior to version 1.30.2, an authenticated SQL injection vulnerability exists in the GetOrphaned recipient listing endpoint in ve...
CVE-2025-3525
MEDIUM
6.5
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have, under certain circumstances, allowed an authen...
CVE-2026-20036
MEDIUM
6.5
A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary comm...
CVE-2026-20133
MEDIUM
6.5
A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to view sensitive information on an affected system.
This vulnerability is due to insufficient file ...
CVE-2026-24896
MEDIUM
6.5
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in OpenEMR’s edih_main.php...
CVE-2026-25124
MEDIUM
6.5
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the OpenEMR application is vulnerable to an access control flaw that al...
CVE-2026-25929
MEDIUM
6.5
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the document controller’s `patient_picture` context serves the patient’...
CVE-2026-25930
MEDIUM
6.5
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form (LBF) printable view accepts `formid` and `visiti...
CVE-2026-2845
MEDIUM
6.5
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of...
CVE-2026-3118
MEDIUM
6.5
A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user c...
CVE-2026-21864
MEDIUM
6.5
Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter (Module) data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a sp...
CVE-2026-25897
MEDIUM
6.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in the sun decoder. On...
CVE-2026-25898
MEDIUM
6.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index v...
CVE-2026-25982
MEDIUM
6.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the `coders/d...
CVE-2026-26284
MEDIUM
6.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huff...
CVE-2026-26981
MEDIUM
6.5
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4...
CVE-2026-27567
MEDIUM
6.5
Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery (SSRF) vulnerability exists in Payload's external file upload functionality. When p...
CVE-2026-2583
MEDIUM
6.4
The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the `blocksy_meta` metadata fields in all versions up to, and including, 2.1.30 due to insufficient input sanitization ...
CVE-2025-14040
MEDIUM
6.4
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. Thi...
CVE-2025-14142
MEDIUM
6.4
The Electric Enquiries plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button' parameter of the electric-enquiry shortcode in all versions up to, and including, 1.1 due to i...
CVE-2025-14149
MEDIUM
6.4
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Scroller widget box link attribute in all versions up to, and incl...
CVE-2026-2362
MEDIUM
6.4
The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the 'alt' attribute of images processed by the "Long Description UI" feature in all versions up to,...
CVE-2026-2383
MEDIUM
6.4
The Simple Download Monitor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and ou...
CVE-2026-27810
MEDIUM
6.4
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Serv...
CVE-2026-2029
MEDIUM
6.4
The Livemesh Addons for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `[labb_pricing_item]` shortcode's `title` and `value` attributes in all versions up to,...
CVE-2026-27510
MEDIUM
6.4
Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection...
CVE-2026-27735
MEDIUM
6.4
Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). In mcp-server-git versions prior to 2026.1.14, the git_add tool did not validate that ...
CVE-2026-1614
MEDIUM
6.4
The Rise Blocks – A Complete Gutenberg Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘logoTag’ Site Identity block attribute in all versions up to, and includi...
CVE-2026-2367
MEDIUM
6.4
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ays_block' shortcode in all versions up to, and including, 5....
CVE-2025-11950
MEDIUM
6.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KNOWHY Advanced Technology Trading Ltd. Co. EduAsist allows Reflected XSS.This issue affect...
CVE-2025-13327
MEDIUM
6.3
A flaw was found in uv. This vulnerability allows an attacker to execute malicious code during package resolution or installation via specially crafted ZIP (Zipped Information Package) archives that e...
CVE-2026-23747
MEDIUM
6.3
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helper...
CVE-2026-23748
MEDIUM
6.3
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB State string parsing. When processing a string payload, a payload_size value les...
CVE-2026-26227
MEDIUM
6.3
VideoLAN VLC for Android prior to version 3.7.0 contain an authentication bypass in the Remote Access Server feature due to missing or insufficient rate limiting on one-time password (OTP) verificatio...
CVE-2026-27837
MEDIUM
6.3
Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 contain an incomplete fix for CVE-2023-26132. The prototype pollution guard introduced in commit `7d3a...
CVE-2026-3192
MEDIUM
6.3
A security vulnerability has been detected in Chia Blockchain 2.1.0. This issue affects the function _authenticate of the file rpc_server_base.py of the component RPC Credential Handler. The manipulat...
CVE-2026-28399
MEDIUM
6.2
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Creator role can inject arbitrary SQL via the DATEADD formula's unit parameter. This iss...
CVE-2026-22721
MEDIUM
6.2
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative ac...
CVE-2026-27691
MEDIUM
6.2
iccDEV provides a set of libraries and tools for working with ICC color management profiles. In versions up to and including 2.3.1.4, signed integer overflow in iccFromCube.cpp during multiplication t...
CVE-2025-14963
MEDIUM
6.2
A vulnerability identified in the Trellix HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Ow...
CVE-2026-25971
MEDIUM
6.2
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs,...
CVE-2026-26066
MEDIUM
6.2
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infini...
CVE-2026-26283
MEDIUM
6.2
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a `continue` statement in the JPEG extent binary search loop in...
CVE-2025-65465
MEDIUM
6.1
A reflected Cross-Site Scripting (XSS) vulnerability in the RaiseError function of Skrol29 TbsZip version 2.17 and earlier allows remote attackers to execute arbitrary web script or HTML via a crafted...
CVE-2026-22722
MEDIUM
6.1
A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in...
CVE-2026-2506
MEDIUM
6.1
The EM Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to the plugin storing attacker-controlled 'customer_name' ...
CVE-2026-28280
MEDIUM
6.1
osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting (XSS) vulnerability exists in the `osctrl-admin` on-demand query list. A user with query-level permissio...
CVE-2026-24847
MEDIUM
6.1
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected...
CVE-2026-25734
MEDIUM
6.1
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. Versions prior to 35.8.3, 38.5.4, and 39.3.1 hav...
CVE-2026-25735
MEDIUM
6.1
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. Versions prior to 35.8.3, 38.5.4, and 39.3.1 hav...
CVE-2026-25736
MEDIUM
6.1
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. Versions prior to 35.8.3, 38.5.4, and 39.3.1 hav...
CVE-2026-27116
MEDIUM
6.1
Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, a reflected HTML injection vulnerability exists in the Projects module where the `filter` URL parameter is rende...
CVE-2026-27612
MEDIUM
6.1
Repostat is a React component to fetch and display GitHub repository info. Prior to version 1.0.1, the `RepoCard` component is vulnerable to Reflected Cross-Site Scripting (XSS). The vulnerability occ...
CVE-2026-27645
MEDIUM
6.1
changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, the RSS single-watch endpoint reflects the UUID path parameter directly in the HTTP response body ...
CVE-2026-27736
MEDIUM
6.1
BigBlueButton is an open-source virtual classroom. In versions on the 3.x branch prior to 3.0.20, the string received with errorRedirectUrl lacks validation, using it directly in the respondWithRedire...
CVE-2026-27156
MEDIUM
6.1
NiceGUI is a Python-based UI framework. Prior to version 3.8.0, several NiceGUI APIs that execute methods on client-side elements (`Element.run_method()`, `AgGrid.run_grid_method()`, `EChart.run_chart...
CVE-2026-0689
MEDIUM
6.0
In ExtremeCloud IQ – Site Engine (XIQ‑SE) before 26.2.10, a vulnerability in the NAC administration interface allows an authenticated NAC administrator to retrieve masked sensitive parameters from HTT...
CVE-2026-24498
MEDIUM
6.0
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. Ip...
CVE-2026-22715
MEDIUM
5.9
VMWare Workstation and Fusion contain a logic flaw in the management of network packets.
Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt...
CVE-2026-28208
MEDIUM
5.9
Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in `LocalFolderExtractor` allows an attacker to write arbitrary files with attacker-...
CVE-2026-28269
MEDIUM
5.9
Kiteworks is a private data network (PDN). Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file l...
CVE-2026-0704
MEDIUM
5.9
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to ...
CVE-2026-27629
MEDIUM
5.9
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch...
CVE-2026-25966
MEDIUM
5.9
ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard st...
CVE-2026-27126
MEDIUM
5.9
Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, a stored Cross-site Scripting (XSS) vulnerability exists in the `editableTable.twig` com...
CVE-2026-27571
MEDIUM
5.9
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compr...
CVE-2026-27729
MEDIUM
5.9
Astro is a web framework. In versions 9.0.0 through 9.5.3, Astro server actions have no default request body size limit, which can lead to memory exhaustion DoS. A single large POST to a valid action ...
CVE-2026-27808
MEDIUM
5.8
Mailpit is an email testing tool and API for developers. Prior to version 1.29.2, the Link Check API (/api/v1/message/{ID}/link-check) is vulnerable to Server-Side Request Forgery (SSRF). The server p...
CVE-2025-1787
MEDIUM
5.8
Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privile...
CVE-2025-1789
MEDIUM
5.8
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.
CVE-2026-28354
MEDIUM
5.7
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify ano...
CVE-2026-26932
MEDIUM
5.7
Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially crafte...
CVE-2026-27638
MEDIUM
5.7
Actual is a local-first personal finance tool. Prior to version 26.2.1, in multi-user mode (OpenID), the sync API endpoints (`/sync/*`) don't verify that the authenticated user owns or has access to t...
CVE-2026-24487
MEDIUM
5.7
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the FHIR CareTeam resource end...
CVE-2026-25220
MEDIUM
5.7
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Message Center accepts the URL parameter `show_all=yes` and passes ...
CVE-2025-47904
MEDIUM
5.7
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.
CVE-2026-25797
MEDIUM
5.7
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails ...
CVE-2026-27129
MEDIUM
5.7
Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation uses `gethostbyname()`, which ...
CVE-2026-28231
MEDIUM
5.5
pillow_heif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of `_pillow_heif.c` allows an attac...
CVE-2026-28288
MEDIUM
5.5
Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-existent accounts differ, allowing an attacker to enumerate email addresses registe...
CVE-2026-20107
MEDIUM
5.5
A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, local attacker to cause an affected device to reload unexpe...
CVE-2026-25942
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_execute_result` indexes the global `error_code_names[]` array (7 elements, indices 0–6) with a...
CVE-2026-25952
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_SetWindowMinMaxInfo` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` in `xf_rail_s...
CVE-2026-25953
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reads from a freed `xfAppWindow` because the RDPGFX DVC thread obtains a bare ...
CVE-2026-25954
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_local_move_size` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` retur...
CVE-2026-25955
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surfac...
CVE-2026-25959
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_cliprdr_provide_data_` passes freed `pDstData` to `XChangeProperty` because the cliprdr channel thread cal...
CVE-2026-25997
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipboard_format_equal` reads freed `lastSentFormats` memory because `xf_clipboard_formats_free` (called f...
CVE-2026-26104
MEDIUM
5.5
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method res...
CVE-2026-26271
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in `freerdp_image_copy_from_icon_data()` (libfreerdp/codec/color.c) can be triggered by craf...
CVE-2026-2636
MEDIUM
5.5
This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces ...
CVE-2026-26986
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail...
CVE-2026-27950
MEDIUM
5.5
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution ...
CVE-2026-3185
MEDIUM
5.5
A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the ar...
CVE-2026-3203
MEDIUM
5.5
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service
CVE-2025-62512
MEDIUM
5.5
Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely earlier 15.x releases, the password reset functionality in Piwigo allows an unauthenticated attacker to det...
CVE-2026-25882
MEDIUM
5.5
Fiber is an Express inspired web framework written in Go. A denial of service vulnerability exists in Fiber v2 and v3 that allows remote attackers to crash the application by sending requests to route...
CVE-2026-27117
MEDIUM
5.5
bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.11, a path traversal vulnerability ("Zip Slip") exists in bit7z's archive ext...
CVE-2026-27653
MEDIUM
5.4
The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges.
CVE-2026-27792
MEDIUM
5.4
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. A missing authorization vulnerability has been identified in the application starting in version 2.7.0 and pri...
CVE-2026-26207
MEDIUM
5.4
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `discourse-policy` plugin allows any authenticated user to interact with policies on posts they do...
CVE-2026-27948
MEDIUM
5.4
Copyparty is a portable file server. In versions prior to 1.20.9, an XSS allows for reflected cross-site scripting via URL-parameter `?setck=...`. Version 1.20.9 fixes the issue.
CVE-2026-20122
MEDIUM
5.4
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the atta...
CVE-2026-2694
MEDIUM
5.4
The The Events Calendar plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to an improper capability check on the 'can_edit' and 'can_delete' function in all ...
CVE-2026-23858
MEDIUM
5.4
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with rem...
CVE-2024-50337
MEDIUM
5.3
Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL on server's behalf, which results in unauthenticated blind SSRF. This i...
CVE-2025-15597
MEDIUM
5.3
A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads ...
CVE-2025-58405
MEDIUM
5.3
The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an ...
CVE-2025-58406
MEDIUM
5.3
The CGM CLININET application respond without essential security HTTP headers, exposing users to client‑side attacks such as clickjacking, MIME sniffing, unsafe caching, weak cross‑origin isolation, an...
CVE-2026-23865
MEDIUM
5.3
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tab...
CVE-2026-28357
MEDIUM
5.3
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, a stored XSS vulnerability exists in the Formula virtual cell. Formula results containing URI::() patterns are rend...
CVE-2026-28359
MEDIUM
5.3
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Editor role can inject arbitrary HTML into Rich Text cells by bypassing the TipTap edito...
CVE-2026-28397
MEDIUM
5.3
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, comments rendered via v-html without sanitization enable stored XSS. This issue has been patched in version 0.301.3...
CVE-2026-28398
MEDIUM
5.3
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, user-controlled content in comments and rich text cells was rendered via v-html without sanitization, enabling stor...
CVE-2026-28401
MEDIUM
5.3
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, rich text cell content rendered via v-html without sanitization enables stored XSS. This issue has been patched in ...
CVE-2026-3408
MEDIUM
5.3
A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to...
CVE-2026-3412
MEDIUM
5.3
A vulnerability was detected in itsourcecode University Management System 1.0. This affects an unknown part of the file /att_single_view.php. The manipulation of the argument dt results in cross site ...
CVE-2026-28554
MEDIUM
5.3
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to approve or unapprove any forum post via the wpforo_approve_ajax AJAX handler. Attackers expl...
CVE-2026-28555
MEDIUM
5.3
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to close or reopen any forum topic via the wpforo_close_ajax handler. Attackers submit a valid ...
CVE-2026-28556
MEDIUM
5.3
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to move, merge, or split any forum topic via the topic_move, topic_merge, and topic_split form ...
CVE-2026-1305
MEDIUM
5.3
The Japanized for WooCommerce plugin for WordPress is vulnerable to Improper Authentication in versions up to, and including, 2.8.4. This is due to a flawed permission check in the `paidy_webhook_perm...
CVE-2026-1558
MEDIUM
5.3
The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference (IDOR) in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integratio...
CVE-2026-27759
MEDIUM
5.3
Featured Image from Content (featured-image-from-content) WordPress plugin versions prior to 1.7 contain an authenticated server-side request forgery vulnerability that allows Author-level users to fe...
CVE-2026-27824
MEDIUM
5.3
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban ke...
CVE-2026-28419
MEDIUM
5.3
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file whe...
CVE-2026-28421
MEDIUM
5.3
Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unva...
CVE-2026-3269
MEDIUM
5.3
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessio...
CVE-2026-3270
MEDIUM
5.3
A vulnerability has been found in psi-probe PSI Probe up to 5.3.0. This affects the function lookup of the file psi-probe-core/src/main/java/psiprobe/tools/Whois.java of the component Whois. The manip...
CVE-2026-3286
MEDIUM
5.3
A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/im...
CVE-2026-3287
MEDIUM
5.3
A security flaw has been discovered in youlaitech youlai-mall 2.0.0. This affects the function listPagedSpuForApp of the file mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/controller/app/SpuCont...
CVE-2026-3289
MEDIUM
5.3
A weakness has been identified in Sanluan PublicCMS 6.202506.d. This impacts the function saveMetadata of the file TemplateCacheComponent.java of the component Template Cache Generation. Executing a m...
CVE-2026-3292
MEDIUM
5.3
A security vulnerability has been detected in jizhiCMS up to 2.5.6. Affected is the function findAll in the library frphp/lib/Model.php of the component Batch Interface. The manipulation of the argume...
CVE-2026-3302
MEDIUM
5.3
A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing ...
CVE-2026-1692
MEDIUM
5.3
A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3...
CVE-2026-1693
MEDIUM
5.3
The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue features of PcVue in version 12.0.0 throug...
CVE-2026-1695
MEDIUM
5.3
An XSS vulnerability affects the OAuth web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It might allow a remote attacker...
CVE-2026-1697
MEDIUM
5.3
The Secure and SameSite attribute are missing in the GraphicalData web services and WebClient web app of PcVue in version 12.0.0 through 16.3.3 included.
CVE-2026-1698
MEDIUM
5.3
A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included, allowing a remote attacker to inject harmful payloads that m...
CVE-2026-2356
MEDIUM
5.3
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including,...
CVE-2026-27884
MEDIUM
5.3
NetExec is a network execution tool. Prior to version 1.5.1, the module spider_plus improperly creates the output file and folder path when saving files from SMB shares. It does not take into account ...
CVE-2026-27901
MEDIUM
5.3
Svelte performance oriented web framework. Prior to version 5.53.5, the contents of `bind:innerText` and `bind:textContent` on `contenteditable` elements were not properly escaped. This could enable H...
CVE-2026-27902
MEDIUM
5.3
Svelte performance oriented web framework. Prior to version 5.53.5, errors from `transformError` were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection...
CVE-2026-28218
MEDIUM
5.3
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, fail-open access control in Data Explorer plugin allows any authenticated user to execute SQL quer...
CVE-2026-28225
MEDIUM
5.3
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the `get_model` method in `ModelFilesCont...
CVE-2026-3262
MEDIUM
5.3
A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected is an unknown function of the component Administrative Interface. Such manipulatio...
CVE-2026-3263
MEDIUM
5.3
A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown functionality of the file /api/Security/ of the com...
CVE-2026-3264
MEDIUM
5.3
A vulnerability was determined in go2ismail Free-CRM up to b83c40a90726d5e58f0cc680ffdcaa28a03fb5d1. Affected by this issue is some unknown functionality of the component Administrative Interface. Exe...
CVE-2026-3265
MEDIUM
5.3
A vulnerability was identified in go2ismail Free-CRM up to b83c40a90726d5e58f0cc680ffdcaa28a03fb5d1. This affects an unknown part of the file /api/Security/ of the component Security API. The manipula...
CVE-2026-3268
MEDIUM
5.3
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeC...
CVE-2026-1725
MEDIUM
5.3
GitLab has remediated an issue in GitLab CE/EE affecting versions from 18.9 before 18.9.1 that could have under certain conditions, allowed an unauthenticated user to cause denial of service by sendin...
CVE-2026-25138
MEDIUM
5.3
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. Prior to versions 35.8.3, 38.5.4, and 39.3.1, th...
CVE-2026-27951
MEDIUM
5.3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function `Stream_EnsureCapacity` can create an endless blocking loop. This may affect all client and serve...
CVE-2026-2878
MEDIUM
5.3
In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filena...
CVE-2026-3149
MEDIUM
5.3
A weakness has been identified in itsourcecode College Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/asign-single-student-subjects.php. Executing a man...
CVE-2026-3150
MEDIUM
5.3
A security vulnerability has been detected in itsourcecode College Management System 1.0. This affects an unknown part of the file /admin/display-teacher.php. The manipulation of the argument teacher_...
CVE-2026-3163
MEDIUM
5.3
A vulnerability has been found in SourceCodester Website Link Extractor 1.0. This vulnerability affects the function file_get_contents of the component URL Handler. The manipulation leads to server-si...
CVE-2026-3186
MEDIUM
5.3
A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the compon...
CVE-2026-3187
MEDIUM
5.3
A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this issue is some unknown functionality of the file /api/admin/sys-file/upload of the component API Endpoin...
CVE-2026-3188
MEDIUM
5.3
A security flaw has been discovered in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This affects an unknown part of the file /api/admin/common/download/templates of the component API. Performing a ma...
CVE-2026-3209
MEDIUM
5.3
A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper a...
CVE-2026-1772
MEDIUM
5.3
RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via the RTU500 web user interface but requires further tools like browser developmen...
CVE-2026-23969
MEDIUM
5.3
Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included re...
CVE-2026-23980
MEDIUM
5.3
Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability in Apache Superset allows an authenticated user with read access to conduct error-based SQL injection ...
CVE-2026-24484
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to...
CVE-2026-25637
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR image writer allows an attacker to exhaust process...
CVE-2026-25638
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in `coders/msl.c`. In the `WriteMSLImage` fu...
CVE-2026-25795
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSFWImage()` (`coders/sfw.c`), when temporary file creat...
CVE-2026-25796
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` I...
CVE-2026-25798
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows ...
CVE-2026-25799
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an inval...
CVE-2026-25969
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a ...
CVE-2026-25970
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL ...
CVE-2026-25983
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operat...
CVE-2026-25986
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability exists in ReadYUVIma...
CVE-2026-25987
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image d...
CVE-2026-25988
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is...
CVE-2026-26983
MEDIUM
5.3
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid `<map>` e...
CVE-2026-3043
MEDIUM
5.3
A flaw has been found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/navbar.php. Executing a manipulation of the argument page can lead to ...
CVE-2026-3049
MEDIUM
5.3
A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horilla_generics/global_search.py of the component Query Parameter Handler. The ...
CVE-2026-3051
MEDIUM
5.3
A vulnerability has been found in DataLinkDC dinky up to 1.2.5. The affected element is the function getProjectDir of the file dinky-admin/src/main/java/org/dinky/utils/GitRepository.java of the compo...
CVE-2026-3052
MEDIUM
5.3
A vulnerability was found in DataLinkDC dinky up to 1.2.5. The impacted element is the function proxyUba of the file dinky-admin/src/main/java/org/dinky/controller/FlinkProxyController.java of the com...
CVE-2026-3054
MEDIUM
5.3
A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely...
CVE-2026-3057
MEDIUM
5.3
A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the function dateTotalForProject of the file application/common/Model/Task.php of the component Backend Interf...
CVE-2026-3064
MEDIUM
5.3
A security vulnerability has been detected in HummerRisk up to 1.5.0. Affected by this issue is some unknown functionality of the file ResourceCreateService.java of the component Cloud Task Scheduler....
CVE-2026-3065
MEDIUM
5.3
A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing...
CVE-2026-3066
MEDIUM
5.3
A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUt...
CVE-2026-3067
MEDIUM
5.3
A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/util...
CVE-2026-3070
MEDIUM
5.3
A vulnerability was detected in SourceCodester Modern Image Gallery App 1.0. Affected by this vulnerability is an unknown functionality of the file upload.php. The manipulation of the argument filenam...
CVE-2026-3101
MEDIUM
5.3
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be exe...
CVE-2026-3102
MEDIUM
5.3
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulatio...
CVE-2025-5781
MEDIUM
5.2
Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager, Hitachi Device Manager allows Session Hijacking.This issue affects Hitachi Ops Center...
CVE-2025-52475
MEDIUM
5.1
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability in the admin/user_list.php endpoint. The keyword_inactive parameter is ...
CVE-2025-52476
MEDIUM
5.1
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability due to improper sanitization of the keyword_active parameter in admin/u...
CVE-2025-52563
MEDIUM
5.1
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability due to insufficient sanitization of the page parameter in the session/a...
CVE-2026-28558
MEDIUM
5.1
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows authenticated subscribers to upload SVG files as profile avatars through the avatar upload functionality. Attackers...
CVE-2025-15567
MEDIUM
5.1
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure.
CVE-2026-1434
MEDIUM
5.1
Omega-PSIR is vulnerable to Reflected XSS via the lang parameter. An attacker can craft a malicious URL that, when opened, causes arbitrary JavaScript to execute in the victim’s browser.
This issue w...
CVE-2026-24350
MEDIUM
5.1
PluXml CMS is vulnerable to Stored XSS in file uploading functionality. An authenticated attacker can upload an SVG file containing a malicious payload, which will be executed when a victim clicks the...
CVE-2026-24351
MEDIUM
5.1
PluXml CMS is vulnerable to Stored XSS in Static Pages editing functionality. Attacker with editing privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visit...
CVE-2026-27756
MEDIUM
5.1
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting vulnerability in the management interface where user input is not properly encoded before output. At...
CVE-2026-27758
MEDIUM
5.1
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a cross-site request forgery vulnerability in its management interface that allows attackers to induce authenticated users into submi...
CVE-2026-26186
MEDIUM
5.1
Fleet is open source device management software. A SQL injection vulnerability in versions prior to 4.80.1 allowed authenticated users to inject arbitrary SQL expressions via the `order_key` query par...
CVE-2026-27709
MEDIUM
5.1
NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, NanaZip’s `.NET Single File Application` parser has an out-of-bounds read vulner...
CVE-2026-27710
MEDIUM
5.1
NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, a denial-of-service vulnerability exists in NanaZip’s `.NET Single File Applicat...
CVE-2026-27711
MEDIUM
5.1
NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, a memory corruption vulnerability in NanaZip’s UFS parser allows a crafted `.ufs...
CVE-2026-27746
MEDIUM
5.1
The SPIP jeux plugin versions prior to 4.1.1 contain a reflected cross-site scripting (XSS) vulnerability in the pre_propre pipeline. The plugin incorporates untrusted request parameters into HTML out...
CVE-2026-3171
MEDIUM
5.1
A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /queue.php. This manipul...
CVE-2025-15589
MEDIUM
5.1
A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file application/admin/controller/Template.php of the component Template Management Page. This manipulati...
CVE-2026-25576
MEDIUM
5.1
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw im...
CVE-2026-27517
MEDIUM
5.1
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized user input in the web interface, allowing an attacker to inject and execute arbitrary JavaScript in ...
CVE-2026-27518
MEDIUM
5.1
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior lack CSRF protections for state-changing actions in the administrative interface. An attacker can trick an authenticated...
CVE-2026-27568
MEDIUM
5.1
WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video comments and uses Parsedown (v1.7.4) without Safe Mode enabled. Markdown links are not sufficiently...
CVE-2026-3050
MEDIUM
5.1
A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an unknown function of the file static/assets/js/global.js of the component Leads Module. This manipulation of the argument...
CVE-2025-9572
MEDIUM
5.0
n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the Graph...
CVE-2026-27900
MEDIUM
5.0
The Terraform Provider for Linode versions prior to v3.9.0 logged sensitive information including some passwords, StackScript content, and object storage data in debug logs without redaction. Provider...
CVE-2026-2479
MEDIUM
5.0
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.1. This is due to the use of `strpos()` for substring-base...
CVE-2026-27015
MEDIUM
5.0
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in `smartcard_unpack_read_size_align()` (`libfreerdp/utils/smartcard_pack.c:1703`) allo...
CVE-2026-28361
MEDIUM
4.9
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate...
CVE-2026-28396
MEDIUM
4.9
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password reset flow did not revoke existing refresh tokens, allowing an attacker with a previously stolen refre...
CVE-2026-0871
MEDIUM
4.9
A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. ...
CVE-2026-28270
MEDIUM
4.9
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators co...
CVE-2026-2831
MEDIUM
4.9
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter a...
CVE-2026-22728
MEDIUM
4.9
Bitnami Sealed Secrets is vulnerable to a scope-widening attack during
the secret rotation (/v1/rotate) flow. The rotation handler derives the
sealing scope for the newly encrypted output from untrust...
CVE-2026-26936
MEDIUM
4.9
Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup (CAPEC-492).
CVE-2026-27149
MEDIUM
4.9
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, SQL injection in PM tag filtering (`list_private_messages_tag`) allows bypassing tag filter condit...
CVE-2026-27162
MEDIUM
4.9
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `posts_nearby` was checking topic access but then returning all posts regardless of type, includin...
CVE-2026-27954
MEDIUM
4.9
Live Helper Chat is an open-source application that enables live support websites. In versions up to and including 4.52, three chat action endpoints (holdaction.php, blockuser.php, and transferchat.p...
CVE-2026-27705
MEDIUM
4.9
Plane is an an open-source project management tool. Prior to version 1.2.2, the `ProjectAssetEndpoint.patch()` method in `apps/api/plane/app/views/asset/v2.py` (lines 579–593) performs a global asset ...
CVE-2025-11845
MEDIUM
4.9
A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions throug...
CVE-2025-11846
MEDIUM
4.9
A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50...
CVE-2025-11847
MEDIUM
4.9
A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL...
CVE-2025-11848
MEDIUM
4.9
A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B firmware version through 5.50(ABPM.9.6)C0 and the Zyxel WX3100-T0 firmware versions through 5.50(ABVL....
CVE-2025-50186
MEDIUM
4.8
Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists due to insufficient sanitization of CSV filenames. An attacker can upload a ...
CVE-2025-52470
MEDIUM
4.8
Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists in the session_category_add.php script. The vulnerability is caused by impro...
CVE-2026-3402
MEDIUM
4.8
A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the argu...
CVE-2026-3403
MEDIUM
4.8
A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Sub...
CVE-2026-3407
MEDIUM
4.8
A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes he...
CVE-2026-3382
MEDIUM
4.8
A security flaw has been discovered in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::Boxed_Number::get_as of the file include/chaiscript/dispatchkit/boxed_number.hpp. Perfor...
CVE-2026-3383
MEDIUM
4.8
A weakness has been identified in ChaiScript up to 6.1.0. This affects the function chaiscript::Boxed_Number::go of the file include/chaiscript/dispatchkit/boxed_number.hpp. Executing a manipulation c...
CVE-2026-3384
MEDIUM
4.8
A security vulnerability has been detected in ChaiScript up to 6.1.0. This impacts the function chaiscript::eval::AST_Node_Impl::eval/chaiscript::eval::Function_Push_Pop of the file include/chaiscript...
CVE-2026-3385
MEDIUM
4.8
A vulnerability was detected in wren-lang wren up to 0.4.0. Affected is the function resolveLocal of the file src/vm/wren_compiler.c. The manipulation results in uncontrolled recursion. Attacking loca...
CVE-2026-3386
MEDIUM
4.8
A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wren_compiler.c. This manipulation causes out-of-bounds read. It is possib...
CVE-2026-3387
MEDIUM
4.8
A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wren_compiler.c. Such manipulation leads to null pointe...
CVE-2026-3388
MEDIUM
4.8
A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled...
CVE-2026-3389
MEDIUM
4.8
A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstd_rex_newnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer ...
CVE-2026-3390
MEDIUM
4.8
A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patch_line_end of the file src/lily_build_error.c of the component Error Reporting. The manipulation lea...
CVE-2026-3391
MEDIUM
4.8
A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function clear_storages of the file src/lily_emitter.c. The manipulation results in out-of-bounds read. The attack ...
CVE-2026-3392
MEDIUM
4.8
A weakness has been identified in FascinatedBox lily up to 2.3. The affected element is the function eval_tree of the file src/lily_emitter.c. This manipulation causes null pointer dereference. The at...
CVE-2026-3393
MEDIUM
4.8
A security vulnerability has been detected in jarikomppa soloud up to 20200207. The impacted element is the function SoLoud::Wav::loadflac of the file src/audiosource/wav/soloud_wav.cpp of the compone...
CVE-2026-3394
MEDIUM
4.8
A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloud_wav.cpp of the component WAV File Parser. Perfor...
CVE-2026-28560
MEDIUM
4.8
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows script injection via forum URL data output into an inline script block using json_encode without the JSON_HEX_TAG f...
CVE-2026-28561
MEDIUM
4.8
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows administrators to inject persistent JavaScript via forum description fields echoed without output escaping across m...
CVE-2026-24352
MEDIUM
4.8
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
...
CVE-2026-3281
MEDIUM
4.8
A vulnerability was detected in libvips 8.19.0. This affects the function vips_bandrank_build of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap...
CVE-2026-3284
MEDIUM
4.8
A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the file libvips/conversion/extract.c. The manipulation of the argument extract_area results in integer...
CVE-2026-3293
MEDIUM
4.8
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanne...
CVE-2026-3327
MEDIUM
4.8
Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated user to circumvent the restriction enforced on the configured frontend URL, enablin...
CVE-2026-2677
MEDIUM
4.8
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/representatives-management' endpoint, which could allow an attacke...
CVE-2026-2678
MEDIUM
4.8
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/customers' endpoint, which could allow an attack...
CVE-2026-2679
MEDIUM
4.8
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInvoices' endpoint, which could allow an attacker to ...
CVE-2026-2680
MEDIUM
4.8
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es/#/incomes/salesDeliveryNotes' endpoint, which could allow an at...
CVE-2026-27963
MEDIUM
4.8
Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arb...
CVE-2026-27974
MEDIUM
4.8
Audiobookshelf is a self-hosted audiobook and podcast server. A cross-site scripting (XSS) vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows ar...
CVE-2026-20091
MEDIUM
4.8
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS)...
CVE-2026-3137
MEDIUM
4.8
A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food_ordering.exe. Such manipulation leads to stack-based buffer overflow...
CVE-2026-3145
MEDIUM
4.8
A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. Executi...
CVE-2026-3146
MEDIUM
4.8
A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. The manipulation leads to null po...
CVE-2026-3147
MEDIUM
4.8
A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. ...
CVE-2026-3170
MEDIUM
4.8
A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected is an unknown function of the file /patient-search.php. The manipulation of the...
CVE-2026-26351
MEDIUM
4.8
GetSimpleCMS Community Edition (CE) version 3.3.16 contains a stored cross-site scripting (XSS) vulnerability in the Theme to Components functionality within components.php. User-supplied input provid...
CVE-2026-27468
MEDIUM
4.8
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, ac...
CVE-2025-0976
MEDIUM
4.7
Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before...
CVE-2026-3201
MEDIUM
4.7
USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service
CVE-2026-3202
MEDIUM
4.7
NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service
CVE-2026-1628
MEDIUM
4.6
Mattermost Desktop App versions <=5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functional...
CVE-2026-27477
MEDIUM
4.6
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, an...
CVE-2026-25135
MEDIUM
4.5
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 have an information disclosure vulnerability that leaks the entire cont...
CVE-2026-28417
MEDIUM
4.4
Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a c...
CVE-2026-28418
MEDIUM
4.4
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malfo...
CVE-2026-28420
MEDIUM
4.4
Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combin...
CVE-2026-2489
MEDIUM
4.4
The TP2WP Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Watched domains' textarea on the attachment importer settings page in all versions up to, and including, 1...
CVE-2026-2498
MEDIUM
4.4
The WP Social Meta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output es...
CVE-2026-2499
MEDIUM
4.4
The Custom Logo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.2 due to insufficient input sanitization and output escapin...
CVE-2026-20037
MEDIUM
4.4
A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions ...
CVE-2026-20797
MEDIUM
4.3
A stack based buffer overflow exists in an API route of XWEB Pro version
1.12.1 and prior, enabling unauthenticated attackers to cause stack
corruption and a termination of the program.
CVE-2026-28415
MEDIUM
4.3
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query param...
CVE-2026-26973
MEDIUM
4.3
Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR (Insecure Direct Object Reference) in `ReviewableNotesController`. When `enable_catego...
CVE-2026-27457
MEDIUM
4.3
Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's `AddonViewSet` (`weblate/api/views.py`, line 2831) uses `queryset = Addon.objects.all()` without overriding `get_query...
CVE-2026-27835
MEDIUM
4.3
wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, `RepetitionsConfigViewSet` and `MaxRepetitionsConfigViewSet` return all users' repetition config data beca...
CVE-2026-27839
MEDIUM
4.3
wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, three `nutritional_values` action endpoints fetch objects via `Model.objects.get(pk=pk)` — a raw ORM call ...
CVE-2026-27840
MEDIUM
4.3
ZITADEL is an open source identity management platform. Starting in version 2.31.0 and prior to versions 3.4.7 and 4.11.0, opaque OIDC access tokens in the v2 format truncated to 80 characters are sti...
CVE-2026-27968
MEDIUM
4.3
Packistry is a self-hosted Composer repository designed to handle PHP package distribution. Prior to version 0.13.0, RepositoryAwareController::authorize() verified token presence and ability, but did...
CVE-2026-28295
MEDIUM
4.3
A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode (PASV) response. The client unconditio...
CVE-2026-28296
MEDIUM
4.3
A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed (CRLF) ...
CVE-2025-14103
MEDIUM
4.3
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-ro...
CVE-2025-14742
MEDIUM
4.3
The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax_search_recipes' and 'ajax_get_recipe' functions in all versions up ...
CVE-2026-1747
MEDIUM
4.3
GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-rol...
CVE-2026-2301
MEDIUM
4.3
The Post Duplicator plugin for WordPress is vulnerable to unauthorized arbitrary protected post meta insertion in all versions up to, and including, 3.0.8. This is due to the `duplicate_post()` functi...
CVE-2026-2410
MEDIUM
4.3
The Disable Admin Notices – Hide Dashboard Notifications plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing nonce vali...
CVE-2026-25941
MEDIUM
4.3
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the Fre...
CVE-2026-27695
MEDIUM
4.3
zae-limiter is a rate limiting library using the token bucket algorithm. Prior to version 0.10.1, all rate limit buckets for a single entity share the same DynamoDB partition key (`namespace/ENTITY#{i...
CVE-2026-28194
MEDIUM
4.3
In JetBrains TeamCity before 2025.11.3 open redirect was possible in the React project creation flow
CVE-2026-28195
MEDIUM
4.3
In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations
CVE-2026-24241
MEDIUM
4.3
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker could exploit an improper authentication issue. A successful exploit of this vulnerability mig...
CVE-2026-24314
MEDIUM
4.3
Under certain conditions SAP S/4HANA (Manage Payment Media) allows an authenticated attacker to access information which would otherwise be restricted. This could cause low impact on confidentiality o...
CVE-2026-27795
MEDIUM
4.1
LangChain is a framework for building LLM-powered applications. Prior to version 1.1.8, a redirect-based Server-Side Request Forgery (SSRF) bypass exists in `RecursiveUrlLoader` in `@langchain/communi...
CVE-2026-27798
MEDIUM
4.0
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability occurs when processing an...
CVE-2026-27799
MEDIUM
4.0
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image ...
CVE-2026-27973
MEDIUM
4.0
Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that a...
CVE-2025-67860
LOW
3.8
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials...
CVE-2026-22877
LOW
3.7
An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling unauthenticated attackers to read arbitrary files on
the system, and potentially causing a denial-of-servic...
CVE-2025-12150
LOW
3.1
A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and register untrusted or forged authenticators via su...
CVE-2026-27838
LOW
3.1
wger is a free, open-source workout and fitness manager. Five routine detail action endpoints check a cache before calling `self.get_object()`. In versions up to and including 2.4, ache keys are scope...
CVE-2026-1229
LOW
2.9
The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas.
ECDH and ECDSA signin...
CVE-2026-25884
LOW
2.7
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability ...
CVE-2026-27596
LOW
2.7
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulne...
CVE-2026-27631
LOW
2.7
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulne...
CVE-2026-28358
LOW
2.7
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password forgot endpoint returned different responses for registered and unregistered emails, allowing user enu...
CVE-2026-28360
LOW
2.7
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, shared view passwords were stored in plaintext in the database and compared using direct string equality. This issu...
CVE-2026-22716
LOW
2.7
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the ...
CVE-2026-22717
LOW
2.7
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the ...
CVE-2026-27942
LOW
2.7
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with st...
CVE-2026-22866
LOW
2.7
Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the `RSASHA256Algorithm` and `RSASHA1Algorithm` contract...
CVE-2024-48928
LOW
2.7
Piwigo is an open source photo gallery application for the web. In versions on the 14.x branch, when installing, the secret_key configuration parameter is set to MD5(RAND()) in MySQL. However, RAND() ...
CVE-2026-23859
LOW
2.7
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit ...
CVE-2026-21725
LOW
2.6
A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so.
This requires several very stringent conditions to ...
CVE-2026-27632
LOW
2.6
Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery (CSRF) protections on critical state...
CVE-2026-3401
LOW
2.3
A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the...
CVE-2026-3404
LOW
2.3
A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation...
CVE-2026-3405
LOW
2.3
A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possib...
CVE-2026-1694
LOW
2.3
HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features o...
CVE-2026-1696
LOW
2.3
Some HTTP security headers are not properly set by the web server when sending responses to the client application.
CVE-2026-26228
LOW
2.3
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is co...
CVE-2026-28196
LOW
2.3
In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk
CVE-2026-3189
LOW
2.3
A weakness has been identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This vulnerability affects unknown code of the file /api/admin/common/files/download. Executing a manipulation of the ar...
CVE-2026-3193
LOW
2.3
A vulnerability was detected in Chia Blockchain 2.1.0. Impacted is an unknown function of the file /send_transaction. The manipulation results in cross-site request forgery. The attack may be performe...
CVE-2026-23983
LOW
2.3
A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint (disabled by default) allows users to retrieve a...
CVE-2026-28422
LOW
2.2
Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a ver...
CVE-2026-23749
LOW
2.1
Golioth Firmware SDK version 0.19.1 prior to 0.22.0, fixed in commit 0e788217, contain an out-of-bounds read due to improper null termination of a blockwise transfer path. blockwise_transfer_init() ac...
CVE-2026-27945
LOW
2.1
ZITADEL is an open source identity management platform. Zitadel Action V2 (introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0) is a webhook based approach to allow developers act on ...
CVE-2026-21619
LOW
2.0
Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Objec...
CVE-2026-26997
LOW
2.0
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, a normal authenticated user can store the XSS payload. The payload is triggered by administrator. Version 5.5.3 #59 ...
CVE-2026-3194
LOW
2.0
A flaw has been found in Chia Blockchain 2.1.0. The affected element is the function send_transaction/get_private_key of the component RPC Server Master Passphrase Handler. This manipulation causes mi...
CVE-2026-3282
LOW
1.9
A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_build of the file libvips/conversion/unpremultiply.c. Executing a manipulation of the argument alpha...
CVE-2026-3283
LOW
1.9
A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_build of the file libvips/conversion/extract.c. The manipulation of the argument extract_band leads ...
CVE-2026-3285
LOW
1.9
A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scan_string of the file src/be_lexer.c. This manipulation causes out-of-bounds read. The attack req...
CVE-2026-24004
LOW
1.7
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollmen...
CVE-2026-28355
LOW
1.3
Canarytokens help track activity and actions on a network. Versions prior to `sha-7ff0e12` have a Self Cross-Site Scripting vulnerability in the "PWA" Canarytoken, whereby the Canarytoken's creator ca...
CVE-2026-27150
LOW
1.3
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, missing `validate_before_create` authorization in Data Explorer's `QueryGroupBookmarkable` allows ...
CVE-2026-27151
LOW
1.3
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the `move_posts` action only checked `can_move_posts?` on the source topic but never validated wri...
CVE-2026-27152
LOW
1.3
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, DM communication-preference bypass when adding members via `Chat::AddUsersToChannel` — a user coul...
CVE-2026-27153
LOW
1.3
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, moderators could export user Chat DMs via the CSV export endpoint by exploiting an overly permissi...
CVE-2026-27154
LOW
1.3
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, a user full name can be evaluated as raw HTML when the following settings are set: `display_name_o...
CVE-2026-27465
LOW
1.3
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s configuration API could expose Google Calendar service account credentials to authenticated use...
CVE-2026-28219
LOW
1.3
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an improper authorization check in the topic management logic allows authenticated users to modify...
CVE-2026-3206
LOW
1.3
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE (CircuitBreaker modules), KrakenD, SLU KrakenD-EE (CircuitBreaker modules). This issue affects KrakenD-CE: before 2.13.1;...
CVE-2026-25963
LOW
1.2
Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet’s certificate template deletion API could allow a team administrator to delete certi...
CVE-2026-28227
LOW
1.2
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users can publish topics into staff-only categories via the `publish_to_category` topic timer,...
CVE-2026-21443
LOW
1.2
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the `xl()` translation function returns unescaped strings. While wrappe...
CVE-2026-27628
LOW
1.2
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This h...
CVE-2026-23999
LOW
0.6
Fleet is open source device management software. In versions prior to 4.80.1, Fleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Becaus...
CVE-2024-31328
UNKNOWN
In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. T...
CVE-2024-43766
UNKNOWN
In multiple functions of btm_ble_sec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote (proximal/adjacent) information disclosure with no addit...
CVE-2025-32313
UNKNOWN
In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges n...
CVE-2025-48567
UNKNOWN
In multiple locations, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation...
CVE-2025-48568
UNKNOWN
In multiple locations, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...
CVE-2025-48574
UNKNOWN
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privileg...
CVE-2025-48577
UNKNOWN
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privile...
CVE-2025-48578
UNKNOWN
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITE_EXTERNAL_STORAGE permission due to a missing permission check. This could lead to local escalation of privilege...
CVE-2025-48579
UNKNOWN
In multiple functions of MediaProvider.java, there is a possible external storage write permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional ...
CVE-2025-48582
UNKNOWN
In multiple locations, there is a possible way to delete media without the MANAGE_EXTERNAL_STORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additi...
CVE-2025-48585
UNKNOWN
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional executi...
CVE-2025-48587
UNKNOWN
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional executi...
CVE-2025-48602
UNKNOWN
In exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privil...
CVE-2025-48605
UNKNOWN
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional executio...
CVE-2025-48609
UNKNOWN
In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to lo...
CVE-2025-48613
UNKNOWN
In VBMeta, there is a possible way to modify and resign VBMeta using a test key, assuming the original image was previously signed with the same key. This could lead to local escalation of privilege w...
CVE-2025-48619
UNKNOWN
In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privi...
CVE-2025-48630
UNKNOWN
In drawLayersInternal of SkiaRenderEngine.cpp, there is a possible way to access the GPU cache due to side channel information disclosure. This could lead to local escalation of privilege with no addi...
CVE-2025-48634
UNKNOWN
In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution priv...
CVE-2025-48635
UNKNOWN
In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additi...
CVE-2025-48636
UNKNOWN
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no addit...
CVE-2025-48641
UNKNOWN
In multiple functions of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User intera...
CVE-2025-48642
UNKNOWN
In jump_to_payload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges n...
CVE-2025-48644
UNKNOWN
In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. Use...
CVE-2025-48645
UNKNOWN
In loadDescription of DeviceAdminInfo.java, there is a possible persistent package due to improper input validation. This could lead to local escalation of privilege with no additional execution privi...
CVE-2025-48646
UNKNOWN
In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2025-48650
UNKNOWN
In multiple locations, there is a possible information disclosure due to SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio...
CVE-2025-48653
UNKNOWN
In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could lead to local escalation of privilege with no additional exe...
CVE-2025-48654
UNKNOWN
In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution pr...
CVE-2025-58107
UNKNOWN
In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-m...
CVE-2025-66880
UNKNOWN
Cross Site Scripting vulnerability in Wethink Technology Inc 720yun pano-sdk 0.5.877 allows a remote attacker to execute arbitrary code via the LoginComp (Module 2093) and SignupComp (Module 2094) mod...
CVE-2025-70252
UNKNOWN
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23_multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is wor...
CVE-2026-0005
UNKNOWN
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permi...
CVE-2026-0006
UNKNOWN
In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User int...
CVE-2026-0007
UNKNOWN
In writeToParcel of WindowInfo.cpp, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no add...
CVE-2026-0008
UNKNOWN
In multiple locations, there is a possible privilege escalation due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...
CVE-2026-0010
UNKNOWN
In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges...
CVE-2026-0011
UNKNOWN
In enableSystemPackageLPw of Settings.java, there is a possible way to prevent location access from working due to a logic error in the code. This could lead to local escalation of privilege with no a...
CVE-2026-0012
UNKNOWN
In setHideSensitive of ExpandableNotificationRow.java, there is a possible contact name leak due due to a logic error in the code. This could lead to local information disclosure with no additional ex...
CVE-2026-0013
UNKNOWN
In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional ex...
CVE-2026-0014
UNKNOWN
In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional executi...
CVE-2026-0015
UNKNOWN
In multiple locations of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution ...
CVE-2026-0017
UNKNOWN
In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional executi...
CVE-2026-0020
UNKNOWN
In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of priv...
CVE-2026-0021
UNKNOWN
In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additio...
CVE-2026-0023
UNKNOWN
In createSessionInternal of PackageInstallerService.java, there is a possible way for an app to update its ownership due to a missing permission check. This could lead to local escalation of privilege...
CVE-2026-0024
UNKNOWN
In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information dis...
CVE-2026-0025
UNKNOWN
In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution ...
CVE-2026-0026
UNKNOWN
In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege ...
CVE-2026-0027
UNKNOWN
In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User int...
CVE-2026-0028
UNKNOWN
In __pkvm_host_share_guest of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privilege...
CVE-2026-0029
UNKNOWN
In __pkvm_init_vm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2026-0030
UNKNOWN
In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional executi...
CVE-2026-0031
UNKNOWN
In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges nee...
CVE-2026-0032
UNKNOWN
In multiple functions of mem_protect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileg...
CVE-2026-0034
UNKNOWN
In setPackageOrComponentEnabled of ManagedServices.java, there is a possible notification policy desync due to improper input validation. This could lead to local escalation of privilege with no addit...
CVE-2026-0035
UNKNOWN
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of priv...
CVE-2026-0037
UNKNOWN
In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed....
CVE-2026-0038
UNKNOWN
In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional executio...
CVE-2026-0047
UNKNOWN
In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege...
CVE-2026-0995
UNKNOWN
An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME.
CVE-2026-20416
UNKNOWN
In pcie, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User in...
CVE-2026-20423
UNKNOWN
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is n...
CVE-2026-20424
UNKNOWN
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User i...
CVE-2026-20425
UNKNOWN
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User...
CVE-2026-20426
UNKNOWN
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User...
CVE-2026-20427
UNKNOWN
In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. ...
CVE-2026-20428
UNKNOWN
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User...
CVE-2026-20429
UNKNOWN
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User i...
CVE-2026-20430
UNKNOWN
In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges n...
CVE-2026-20434
UNKNOWN
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the atta...
CVE-2026-20435
UNKNOWN
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no add...
CVE-2026-20436
UNKNOWN
In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System pri...
CVE-2026-20437
UNKNOWN
In MAE, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not neede...
CVE-2026-20438
UNKNOWN
In MAE, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti...
CVE-2026-20439
UNKNOWN
In imgsys, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not ne...
CVE-2026-20440
UNKNOWN
In MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User int...
CVE-2026-20441
UNKNOWN
In MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User int...
CVE-2026-20442
UNKNOWN
In display, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not n...
CVE-2026-20443
UNKNOWN
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti...
CVE-2026-20444
UNKNOWN
In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User i...
CVE-2026-20445
UNKNOWN
In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not ne...
CVE-2026-2256
UNKNOWN
A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived inp...
CVE-2026-24101
UNKNOWN
An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 ...
CVE-2026-24105
UNKNOWN
An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18_multi. The value of `v1` was not checked, potentially leading to a command injection vulnerability if injected into do...
CVE-2026-24107
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of `usbPartitionName`, which is directly used in `doSystemCmd`, may lead to critical command injection vulnerabil...
CVE-2026-24108
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr`. When this value is passed into the `getMibPrefix` function and conc...
CVE-2026-24109
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `picName`. When this value is used in `sprintf` without validating variable...
CVE-2026-24110
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long `addDhcpRules` data. When these rules enter the `addDhcpRule` function and are processed by `ret = sscanf(pRule,...
CVE-2026-24111
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userInfo`. When `userInfo` is passed into the `addAuthUser` function and pr...
CVE-2026-24112
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userInfo`. When `userInfo` is passed into the `addWewifiWhiteUser` function...
CVE-2026-24113
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr`. When this value is passed into the `getMibPrefix` function and conc...
CVE-2026-24114
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate `pPortMapIndex` may lead to buffer overflows when using `strcpy`.
CVE-2026-24115
UNKNOWN
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the sizes of `gstup` and `gstdwn` before concatenating them into `gstruleQos` may lead to buffer overflow.
CVE-2026-26694
UNKNOWN
code-projects Simple Student Alumni System v1.0 is vulnerale to SQL Injection in /TracerStudy/modal_view.php.
CVE-2026-26695
UNKNOWN
code-projects Simple Student Alumni System code-projects v1.0 is vulnerable to SQL Injection in /TracerStudy/recordstudent_edit.php.
CVE-2026-26696
UNKNOWN
code-projects Simple Student Alumni System code-projects v1.0 is vulnerable to SQL Injection in /TracerStudy/recordteacher_edit.php.
CVE-2026-26697
UNKNOWN
code-projects Simple Student Alumni System code-projects v1.0 is vulnerable to SQL Injection in /TracerStudy/recordteacher_view.php?teacherID=.
CVE-2026-26698
UNKNOWN
code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/modal_edit.php.
CVE-2026-26699
UNKNOWN
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/admin_change_picture.php.
CVE-2026-26700
UNKNOWN
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edit_employee.php.
CVE-2026-26701
UNKNOWN
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edit_tecnical_user.php.
CVE-2026-26702
UNKNOWN
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitem_reuse.php.
CVE-2026-26703
UNKNOWN
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/advance_search.php.
CVE-2026-26704
UNKNOWN
sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/view_category.php.
CVE-2026-26705
UNKNOWN
sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/view_product.php.
CVE-2026-26706
UNKNOWN
sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/view_receipt.php.
CVE-2026-26707
UNKNOWN
sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/view_supplier.php.
CVE-2026-26708
UNKNOWN
sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manage_user.php.
CVE-2026-26709
UNKNOWN
code-projects Simple Gym Management System v1.0 is vulnerable to SQL Injection in /gym/trainer_search.php.
CVE-2026-26710
UNKNOWN
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php.
CVE-2026-26711
UNKNOWN
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/view-ticket.php.
CVE-2026-26712
UNKNOWN
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/view-ticket-admin.php.
CVE-2026-26713
UNKNOWN
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php.
CVE-2026-26720
UNKNOWN
An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module.
CVE-2026-1542
UNKNOWN
The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the ...
CVE-2018-25160
UNKNOWN
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend.
For example, if an appli...
CVE-2021-4456
UNKNOWN
Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact.
The functions `addr2cidr` and `cidrlookup` may return leading zeros in a CIDR ...
CVE-2025-40932
UNKNOWN
Apache::SessionX versions through 2.01 for Perl create insecure session id.
Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 retu...
CVE-2025-69437
UNKNOWN
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF fi...
CVE-2026-2597
UNKNOWN
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes().
The function does not validate that the length parameter is non-negative...
CVE-2026-26861
UNKNOWN
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The handleCustomHtmlPreviewPostMessageEvent function in src/util/campaignRender/nativeD...
CVE-2026-26862
UNKNOWN
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessage in the Visual Builder module. The origin validation in src/modules/visualBuild...
CVE-2026-27167
NONE
Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically ...
CVE-2026-3255
UNKNOWN
HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand() function.
The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in ra...
CVE-2026-3277
UNKNOWN
The OpenID Connect (OIDC) authentication configuration in PowerShell
Universal before 2026.1.3 stores the OIDC client secret in cleartext in
the .universal/authentication.ps1 script, which allows an...
CVE-2025-50857
UNKNOWN
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload
CVE-2025-56605
UNKNOWN
A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echo...
CVE-2025-71057
UNKNOWN
Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.
CVE-2026-26682
UNKNOWN
An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component
CVE-2026-26979
NONE
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users are able to close, archive and pin topics in private categories they don't have access t...
CVE-2026-27141
UNKNOWN
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
CVE-2026-28083
UNKNOWN
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UX-themes Flatsome flatsome allows Stored XSS.This issue affects Flatsome: from n/a through <= 3.2...
CVE-2026-28131
UNKNOWN
Insertion of Sensitive Information Into Sent Data vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder allows Retrieve Embedded Sensitive Data.This issue affects...
CVE-2026-28132
UNKNOWN
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects W...
CVE-2026-28136
UNKNOWN
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through <= 6.9.1...
CVE-2026-28138
UNKNOWN
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through <= 2.2.0.
CVE-2025-11563
UNKNOWN
URLs containing percent-encoded slashes (`/` or `\`) can trick wcurl into
saving the output file outside of the current directory without the user
explicitly asking for it.
This flaw only affects the...
CVE-2025-69771
UNKNOWN
An arbitrary file upload vulnerability in the subtitle loading function of asbplayer v1.13.0 allows attackers to execute arbitrary code via uploading a crafted subtitle file.
CVE-2026-24005
NONE
Kruise provides automated management of large-scale applications on Kubernetes. Prior to versions 1.8.3 and 1.7.5, PodProbeMarker allows defining custom probes with TCPSocket or HTTPGet handlers. The ...
CVE-2026-26717
UNKNOWN
An issue in OpenFUN Richie (LMS) in src/richie/apps/courses/api.py. The application used the non-constant time == operator for HMAC signature verification in the sync_course_run_from_request function....
CVE-2026-27846
UNKNOWN
Due to missing authentication, a user with physical access to the device can misuse the mesh functionality for adding a new mesh device to the network
to gain access to sensitive information, includi...
CVE-2026-27847
UNKNOWN
Due to improper neutralization of special elements, SQL statements can be injected via the handshake of a TLS-SRP connection. This can be used to inject known credentials into the database that can be...
CVE-2026-27848
UNKNOWN
Due to missing neutralization of special elements, OS commands can be injected via the handshake of a TLS-SRP connection, which are ultimately run as the root user.
This issue affects MR9600: 1.0.4.20...
CVE-2026-27849
UNKNOWN
Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh netw...
CVE-2026-27850
UNKNOWN
Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the loc...
CVE-2026-3221
UNKNOWN
Sensitive
user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker with
access to the database to obtain sensitive user
inform...
CVE-2024-56373
UNKNOWN
DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to...
CVE-2024-58041
UNKNOWN
Smolder versions through 1.51 for Perl uses insecure rand() function for cryptographic functions.
Smolder 1.51 and earlier for Perl uses the rand() function as the default source of entropy, which is...
CVE-2025-15386
UNKNOWN
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with...
CVE-2025-27555
UNKNOWN
Airflow versions before 2.11.1 have a vulnerability that allows authenticated users with audit log access to see sensitive values in audit logs which they should not see. When sensitive connection par...
CVE-2025-46320
UNKNOWN
A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom homepage could lead to unauthorized access and remote code execution. This vulnerability has been fully addressed in FileMake...
CVE-2025-63409
UNKNOWN
Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials.
CVE-2025-67445
UNKNOWN
TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cstecgi.cgi. The CGI reads the CONTENT_LENGTH environment variable and allocates memory using malloc (CON...
CVE-2025-69985
UNKNOWN
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trust...
CVE-2026-0399
UNKNOWN
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.
CVE-2026-0400
UNKNOWN
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVE-2026-0401
UNKNOWN
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVE-2026-0402
UNKNOWN
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVE-2026-1768
UNKNOWN
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15.
CVE-2026-25603
UNKNOWN
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitr...
CVE-2026-2634
UNKNOWN
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed d...
CVE-2026-2757
UNKNOWN
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2758
UNKNOWN
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2759
UNKNOWN
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2760
UNKNOWN
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2761
UNKNOWN
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2762
UNKNOWN
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2763
UNKNOWN
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2764
UNKNOWN
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2765
UNKNOWN
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2766
UNKNOWN
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2767
UNKNOWN
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2768
UNKNOWN
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2769
UNKNOWN
Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2770
UNKNOWN
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2771
UNKNOWN
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2772
UNKNOWN
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2773
UNKNOWN
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2774
UNKNOWN
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2775
UNKNOWN
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2776
UNKNOWN
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2777
UNKNOWN
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2778
UNKNOWN
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2779
UNKNOWN
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2780
UNKNOWN
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2781
UNKNOWN
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2782
UNKNOWN
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2783
UNKNOWN
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2784
UNKNOWN
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2785
UNKNOWN
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2786
UNKNOWN
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2787
UNKNOWN
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2788
UNKNOWN
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2789
UNKNOWN
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
CVE-2026-2790
UNKNOWN
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2791
UNKNOWN
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
CVE-2026-2792
UNKNOWN
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort ...
CVE-2026-2793
UNKNOWN
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that...
CVE-2026-2794
UNKNOWN
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox < 148.
CVE-2026-2795
UNKNOWN
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
CVE-2026-2796
UNKNOWN
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
CVE-2026-2797
UNKNOWN
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
CVE-2026-2798
UNKNOWN
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
CVE-2026-2799
UNKNOWN
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
CVE-2026-2800
UNKNOWN
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148.
CVE-2026-2801
UNKNOWN
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
CVE-2026-2802
UNKNOWN
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148.
CVE-2026-2803
UNKNOWN
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148.
CVE-2026-2804
UNKNOWN
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
CVE-2026-2805
UNKNOWN
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
CVE-2026-2806
UNKNOWN
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148.
CVE-2026-2807
UNKNOWN
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...
CVE-2026-3131
UNKNOWN
Improper
access control in multiple DVLS REST API endpoints in Devolutions
Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data.
Latest Headlines
164 articles
RSS Feed Sources
Dark Reading
Critical OpenClaw Vulnerability Exposes AI Agent Risks
2026-03-02 22:34
The Record
Cyber Command disrupted Iranian comms, sensors, top general says
2026-03-02 21:07
The Register
Iran's cyberwar has begun
2026-03-02 20:52
Dark Reading
30 Alleged Members of 'The Com' Arrested in Project Compass
2026-03-02 20:32
BleepingComputer
Fake Google Security site uses PWA app to steal credentials, MFA codes
2026-03-02 20:23
The Record
University of Hawaiʻi Cancer Center confirms data leak following ransomware attack
2026-03-02 19:13
BleepingComputer
Alabama man pleads guilty to hacking, extorting hundreds of women
2026-03-02 18:54
The Register
UK Businesses told to brace cyber defenses amid Iran conflict risk
2026-03-02 18:44
BleepingComputer
Florida woman imprisoned for massive Microsoft license fraud scheme
2026-03-02 17:30
The Hacker News
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
2026-03-02 17:08
The Hacker News
Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
2026-03-02 16:52
The Record
Alleged India-linked espionage campaign targeted Pakistan, Bangladesh, Sri Lanka
2026-03-02 16:26
BleepingComputer
UK warns of Iranian cyberattack risks amid Middle-East conflict
2026-03-02 15:54
BleepingComputer
How Deepfakes and Injection Attacks Are Breaking Identity Verification
2026-03-02 15:01
The Record
German court convicts alleged mastermind behind global investment scam network
2026-03-02 14:00
The Register
Memory scalpers hunt scarce DRAM with bot blitz
2026-03-02 14:00
The Record
British organizations urged to be alert to threat of Iranian cyberattacks
2026-03-02 13:52
The Register
Scammers try to SIM-swap Dubai citizens hours after Iranian missile strikes
2026-03-02 13:42
The Hacker News
⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More
2026-03-02 13:26
BleepingComputer
Anthropic confirms Claude is down in a worldwide outage
2026-03-02 12:23
The Hacker News
How to Protect Your SaaS from Bot Attacks with SafeLine WAF
2026-03-02 11:55
The Record
Cyberattack briefly disrupts Russian internet regulator and defense ministry websites
2026-03-02 10:47
The Hacker News
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
2026-03-02 10:36
Dark Reading
Bug in Google's Gemini AI Panel Opens Door to Hijacking
2026-03-02 10:27
The Hacker News
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
2026-03-02 08:44
The Register
UK govermnent's Vulnerability Monitoring System is working - fixes flow far faster
2026-03-02 03:27
The Register
South Korea’s tax office apologizes for leaking seed phrase to seized crypto
2026-03-02 00:51
BleepingComputer
ClawJacked attack let malicious websites hijack OpenClaw to steal data
2026-03-01 21:44
BleepingComputer
Samsung TVs to stop collecting Texans’ data without express consent
2026-03-01 15:23
BleepingComputer
QuickLens Chrome extension steals crypto, shows ClickFix attack
2026-02-28 19:18
The Hacker News
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
2026-02-28 17:21
BleepingComputer
$4.8M in crypto stolen after Korean tax agency exposes wallet seed
2026-02-28 15:17
Krebs on Security
Who is the Kimwolf Botmaster “Dort”?
2026-02-28 12:01
The Register
Denizens of DEF CON are 'fed up with government'
2026-02-28 11:11
The Hacker News
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
2026-02-28 09:56
The Hacker News
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
2026-02-28 04:57
The Register
Double whammy: Steaelite RAT bundles data theft, ransomware in one evil tool
2026-02-27 22:59
Dark Reading
Life Mirrors Art: Ransomware Hits Hospitals on TV & IRL
2026-02-27 20:48
Dark Reading
Cities Hosting Major Events Need More Focus on Wireless, Drone Defense
2026-02-27 20:23
Dark Reading
Cities Hosting Major Events Need More Focus on Wireless, Drone Defense
2026-02-27 20:23
BleepingComputer
Microsoft testing Windows 11 batch file security improvements
2026-02-27 20:00
The Register
Suspected Nork digital intruders caught breaking into US healthcare, education orgs
2026-02-27 19:59
BleepingComputer
APT37 hackers use new malware to breach air-gapped networks
2026-02-27 19:21
BleepingComputer
Europol-led crackdown on The Com hackers leads to 30 arrests
2026-02-27 18:20
The Hacker News
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
2026-02-27 18:11
The Hacker News
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
2026-02-27 17:59
The Record
Samsung updates ACR privacy practices after Texas sues TV manufacturers
2026-02-27 17:45
The Record
Instagram to start alerting parents when children search for terms relating to self-harm
2026-02-27 16:36
Dark Reading
The Case for Why Better Breach Transparency Matters
2026-02-27 16:18
The Register
Ransomware payments cratered in 2025, but attacks surged to record highs
2026-02-27 16:15
The Record
EU lawmakers propose that youth under 16 be barred from social media without parental consent
2026-02-27 16:01
BleepingComputer
CISA warns that RESURGE malware can be dormant on Ivanti devices
2026-02-27 15:57
The Hacker News
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
2026-02-27 15:33
The Register
French DIY etailer ManoMano admits customer data stolen
2026-02-27 15:15
BleepingComputer
Third-Party Patching and the Business Footprint We All Share
2026-02-27 15:00
Dark Reading
Claude Code Security Shows Promise, Not Perfection
2026-02-27 14:00
The Register
Cops back Dutch telco Odido after second wave of ShinyHunters leaks
2026-02-27 13:54
The Hacker News
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
2026-02-27 12:43
BleepingComputer
Ukrainian man pleads guilty to running AI-powered fake ID site
2026-02-27 12:30
The Hacker News
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
2026-02-27 10:06
The Hacker News
Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
2026-02-27 07:56
Dark Reading
Marquis v. SonicWall Lawsuit Ups the Breach Blame Game
2026-02-26 22:02
The Record
Former Air Force officer arrested for conspiring with hacker to provide flight training to Chinese military
2026-02-26 21:45
Dark Reading
Cisco SD-WAN Zero-Day Under Exploitation for 3 Years
2026-02-26 21:45
The Record
Wyden blocks Rudd confirmation to lead Cyber Command, NSA
2026-02-26 21:06
BleepingComputer
Previously harmless Google API keys now expose Gemini AI data
2026-02-26 20:55
The Hacker News
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
2026-02-26 18:00
The Record
Intellexa founder, three others sentenced to 8 years in prison over Greek spyware scandal
2026-02-26 17:58
BleepingComputer
Trend Micro warns of critical Apex One code execution flaws
2026-02-26 17:58
BleepingComputer
European DYI chain ManoMano data breach impacts 38 million customers
2026-02-26 17:35
BleepingComputer
Critical Juniper Networks PTX flaw allows full router takeover
2026-02-26 16:42
The Record
Google disrupts Сhina-linked cyberespionage campaign spanning dozens of countries
2026-02-26 16:19
BleepingComputer
Olympique Marseille confirms 'attempted' cyberattack after data leak
2026-02-26 16:11
The Register
Rapid AI-driven development makes security unattainable, warns Veracode
2026-02-26 15:26
The Hacker News
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
2026-02-26 15:17
The Hacker News
ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories
2026-02-26 14:28
The Record
After years of government cyber trouble, UK turns to automated scanning to speed fixes
2026-02-26 14:21
BleepingComputer
Ransomware payment rate drops to record low as attacks surge
2026-02-26 14:00
BleepingComputer
Ransomware payment rate drops to record low as attacks surge
2026-02-26 14:00
The Record
Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis
2026-02-26 13:23
BleepingComputer
Microsoft expands Windows restore to more enterprise devices
2026-02-26 13:04
The Register
Scattered Lapsus$ Hunters auditioning female voices to sharpen social engineering
2026-02-26 12:35
The Hacker News
Expert Recommends: Prepare for PQC Right Now
2026-02-26 12:06
BleepingComputer
New York sues Valve for promoting illegal gambling via game loot boxes
2026-02-26 11:44
The Register
Five Eyes warn: Patch your Cisco SD-WAN or risk root takeover
2026-02-26 11:39
The Hacker News
Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
2026-02-26 10:35
The Hacker News
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
2026-02-26 10:09
The Hacker News
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
2026-02-26 06:13
The Register
Claude collaboration tools left the door wide open to remote code execution
2026-02-26 00:33
Dark Reading
Chinese Police Use ChatGPT to Smear Japan PM Takaichi
2026-02-26 00:00
BleepingComputer
Medical device maker UFP Technologies warns of data stolen in cyberattack
2026-02-25 23:02
The Record
FTC says it won’t enforce COPPA against proper use of age verification tools
2026-02-25 22:09
Dark Reading
Flaws in Claude Code Put Developers' Machines at Risk
2026-02-25 22:02
BleepingComputer
Fake Next.js job interview tests backdoor developer's devices
2026-02-25 21:47
Dark Reading
RAMP Forum Seizure Fractures Ransomware Ecosystem
2026-02-25 21:14
The Register
Google catches Beijing spies using Sheets to spread espionage across 4 continents
2026-02-25 20:41
Dark Reading
PCI Council Says Threats to Payments Systems Are Speeding Up
2026-02-25 19:15
The Record
Health insurance tech provider TriZetto says more than 3 million impacted by 2024 breach
2026-02-25 18:39
BleepingComputer
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
2026-02-25 18:01
The Hacker News
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
2026-02-25 17:46
The Record
Discord puts global age verification policy on hold after backlash
2026-02-25 17:44
The Record
Five Eyes allies warn hackers are actively exploiting Cisco SD-WAN flaws
2026-02-25 17:37
BleepingComputer
Chinese cyberspies breached dozens of telecom firms, govt agencies
2026-02-25 17:00
The Hacker News
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
2026-02-25 17:00
The Record
PowerSchool, Chicago Public Schools to settle student data privacy lawsuit for $17 million
2026-02-25 16:54
The Register
Fake 'interview' repos lure Next.js devs into running secret-stealing malware
2026-02-25 16:51
Dark Reading
Malicious Next.js Repos Target Developers Via Fake Job Interviews
2026-02-25 16:42
BleepingComputer
Marquis sues SonicWall over backup breach that led to ransomware attack
2026-02-25 15:54
The Record
Medical device firm UFP says backup data systems deployed following cyberattack
2026-02-25 15:32
The Record
Chinese prosecutors raise alarm about growth of domestic IP theft
2026-02-25 15:14
The Hacker News
SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
2026-02-25 15:06
BleepingComputer
The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web
2026-02-25 15:01
The Hacker News
Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It
2026-02-25 14:30
Dark Reading
Why 'Call This Number' TOAD Emails Beat Gateways
2026-02-25 14:00
The Register
Ex-L3Harris exec jailed 7 years for selling exploits to Russia
2026-02-25 13:44
BleepingComputer
Zyxel warns of critical RCE flaw affecting over a dozen routers
2026-02-25 12:53
The Hacker News
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
2026-02-25 12:43
The Register
Wynn Resorts takes attacker's word for it that stolen staff data was deleted
2026-02-25 12:39
Dark Reading
'Richter Scale' Model Measures Magnitude of OT Cyber Incidents
2026-02-25 12:00
The Record
Moscow man accused of posing as FSB officer to extort Conti ransomware gang
2026-02-25 11:22
The Hacker News
Manual Processes Are Putting National Security at Risk
2026-02-25 11:00
BleepingComputer
US sanctions Russian broker for buying stolen zero-day exploits
2026-02-25 10:31
The Register
OpenAI says Chinese cops used ChatGPT to plan and track smear ops against opponents
2026-02-25 10:01
The Hacker News
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
2026-02-25 08:49
BleepingComputer
Ex-L3Harris exec jailed for selling zero-days to Russian exploit broker
2026-02-25 08:21
Dark Reading
Operation Red Card 2.0 Leads to 651 Arrests in Africa
2026-02-25 08:00
BleepingComputer
Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool
2026-02-25 07:51
The Hacker News
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
2026-02-25 07:04
The Register
Threat intelligence supply chain is full of weak links, researchers find
2026-02-25 05:49
The Hacker News
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
2026-02-25 05:23
The Register
AI has gotten good at finding bugs, not so good at swatting them
2026-02-24 22:36
BleepingComputer
Wynn Resorts confirms employee data breach after extortion threat
2026-02-24 21:51
BleepingComputer
1Campaign platform helps malicious Google ads evade detection
2026-02-24 21:45
The Record
US sanctions Russian exploit broker for buying cyber tools stolen from defense contractor
2026-02-24 21:42
Dark Reading
Attackers Now Need Just 29 Minutes to Own a Network
2026-02-24 21:38
Dark Reading
Lazarus Group Picks a New Poison: Medusa Ransomware
2026-02-24 21:18
The Record
Phishing operation with links to Russia, Armenia compromised Western cargo companies, researchers find
2026-02-24 20:34
The Register
Patch these 4 critical, make-me-root SolarWinds bugs ASAP
2026-02-24 19:55
The Hacker News
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
2026-02-24 18:52
The Register
North Korea's Lazarus Group targets healthcare orgs with Medusa ransomware
2026-02-24 18:25
BleepingComputer
CarGurus data breach exposes information of 12.4 million accounts
2026-02-24 18:08
BleepingComputer
Microsoft adds Copilot data controls to all storage locations
2026-02-24 17:30
The Record
US ‘committed’ to fighting transnational gangs behind Southeast Asian scam compounds: FBI
2026-02-24 17:28
The Register
Go library maintainer brands GitHub's Dependabot a 'noise machine'
2026-02-24 16:31
The Record
Reddit fined $20 million by UK for not effectively checking users’ ages
2026-02-24 15:29
The Record
Crypto platform Step Finance shutting down after $40 million theft
2026-02-24 15:28
BleepingComputer
Identity-First AI Security: Why CISOs Must Add Intent to the Equation
2026-02-24 15:02
BleepingComputer
UK fines Reddit $19 million for using children’s data unlawfully
2026-02-24 14:54
The Hacker News
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
2026-02-24 14:21
The Record
UAE claims it stopped ‘terrorist’ ransomware attack
2026-02-24 13:56
The Record
Ukraine pushes tighter Telegram regulation, citing Russian recruitment of locals
2026-02-24 13:51
The Register
UK data watchdog fines Reddit £14.47M for letting kids slip past the gate
2026-02-24 13:29
Dark Reading
As Cybersecurity Firms Chase AI, VC Market Skyrockets
2026-02-24 13:04
BleepingComputer
Critical SolarWinds Serv-U flaws offer root access to servers
2026-02-24 13:00
The Hacker News
Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem
2026-02-24 11:58
The Register
Korean cops charge teens over bike hire breach that exposed data on 4.62M riders
2026-02-24 11:53
The Hacker News
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
2026-02-24 11:52
BleepingComputer
ShinyHunters extortion gang claims Odido breach affecting millions
2026-02-24 11:40
The Record
North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East
2026-02-24 11:27
BleepingComputer
North Korean Lazarus group linked to Medusa ransomware attacks
2026-02-24 11:00
The Register
UK tech hit by double trouble: Fewer foreign boffins amid skills squeeze
2026-02-24 10:15
The Hacker News
UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
2026-02-24 09:54
The Register
Euro allies aiming to rapidly build low-cost air defense weapons
2026-02-24 09:30
The Hacker News
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
2026-02-24 06:04