Skip to main content
CVE-2026-20805 MEDIUM KEV PATCH THREAT Act Now

Desktop Windows Manager on Windows 10, Windows 11, and Windows Server 2022 leaks sensitive information to local authenticated users, enabling disclosure of confidential data without modifying or disrupting system functionality. This vulnerability is confirmed actively exploited and affects multiple Windows versions with no patch currently available. An authorized attacker can exploit this with minimal complexity to extract sensitive information from the system.

Windows Windows 11 23h2 Windows Server 2022 23h2 Windows 10 1809 Windows 11 25h2 +10
NVD VulDB
CVSS 3.1
5.5
EPSS
4.8%
CVE-2026-22791 MEDIUM POC PATCH This Month

openCryptoki is a PKCS#11 library and tools for Linux and AIX. [CVSS 6.6 MEDIUM]

Linux Buffer Overflow Opencryptoki Red Hat Suse
NVD GitHub
CVSS 3.1
6.6
EPSS
0.0%
CVE-2022-50899 MEDIUM POC This Month

Geonetwork versions up to 4.2.0 is affected by improper restriction of xml external entity reference (CVSS 6.5).

XXE Geonetwork
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2023-54328 MEDIUM POC This Month

AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism. [CVSS 6.5 MEDIUM]

Buffer Overflow Denial Of Service Aimone Video Converter
NVD GitHub Exploit-DB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-65784 MEDIUM POC This Month

Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to access other users' information via a crafted API request. [CVSS 6.5 MEDIUM]

SSRF Hub
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2022-50894 MEDIUM POC This Month

VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the img_id parameter. [CVSS 6.5 MEDIUM]

PHP SQLi Wallpaper Admin
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-54855 MEDIUM POC This Month

fabricators Ltd Vanilla OS 2 Core image v1.1.0 was discovered to contain static keys for the SSH service, allowing attackers to possibly execute a man-in-the-middle attack during connections with other hosts. [CVSS 6.4 MEDIUM]

Vanilla Os Core Image Information Disclosure
NVD GitHub
CVSS 3.1
6.4
EPSS
0.0%
CVE-2022-50927 MEDIUM POC This Month

Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. [CVSS 6.2 MEDIUM]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2023-54341 MEDIUM POC This Month

Webgrind 1.1 and before contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts via the file parameter in index.php. [CVSS 6.1 MEDIUM]

PHP XSS Webgrind
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2023-53985 MEDIUM POC This Month

Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. [CVSS 6.1 MEDIUM]

XSS Zstore
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2023-54332 MEDIUM POC This Month

Jetpack 11.4 contains a cross-site scripting vulnerability in the contact form module that allows attackers to inject malicious scripts through the post_id parameter. [CVSS 6.1 MEDIUM]

XSS Jetpack
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2020-36919 MEDIUM POC This Month

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute arbitrary JavaScript in victim's browser. [CVSS 6.1 MEDIUM]

PHP XSS Wpforms
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2021-47750 MEDIUM POC This Month

YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page. [CVSS 6.1 MEDIUM]

XSS Youphptube
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2022-50937 MEDIUM POC This Month

Ametys CMS v4.4.1 contains a persistent cross-site scripting vulnerability in the link directory's input fields for external links. Attackers can inject malicious script code in link text and descriptions to execute persistent attacks that compromise user sessions and manipulate application modules. [CVSS 6.1 MEDIUM]

XSS Ametys
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2022-50896 MEDIUM POC This Month

Testa 3.5.1 contains a reflected cross-site scripting vulnerability in the login.php redirect parameter that allows attackers to inject malicious scripts. Attackers can craft a specially encoded payload in the redirect parameter to execute arbitrary JavaScript in victim's browser context. [CVSS 6.1 MEDIUM]

PHP XSS
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2021-47749 MEDIUM POC This Month

YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the 'lang' parameter in GET requests. [CVSS 5.5 MEDIUM]

PHP LFI Path Traversal Youphptube
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-50897 MEDIUM POC This Month

mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications. [CVSS 5.5 MEDIUM]

LFI Mpdf
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-50891 MEDIUM POC This Month

Owlfiles File Manager 12.0.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the path parameter in HTTP server endpoints. [CVSS 5.0 MEDIUM]

XSS Owlfiles
NVD Exploit-DB
CVSS 3.1
5.0
EPSS
0.1%
CVE-2022-50906 MEDIUM POC This Month

e107 CMS 3.2.1 contains an upload restriction bypass vulnerability that allows authenticated administrators to upload malicious SVG files through the media manager. [CVSS 4.8 MEDIUM]

XSS E107
NVD Exploit-DB
CVSS 3.1
4.8
EPSS
0.1%
CVE-2026-21265 MEDIUM PATCH This Month

Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. [CVSS 6.4 MEDIUM]

Microsoft Windows Windows 10 22h2 Windows 10 1607 Windows 11 25h2 +10
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2026-20851 MEDIUM PATCH This Month

Information disclosure in Windows Capability Access Management Service (camsvc) enables local attackers to read sensitive data from memory without authentication on Windows 11 24h2, Windows 11 25h2, and Windows Server 2025. The out-of-bounds read vulnerability requires local access but no special privileges or user interaction to trigger. No patch is currently available for this issue.

Buffer Overflow Information Disclosure Windows 11 24h2 Windows Server 2025 Windows 11 25h2 +1
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-20876 MEDIUM PATCH This Month

Privilege escalation in Windows Virtualization-Based Security (VBS) Enclave affects Windows 11 and Windows Server 2022 through a heap-based buffer overflow in memory management. An authenticated local attacker with high privileges can exploit this vulnerability to gain unauthorized system-level access. No patch is currently available for this medium-severity vulnerability (CVSS 6.7).

Windows Buffer Overflow Heap Overflow Windows Server 2022 23h2 Windows 11 25h2 +4
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-0496 MEDIUM This Month

SAP Fiori App Intercompany Balance Reconciliation contains an unrestricted file upload vulnerability that permits high-privileged attackers to upload malicious files, including scripts, due to insufficient file format validation. While the direct impact on confidentiality, integrity, and availability is limited, this flaw could enable attackers with administrative access to compromise application functionality or escalate their capabilities. No patch is currently available for this vulnerability.

SAP
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-46684 MEDIUM This Month

Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering. [CVSS 6.6 MEDIUM]

Information Disclosure Dell Supportassist Os Recovery
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-58693 MEDIUM This Month

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests. [CVSS 6.5 MEDIUM]

Fortinet Path Traversal Fortivoice
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-20925 MEDIUM PATCH This Month

Windows NTLM authentication across multiple Windows versions (10, Server 2008/2019) allows remote attackers to manipulate file name or path parameters without authentication, enabling network-based identity spoofing attacks. The vulnerability requires user interaction and has no available patch, affecting systems still running older Windows Server editions alongside current Windows 10 releases. An attacker could impersonate legitimate services or users to compromise trust in networked communications.

Windows Windows 10 22h2 Windows Server 2008 Windows 10 1607 Windows Server 2019 +11
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-37177 MEDIUM This Month

An arbitrary file deletion vulnerability has been identified in the command-line interface of mobility conductors running either AOS-10 or AOS-8 operating systems. [CVSS 6.5 MEDIUM]

Path Traversal Information Disclosure Arubaos
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-20872 MEDIUM PATCH This Month

Windows NTLM authentication is vulnerable to path manipulation attacks that enable network-based spoofing when users interact with malicious content, affecting Windows 10 22H2 and Windows Server editions 2008-2016. An unauthenticated attacker can exploit improper file name or path validation to impersonate legitimate systems or services, potentially redirecting authentication requests to attacker-controlled resources. No patch is currently available for this vulnerability.

Microsoft Authentication Bypass Windows
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-20847 MEDIUM PATCH This Month

Windows Shell information disclosure in Windows 10, 11, and Server 2019/2022 permits authenticated network attackers to conduct spoofing attacks by accessing sensitive data. The vulnerability requires valid credentials and network access, with no active exploits currently documented. No patch is available at this time.

Windows Windows 10 1607 Windows 11 23h2 Windows Server 2019 Windows Server 2022 +11
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-0543 MEDIUM This Month

Kibana's Email Connector fails to properly validate email address parameters, allowing authenticated users with view-level privileges to trigger excessive resource allocation and crash the service. An attacker can exploit this input validation flaw by submitting a specially crafted email address to cause complete denial of service, requiring manual service restart to restore availability for all users. No patch is currently available.

Code Injection Kibana Red Hat
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-37176 MEDIUM This Month

A command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations. [CVSS 6.5 MEDIUM]

Command Injection Arubaos
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-20812 MEDIUM PATCH This Month

Windows LDAP input validation bypass in Windows 10 21H2, Windows 11 24H2, and Windows Server 2022 23H2 enables authenticated network attackers to modify data integrity without detection. The vulnerability requires valid credentials and network access but does not provide elevation of privilege or confidentiality breaches. No patch is currently available for this medium-severity issue.

Windows LDAP Windows 10 21h2 Windows 11 24h2 Windows Server 2022 23h2 +10
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-0531 MEDIUM This Month

Kibana Fleet is vulnerable to denial of service through uncontrolled resource allocation when processing specially crafted bulk retrieval requests, allowing authenticated users with viewer-level privileges to exhaust server memory and crash the application. An attacker can trigger redundant database operations that consume resources without limits, rendering the service unavailable to all users. No patch is currently available for this vulnerability.

Denial Of Service Kibana Red Hat
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-0530 MEDIUM This Month

Kibana Fleet fails to limit resource allocation when processing specially crafted requests, allowing authenticated attackers to trigger excessive CPU and memory consumption that degrades or completely disables the service. The vulnerability affects Kibana deployments where users have authentication access, and no patch is currently available to remediate the issue.

Denial Of Service Kibana Red Hat
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-0528 MEDIUM PATCH This Month

Denial of Service in Prometheus and Kibana metricsets can be triggered by sending specially crafted malformed payloads to Graphite, Zookeeper, or Prometheus data sources due to improper array index validation and input validation flaws. An unauthenticated attacker on the network can exploit this to crash monitoring services without user interaction. No patch is currently available.

Prometheus Denial Of Service Kibana Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-20835 MEDIUM PATCH This Month

Information disclosure in Windows Capability Access Management Service (camsvc) allows authenticated local users to read out-of-bounds memory and access sensitive data on Windows 11 24h2, Windows 11 25h2, Windows Server 2022 23h2, and Windows Server 2025. The vulnerability requires valid user credentials and local system access, posing a risk to multi-user environments where privilege escalation chains could amplify the impact. No patch is currently available.

Buffer Overflow Information Disclosure Windows 11 24h2 Windows Server 2025 Windows Server 2022 23h2 +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20824 MEDIUM PATCH This Month

Windows Remote Assistance contains a protection mechanism bypass that allows local attackers to circumvent a security feature without user interaction, affecting Windows 11 24h2, Windows Server 2012, 2022, and 2025. The vulnerability requires local access and user interaction to exploit, with potential impact limited to information disclosure. No patch is currently available for this medium-severity issue.

Windows Windows Server 2012 Windows Server 2025 Windows 11 24h2 Windows Server 2022 23h2 +10
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0885 MEDIUM PATCH This Month

Memory corruption in Firefox and Thunderbird's JavaScript garbage collection engine allows remote attackers to crash the application or potentially leak sensitive information without user interaction. The vulnerability affects Firefox versions below 147, Firefox ESR below 140.7, Thunderbird below 147, and Thunderbird ESR below 140.7, with no patch currently available.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-55462 MEDIUM This Month

A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. [CVSS 6.5 MEDIUM]

Information Disclosure Eramba Cors Misconfiguration
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-59020 MEDIUM PATCH This Month

By exploiting the defVals parameter, attackers could bypass field‑level access checks during record creation in the TYPO3 backend. [CVSS 6.5 MEDIUM]

Typo3
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-0503 MEDIUM This Month

Missing authorization controls in SAP ECC and SAP S/4HANA EHS Management allow authenticated attackers to extract hardcoded credentials and bypass password authentication through parameter manipulation. Successful exploitation enables attackers to access, modify, or delete change pointer data within EHS objects, potentially compromising downstream systems with low impact to confidentiality and integrity. No patch is currently available.

SAP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2026-20958 MEDIUM PATCH This Month

Microsoft SharePoint Server contains a server-side request forgery vulnerability that allows authenticated users to access sensitive information across the network. An attacker with valid credentials can exploit this flaw to disclose confidential data without requiring user interaction. No patch is currently available for this issue.

Microsoft SSRF Sharepoint Server
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-59021 MEDIUM PATCH This Month

Backend users with access to the redirects module and write permission on the sys_redirect table were able to read, create, and modify any redirect record without restriction to the user’s own file-mounts or web-mounts. [CVSS 6.4 MEDIUM]

Typo3
NVD GitHub
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-20821 MEDIUM PATCH This Month

Windows RPC implementation leaks sensitive information to local attackers on Windows 10, Windows 11, and Windows Server 2022. An unauthenticated local attacker can exploit this information disclosure vulnerability without user interaction to access confidential data. No patch is currently available for this medium-severity vulnerability.

Windows Windows 11 25h2 Windows 10 1809 Windows 10 21h2 Windows Server 2022 +11
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-20818 MEDIUM PATCH This Month

Windows Kernel inadvertently logs sensitive information to accessible log files, enabling local attackers to read confidential data on affected Windows and Linux systems. This information disclosure vulnerability requires no privileges or user interaction to exploit and impacts Windows Server 2016, 2022, and 2025 along with standard Windows installations. No patch is currently available for this medium-severity issue.

Linux Windows Windows Server 2016 Windows Server 2025 Windows Server 2022 23h2 +3
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-20935 MEDIUM PATCH This Month

Information disclosure in Windows VBS Enclave protection across Windows 11 versions (23h2, 24h2, 25h2) results from unsafe pointer handling that allows local attackers to read sensitive data without authentication. The vulnerability requires local access and carries medium severity with no available patch, making it a persistent risk for systems relying on virtualization-based security controls.

Windows Windows 11 24h2 Windows 11 25h2 Windows 11 23h2 Microsoft
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-8090 MEDIUM This Month

Null pointer dereference in the MsgRegisterEvent() system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel. [CVSS 6.2 MEDIUM]

Linux Null Pointer Dereference Denial Of Service
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-0499 MEDIUM This Month

Reflected cross-site scripting in SAP NetWeaver Enterprise Portal enables unauthenticated attackers to inject malicious scripts via URL parameters that execute in users' browsers. Successful exploitation can lead to session hijacking, portal content manipulation, and unauthorized user redirection, affecting confidentiality and integrity with no patch currently available.

SAP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-0514 MEDIUM This Month

Reflected XSS in SAP Business Connector enables unauthenticated attackers to craft malicious links that redirect users to attacker-controlled sites, potentially compromising webclient confidentiality and integrity when victims click the link. The vulnerability requires user interaction and has no available patch, making client-side awareness critical for mitigation.

SAP XSS Business Connector
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-20959 MEDIUM PATCH This Month

Stored XSS in Microsoft SharePoint Server enables authenticated users to inject malicious scripts that execute in other users' browsers, potentially leading to credential theft or session hijacking. The vulnerability requires user interaction and network access, but no patch is currently available, leaving organizations dependent on compensating controls or vendor updates.

Microsoft XSS Sharepoint Server
NVD
CVSS 3.1
4.6
EPSS
0.1%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy