Skip to main content
CVE-2026-21448 CRITICAL POC PATCH Act Now

Bagisto eCommerce platform before 2.3.10 is vulnerable to server-side template injection (SSTI) through customer address fields during checkout. A normal customer can inject Blade template code that executes when viewed in the admin panel, achieving RCE. PoC available.

Laravel RCE Bagisto
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-21446 CRITICAL POC PATCH Act Now

Bagisto eCommerce platform (2.3 branch before 2.3.10) leaves installation API routes active after setup, allowing unauthenticated attackers to re-run the installer and take full control of the store including database credentials and admin account. PoC available.

Laravel Bagisto
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-67268 CRITICAL POC PATCH Act Now

gpsd (before commit dc966aa) has a heap buffer overflow in the NMEA2000 satellite view handler (PGN 129540). A malicious satellite count value overwrites the skyview array, enabling code execution on GPS daemon processes. PoC available, patch available.

Heap Overflow Denial Of Service Gpsd RCE Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-65125 CRITICAL POC Act Now

The online-movie-booking application (v5.5) by gosaliajainam contains SQL injection in movie_details.php, allowing unauthenticated attackers to extract the entire database. PoC exists. This is an open-source educational project often deployed without hardening.

PHP SQLi Online Movie Booking
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-21430 CRITICAL POC Act Now

Emlog 2.5.23 is vulnerable to CSRF in article creation, which chains with stored XSS to achieve account takeover. An attacker can force an admin to create an article containing malicious JavaScript that steals their session. No patch available.

XSS CSRF Emlog
NVD GitHub
CVSS 3.1
9.3
EPSS
0.0%
CVE-2026-21445 CRITICAL POC PATCH Act Now

Langflow before 1.7.0.dev45 exposes multiple API endpoints without authentication, allowing unauthenticated access to user conversations, transaction data, and message deletion. Critical for AI workflow platforms that handle sensitive prompt data.

Authentication Bypass AI / ML Langflow
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-15431 HIGH POC This Week

A flaw has been found in UTT 进取 512W 1.7.7-171114. This affects the function strcpy of the file /goform/formFtpServerDirConfig. [CVSS 8.8 HIGH]

Buffer Overflow 512w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-15430 HIGH POC This Week

A vulnerability was detected in UTT 进取 512W 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formFtpServerShareDirSelcet. [CVSS 8.8 HIGH]

Buffer Overflow 512w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-15429 HIGH POC This Week

A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formConfigCliForEngineerOnly. [CVSS 8.8 HIGH]

Buffer Overflow 512w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-15428 HIGH POC This Week

A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the file /goform/formRemoteControl. [CVSS 8.8 HIGH]

Buffer Overflow 512w Firmware
NVD VulDB GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-21449 HIGH POC PATCH This Week

Bagisto eCommerce platform versions before 2.3.10 suffer from server-side template injection through user-controllable first and last name fields, allowing low-privilege authenticated users to achieve remote code execution. This high-severity vulnerability (CVSS 8.8) affects confidentiality, integrity, and availability with public exploit code available and no patch currently deployed. Organizations running affected Bagisto instances should immediately upgrade to version 2.3.10 or later.

Laravel Bagisto
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-69414 HIGH POC This Week

Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of a permanent access token via a /myplex/account call with a transient access token. [CVSS 8.5 HIGH]

Authentication Bypass Media Server
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-21451 HIGH POC PATCH This Week

Stored XSS in Bagisto's CMS page editor allows authenticated attackers to bypass input sanitization by crafting malicious HTTP requests, enabling persistent JavaScript injection that executes when administrators view or edit pages. Public exploit code exists for this vulnerability, creating high-risk scenarios including admin account compromise and backend system hijacking. Bagisto versions prior to 2.3.10 are affected, and no patch is currently available for the underlying Laravel platform.

Laravel XSS Bagisto
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-21433 HIGH POC This Week

Server-side request forgery (SSRF) in Emlog up to version 2.5.19 allows authenticated attackers to make arbitrary HTTP requests by uploading malicious SVG files to the media upload endpoint, enabling internal network reconnaissance and potential credential exposure when the server processes the files. Public exploit code exists for this vulnerability and no patches are currently available. The flaw affects all Emlog installations accepting SVG uploads and can be exploited without user interaction once an attacker gains authenticated access.

SSRF Emlog
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-67160 HIGH POC This Week

An issue in Vatilon v1.12.37-20240124 allows attackers to access sensitive directories and files via a directory traversal. [CVSS 7.5 HIGH]

Path Traversal Pa4 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-67269 HIGH POC PATCH This Week

An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. [CVSS 7.5 HIGH]

Integer Overflow Denial Of Service Gpsd
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-67158 HIGH POC This Week

An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitive information and escalate privileges via a crafted HTTP request. [CVSS 7.5 HIGH]

Authentication Bypass I6032w Fhw Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21452 HIGH POC PATCH This Week

MessagePack for Java versions prior to 0.9.11 are vulnerable to denial-of-service attacks through malicious .msgpack files that exploit unbounded heap allocation when deserializing EXT32 objects. An unauthenticated attacker can craft a small payload with attacker-controlled extension lengths that causes the library to attempt allocating excessive memory, leading to JVM heap exhaustion and service unavailability. Public exploit code exists for this vulnerability; organizations using affected versions should update immediately.

Java Deserialization Messagepack
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-67159 HIGH POC This Week

Pa4 Firmware versions up to 1.12.37-20240124 is affected by cleartext transmission of sensitive information (CVSS 7.5).

Information Disclosure Pa4 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-69415 HIGH POC This Week

In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly aligned with whether the device is currently associated with an account. [CVSS 7.1 HIGH]

Information Disclosure Media Server
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-21447 HIGH POC PATCH This Week

Bagisto is an open source laravel eCommerce platform. [CVSS 7.1 HIGH]

Laravel Bagisto
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-21450 CRITICAL PATCH Act Now

Bagisto before 2.3.10 has a second server-side template injection vulnerability, this time via the type parameter. Like CVE-2026-21448, this enables remote code execution through the Blade template engine. Patch available in 2.3.10.

Laravel RCE Bagisto
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-11837 CRITICAL Act Now

QNAP Malware Remover before 6.6.8.20251023 has a code generation vulnerability that allows remote attackers to bypass the protection mechanism. An ironic vulnerability in a security tool that is supposed to protect QNAP NAS devices.

RCE Code Injection Malware Remover
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-59389 CRITICAL Act Now

QNAP Hyper Data Protector before 2.2.4.1 has an SQL injection vulnerability that allows remote attackers to execute unauthorized commands on the backup database. Combined with CVE-2025-59388 (hardcoded credentials), this creates a critical attack chain.

SQLi Hyper Data Protector
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-64121 CRITICAL Act Now

Nuvation Energy Multi-Stack Controller (MSC) for battery storage systems allows authentication bypass through an alternate channel, enabling unauthenticated attackers to access critical energy management functions. Affects versions 2.3.8 to 2.5.1.

Authentication Bypass Nplatform
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-64123 CRITICAL Act Now

Nuvation Energy MSC through 2.5.1 can be used as an unintended network proxy to bridge security boundaries. An attacker can leverage the controller to access networks that should be isolated, turning the battery controller into a pivot point.

Information Disclosure Nplatform
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-14998 CRITICAL Act Now

The Branda WordPress plugin (through 3.4.24) allows unauthenticated attackers to reset any user's password without identity verification, enabling account takeover including administrator accounts. Full site compromise is one password reset away.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-15424 MEDIUM POC This Month

A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the file /worksheet/agent_worksdel.jsp of the component HTTP GET Parameter Handler. [CVSS 7.3 HIGH]

SQLi Ksoa
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-0569 MEDIUM POC This Month

SQL injection in code-projects Online Music Site 1.0 via the ID parameter in /Frontend/AlbumByCategory.php allows unauthenticated remote attackers to execute arbitrary SQL queries and potentially access or modify database contents. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-0568 MEDIUM POC This Month

SQL injection in Online Music Site 1.0's ViewSongs.php parameter handling allows unauthenticated remote attackers to manipulate the ID argument and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and impacts the confidentiality, integrity, and availability of the affected application.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-0567 MEDIUM POC This Month

SQL injection in code-projects Content Management System 1.0 via the ID parameter in /pages.php allows unauthenticated remote attackers to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can leverage this to read, modify, or delete sensitive database information with low complexity from any network location.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-0565 MEDIUM POC This Month

Content Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-15435 MEDIUM POC This Month

A flaw has been found in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/work_update.jsp. [CVSS 7.3 HIGH]

SQLi Ksoa
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-15434 MEDIUM POC This Month

A vulnerability was detected in Yonyou KSOA 9.0. Affected is an unknown function of the file /kp/PrintZPYG.jsp. [CVSS 7.3 HIGH]

SQLi Ksoa
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-15421 MEDIUM POC This Month

A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the file /worksheet/agent_worksadd.jsp of the component HTTP GET Parameter Handler. [CVSS 7.3 HIGH]

SQLi Ksoa
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-15420 MEDIUM POC This Month

A security vulnerability has been detected in Yonyou KSOA 9.0. This affects an unknown part of the file /worksheet/agent_work_report.jsp. [CVSS 7.3 HIGH]

SQLi Ksoa
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-15426 MEDIUM POC This Month

A vulnerability was identified in jackying H-ui.admin versions up to 3.1. is affected by improper access control (CVSS 7.3).

PHP Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-15425 MEDIUM POC This Month

A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/del_user.jsp of the component HTTP GET Parameter Handler. [CVSS 7.3 HIGH]

SQLi Ksoa
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-0570 MEDIUM POC This Month

SQL injection in code-projects Online Music Site 1.0 via the fname parameter in /Frontend/Feedback.php allows unauthenticated remote attackers to manipulate database queries and potentially extract sensitive information. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-0546 MEDIUM POC This Month

SQL injection in code-projects Content Management System 1.0 via the search.php parameter allows unauthenticated remote attackers to manipulate database queries and potentially extract sensitive data or modify database contents. Public exploit code exists for this vulnerability, and no patch is currently available. Affected installations should implement immediate input validation or access controls until patching is possible.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-15436 MEDIUM POC This Month

A vulnerability has been found in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /worksheet/work_edit.jsp. [CVSS 7.3 HIGH]

SQLi Ksoa
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-21444 MEDIUM POC PATCH This Month

Improper IV handling in libtpms 0.10.0 and 0.10.1 causes the library to return initial instead of final initialization vectors during symmetric cipher operations with OpenSSL 3.x, potentially weakening cryptographic security for local users who can interact with the TPM emulation. Public exploit code exists for this vulnerability affecting confidentiality of encrypted data. Update to libtpms 0.10.2 to remediate.

OpenSSL TLS Libtpms Red Hat Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21432 MEDIUM POC This Month

Stored XSS in Emlog 2.5.23 allows authenticated attackers to inject malicious scripts that execute in other users' browsers, potentially leading to administrative account compromise. Public exploit code exists for this vulnerability, and no patched version is currently available. The attack requires user interaction and can affect any Emlog installation running the vulnerable version.

XSS Emlog
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-21431 MEDIUM POC This Month

Stored XSS in Emlog 2.5.23's media library function allows authenticated attackers to inject malicious scripts when publishing articles, which execute in other users' browsers with scope crossing enabled. Public exploit code exists for this vulnerability, and no patched version is currently available. Successful exploitation requires user interaction and grants attackers the ability to steal session data or perform actions on behalf of affected users.

XSS Emlog
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-21483 MEDIUM POC PATCH This Month

Stored XSS in Listmonk before version 6.0.0 allows authenticated users with campaign management permissions to inject malicious JavaScript that executes when administrators preview campaigns or templates, enabling privilege escalation attacks such as creating backdoor admin accounts. Public exploit code exists for this vulnerability, and the attack surface expands through the public archive feature where victims need only visit a link to trigger the payload. Version 6.0.0 addresses this flaw, though patches are currently unavailable for earlier versions.

XSS Listmonk Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-15432 MEDIUM POC This Month

A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. [CVSS 5.3 MEDIUM]

Path Traversal Carrental
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-15422 MEDIUM POC This Month

A flaw has been found in EmpireSoft EmpireCMS up to 8.0. This issue affects the function egetip of the file e/class/connect.php of the component IP Address Handler. [CVSS 5.3 MEDIUM]

PHP Empirecms
NVD VulDB
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-14072 MEDIUM POC This Month

Ninja Forms versions up to 3.13.3 contains a vulnerability that allows attackers to generate valid access tokens via the REST API which can then be used to read for (CVSS 5.3).

WordPress Ninja Forms PHP
NVD WPScan
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-69417 MEDIUM POC This Month

In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint. [CVSS 5.0 MEDIUM]

Authentication Bypass Media Server
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-69416 MEDIUM POC This Month

In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve other tokens (intended for unrelated access) via clients.plex.tv/devices.xml. [CVSS 5.0 MEDIUM]

Authentication Bypass Media Server
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
Page 1 of 15 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy