Skip to main content
CVE-2025-61489 MEDIUM POC THREAT This Month

A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string. [CVSS 6.5 MEDIUM]

Command Injection Mcp Shell
NVD GitHub
CVSS 3.1
6.5
EPSS
11.1%
CVE-2026-22189 MEDIUM POC This Month

Panda3D egg-mkfont (through 1.10.16) has a stack buffer overflow via an unbounded sprintf() with attacker-controlled glyph pattern input. PoC available.

Buffer Overflow Stack Overflow RCE Panda3d
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-22188 MEDIUM POC This Month

Panda3D's deploy-stub executable up to version 1.10.16 is vulnerable to denial of service through unvalidated stack allocation based on command-line argument counts, allowing local attackers to crash the application by supplying excessive arguments. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw can trigger reliable crashes and undefined behavior during Python interpreter initialization.

Python Denial Of Service Panda3d
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-21504 MEDIUM POC PATCH This Month

Heap buffer overflow in iccDEV's ToneMap parser (versions prior to 2.3.1.2) allows local attackers with user interaction to achieve information disclosure and denial of service, with potential for code execution. Public exploit code exists for this vulnerability. Update to version 2.3.1.2 or later to remediate.

Buffer Overflow Iccdev
NVD GitHub
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-13418 MEDIUM POC This Month

The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'plan_icons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.9%
CVE-2026-21689 MEDIUM POC PATCH This Month

Denial of service in iccDEV versions before 2.3.1.2 allows unauthenticated attackers to crash applications processing ICC color profiles through a type confusion vulnerability in the XML profile parser. Public exploit code exists for this vulnerability. Users of the iccDEV library should upgrade to version 2.3.1.2 to remediate the issue.

Code Injection Iccdev
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-21680 MEDIUM POC This Month

iccDEV versions prior to 2.3.1.2 contain a null pointer dereference vulnerability in ICC color profile processing that causes denial of service when malicious or malformed profiles are processed. Public exploit code exists for this vulnerability, and no patched version is currently available. Users of the iccDEV library who handle untrusted color profiles are at risk of application crashes.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-21857 MEDIUM POC PATCH This Month

Arbitrary file disclosure in REDAXO's Backup addon allows authenticated users with backup permissions to read any file within the webroot by bypassing directory validation in the file export function. An attacker can manipulate the EXPDIR parameter with path traversal sequences to include unauthorized files in exported archives. Public exploit code exists; a patch is available in version 5.20.2 and later.

PHP Path Traversal Redaxo
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-21690 MEDIUM POC PATCH This Month

iccDEV before version 2.3.1.2 contains a type confusion vulnerability in the XML tag processing function that allows attackers to trigger information disclosure, data modification, or denial of service when processing specially crafted ICC color profiles. Public exploit code exists for this vulnerability, affecting users who process untrusted color profile files with the iccDEV library. A patch is available in version 2.3.1.2 and should be applied immediately.

Code Injection Iccdev
NVD GitHub
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-66686 MEDIUM POC This Month

A stored Cross-Site Scripting (XSS) vulnerability exists in Perch CMS version 3.2. An authenticated attacker with administrative privileges can inject malicious JavaScript code into the “Help button url” setting within the admin panel. [CVSS 6.1 MEDIUM]

XSS Privilege Escalation Information Disclosure Perch
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-0670 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) in MediaWiki's ProofreadPage extension (versions 1.39, 1.43, 1.44, 1.45) allows attackers to inject malicious scripts through improper input sanitization during web page generation. Public exploit code exists for this vulnerability, which requires user interaction to trigger. A patch is available to remediate the issue.

Mediawiki XSS Proofread Page
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-21503 MEDIUM POC PATCH This Month

iccDEV versions before 2.3.1.2 are vulnerable to a null pointer dereference in the CIccTagSparseMatrixArray function when processing ICC color profiles, allowing local attackers with user interaction to cause denial of service or data corruption. Public exploit code exists for this vulnerability. Users should upgrade to version 2.3.1.2 or later to remediate the issue.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-0643 MEDIUM POC This Month

House Rental And Property Listing Project versions up to 1.0 is affected by improper access control (CVSS 7.3).

PHP Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-21505 MEDIUM POC PATCH This Month

iccDEV versions prior to 2.3.1.2 suffer from denial of service due to undefined behavior triggered by invalid enum values in ICC color profile processing. A local attacker with user interaction can crash the application or cause system instability, and public exploit code exists. The vulnerability affects users of the iccDEV library on affected systems, with patches available in version 2.3.1.2 and later.

Code Injection Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21501 MEDIUM POC PATCH This Month

Local denial of service in iccDEV versions prior to 2.3.1.2 stems from a stack overflow in the calculator parser component, allowing unauthenticated users to crash the application through crafted input. Public exploit code exists for this vulnerability, which affects Stack Overflow and Iccdev products. A patch is available in version 2.3.1.2 and should be applied immediately.

Stack Overflow Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21500 MEDIUM POC PATCH This Month

iccDEV versions prior to 2.3.1.2 are vulnerable to stack overflow through malformed XML calculator macro expansion, allowing local attackers to trigger a denial of service condition. Public exploit code exists for this vulnerability, which affects ICC color profile manipulation tools used in Stack Overflow and Iccdev products. A patch is available in version 2.3.1.2 and should be applied promptly to mitigate exploitation risk.

Stack Overflow Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21502 MEDIUM POC PATCH This Month

iccDEV versions prior to 2.3.1.2 are vulnerable to denial of service through a null pointer dereference in the XML tag parser, allowing local attackers with user interaction to crash the application. Public exploit code exists for this vulnerability, and a patch is available in version 2.3.1.2.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21499 MEDIUM POC PATCH This Month

iccDEV versions prior to 2.3.1.2 are susceptible to denial of service through a null pointer dereference in the XML parser, allowing local attackers with user interaction to crash the application. Public exploit code exists for this vulnerability, and a patch is available in version 2.3.1.2 and later.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21498 MEDIUM POC PATCH This Month

iccDEV versions prior to 2.3.1.2 suffer from a null pointer dereference in the XML calculator parser that allows local attackers to crash the application and cause a denial of service. Public exploit code exists for this vulnerability. A patch is available in version 2.3.1.2 and later.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21497 MEDIUM POC PATCH This Month

iccDEV versions before 2.3.1.2 crash when processing specially crafted ICC color profile tags due to improper null pointer validation, causing denial of service on systems using the library. Local attackers with user interaction can trigger this crash through a malicious color profile file. Public exploit code exists for this vulnerability.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21496 MEDIUM POC PATCH This Month

iccDEV versions prior to 2.3.1.2 suffer from a null pointer dereference in the signature parser that allows local attackers to trigger a denial of service condition. Public exploit code exists for this vulnerability, and the issue affects all users of iccDEV's ICC color profile manipulation libraries and tools. A patch is available in version 2.3.1.2 and should be applied immediately.

Null Pointer Dereference Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21506 MEDIUM POC PATCH This Month

iccDEV versions prior to 2.3.1.2 are susceptible to denial of service through a null pointer dereference in the CIccProfileXml::ParseBasic() function, which can be triggered by local users with minimal privileges through user interaction. Public exploit code exists for this vulnerability, allowing attackers to crash the application and disrupt ICC color profile processing. A patch is available in version 2.3.1.2 and should be applied to affected systems.

Null Pointer Dereference Denial Of Service Iccdev
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21691 MEDIUM POC PATCH This Month

iccDEV versions prior to 2.3.1.2 contain a type confusion vulnerability in the CIccTag::IsTypeCompressed() function that allows unauthenticated attackers to cause integrity violations or service disruption by crafting malicious ICC color profiles. The vulnerability requires user interaction to exploit and affects applications using the iccDEV library to process color management profiles. Public exploit code exists, and a patch is available in version 2.3.1.2.

Code Injection Iccdev
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-0668 MEDIUM POC PATCH This Month

Visualdata versions up to - is affected by inefficient regular expression complexity (redos) (CVSS 5.3).

Mediawiki Visualdata Red Hat
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-21851 MEDIUM POC PATCH This Month

MONAI versions up to 1.5.1 contain a path traversal vulnerability in the `_download_from_ngc_private()` function that fails to validate extracted archive contents, allowing attackers to write files outside the intended directory during package extraction. An attacker with user interaction can exploit this via a malicious ZIP file to overwrite arbitrary files on the system. Public exploit code exists for this vulnerability, and a patch is available in commit 4014c8475626f20f158921ae0cf98ed259ae4d59.

Path Traversal AI / ML Monai
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22190 MEDIUM POC This Month

Panda3D egg-mkfont up to version 1.10.16 contains a format string vulnerability in the -gp command-line option that allows attackers to read arbitrary stack memory and leak pointer values by injecting format specifiers into generated .egg and .png files. Public exploit code exists for this vulnerability, and no patch is currently available. This affects all users of the egg-mkfont utility who process untrusted input.

Information Disclosure Panda3d
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-69221 MEDIUM POC PATCH This Month

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control when querying agent permissions. [CVSS 4.3 MEDIUM]

Authentication Bypass AI / ML Librechat
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-69255 MEDIUM POC PATCH This Month

RustFS is a distributed object storage system built in Rust. [CVSS 4.0 MEDIUM]

Industrial Denial Of Service Deserialization Rustfs
NVD GitHub
CVSS 3.1
4.0
EPSS
0.4%
CVE-2025-66837 MEDIUM This Month

A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code via uploading a crafted PDF file/Malware [CVSS 6.8 MEDIUM]

File Upload RCE Aris
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-47337 MEDIUM PATCH This Month

Memory corruption while accessing a synchronization object during concurrent operations. [CVSS 6.7 MEDIUM]

Memory Corruption Qca6797aq Firmware Qcm5430 Firmware Qca6698aq Firmware Qcs5430 Firmware +58
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47336 MEDIUM PATCH This Month

Memory corruption while performing sensor register read operations. [CVSS 6.7 MEDIUM]

Memory Corruption Fastconnect 7800 Firmware Sm8735 Firmware Wsa8845 Firmware Sm8750 Firmware +14
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47335 MEDIUM PATCH This Month

Memory corruption while parsing clock configuration data for a specific hardware type. [CVSS 6.7 MEDIUM]

Memory Corruption Fastconnect 6700 Firmware Sm6650 Firmware Wsa8840 Firmware Wsa8830 Firmware +41
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47334 MEDIUM PATCH This Month

Memory corruption while processing shared command buffer packet between camera userspace and kernel. [CVSS 6.7 MEDIUM]

Linux Memory Corruption Sm8635p Firmware Wcn7881 Firmware Sm6650 Firmware +132
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14625 MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14614 MEDIUM This Month

Insecure Temporary File vulnerability in Altera Quartus Prime Standard  Installer (SFX) on Windows, Altera Quartus Prime Lite  Installer (SFX) on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14612 MEDIUM This Month

Insecure Temporary File vulnerability in Altera Quartus Prime Pro  Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14605 MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14599 MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite  Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14596 MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47344 MEDIUM PATCH This Month

Memory corruption while handling sensor utility operations. [CVSS 6.7 MEDIUM]

Memory Corruption Wcd9335 Firmware Snapdragon 695 5g Mobile Platform Firmware Qca6698aq Firmware Fastconnect 7800 Firmware +75
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47332 MEDIUM PATCH This Month

Memory corruption while processing a config call from userspace. [CVSS 6.7 MEDIUM]

Memory Corruption Wsa8815 Firmware Sm8635p Firmware Sm7635p Firmware Sm7550p Firmware +66
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47333 MEDIUM PATCH This Month

Memory corruption while handling buffer mapping operations in the cryptographic driver. [CVSS 6.6 MEDIUM]

Memory Corruption Snapdragon 778g 5g Mobile Platform Firmware Sa6150p Firmware Qam8650p Firmware Qfw7114 Firmware +217
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-14901 MEDIUM This Month

The Bit Form - Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization in the triggerWorkFlow function in all versions up to, and including, 2.21.6. [CVSS 6.5 MEDIUM]

WordPress PHP
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-14867 MEDIUM This Month

The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.9 via the 'source' attribute of the 'flashcard' shortcode. [CVSS 6.5 MEDIUM]

WordPress Path Traversal PHP
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-66838 MEDIUM This Month

In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limiting or throttling, allowing users to upload files at an unrestricted rate. [CVSS 6.5 MEDIUM]

File Upload Denial Of Service Aris
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-58441 MEDIUM This Month

Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. [CVSS 6.5 MEDIUM]

Industrial SSRF Knowage
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-46434 MEDIUM This Month

Missing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Pro: from n/a before 6.3.7. [CVSS 6.5 MEDIUM]

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-14059 MEDIUM This Month

The EmailKit plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in all versions up to, and including, 1.6.1. [CVSS 6.5 MEDIUM]

WordPress PHP Path Traversal
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-4677 MEDIUM CISA This Month

Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K. [CVSS 6.5 MEDIUM]

SNMP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-47395 MEDIUM This Month

Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element. [CVSS 6.5 MEDIUM]

Denial Of Service Wcn7861 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy