Skip to main content
CVE-2026-23492 HIGH POC PATCH This Week

Blind SQL injection in Pimcore's Admin Search Find API allows authenticated attackers to extract database information through inferential techniques, bypassing the incomplete mitigation from a prior patch that only removed comment-based attacks. The vulnerability affects Pimcore versions prior to 12.3.1 and 11.5.14, with public exploit code available. Patched versions are available and should be deployed immediately.

SQLi Information Disclosure Pimcore
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23512 HIGH POC PATCH This Week

SumatraPDF 3.5.2 and earlier on Windows contains an untrusted search path vulnerability in the Advanced Options feature that allows arbitrary code execution through a malicious notepad.exe placed in the application directory. An attacker with local access can exploit this when a user triggers the Advanced Options setting, as the application fails to specify an absolute path when launching notepad.exe. Public exploit code exists for this vulnerability, and a patch is available.

Windows Sumatrapdf
NVD GitHub
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-0861 HIGH POC PATCH This Week

Glibc versions 2.30 through 2.42 contain an integer overflow in the memalign function family that allows attackers with control over both size and alignment parameters to trigger heap corruption. Public exploit code exists for this vulnerability, which requires carefully crafted inputs with alignment values between 2^62+1 and 2^63 paired with sizes near PTRDIFF_MAX. Local attackers exploiting this flaw could achieve code execution or denial of service on affected systems.

Buffer Overflow Integer Overflow Glibc Red Hat Suse
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-22856 HIGH POC PATCH This Week

Heap use-after-free in FreeRDP versions before 3.20.1 stems from unsynchronized access to serial channel thread tracking structures, allowing remote attackers to trigger memory corruption and achieve code execution. The vulnerability affects systems using vulnerable FreeRDP versions for remote desktop connections and has public exploit code available. No patch is currently available, requiring users to upgrade to version 3.20.1 or later.

Race Condition Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-23477 HIGH POC This Week

Rocket.Chat versions prior to 6.12.0 expose the OAuth applications API endpoint to any authenticated user, allowing disclosure of sensitive credentials including client IDs and secrets regardless of user role or permissions. An attacker with valid credentials can enumerate OAuth applications and extract their secrets by knowing application IDs, potentially compromising integrated third-party applications. Public exploit code exists for this vulnerability and no patch is currently available.

Privilege Escalation Rocket.Chat
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-71021 HIGH POC This Week

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service Ax1806 Firmware Tenda
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-70747 HIGH POC This Week

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serviceName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service Ax1806 Firmware Tenda
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-0532 HIGH This Week

The Google Gemini connector in AI/ML products allows authenticated users with connector management privileges to read arbitrary files through unvalidated file path and network request parameters in credential configurations. An attacker with sufficient authentication access can craft malicious JSON payloads to trigger server-side requests and disclose sensitive files from the affected system. This vulnerability requires valid credentials and administrative privileges but presents a high risk of confidential data exposure.

SSRF Google
NVD VulDB
CVSS 3.1
8.6
EPSS
0.0%
CVE-2025-68960 HIGH This Week

Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 8.4 HIGH]

Race Condition Harmonyos
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-68957 HIGH This Week

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 8.4 HIGH]

Race Condition Harmonyos
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-68956 HIGH This Week

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 8.0 HIGH]

Race Condition Harmonyos
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-68955 HIGH This Week

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 8.0 HIGH]

Race Condition Harmonyos
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-68958 HIGH This Week

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 8.0 HIGH]

Race Condition Harmonyos
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-0647 HIGH This Week

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. [CVSS 7.9 HIGH]

Information Disclosure Neoverse V3ae Firmware C1 Ultra Firmware Neoverse N2 Firmware Cortex X925 Firmware +7
NVD
CVSS 3.1
7.9
EPSS
0.0%
CVE-2025-71123 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parse_apply_sb_mount_options() strscpy_pad() can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size.

Linux Debian Buffer Overflow
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-71137 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size (rx_pending) is not set below the permitted length.

Linux Buffer Overflow Memory Corruption Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-33206 HIGH PATCH This Week

NVIDIA NSIGHT Graphics for Linux contains a vulnerability where an attacker could cause command injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and denial of service. [CVSS 7.8 HIGH]

Linux Industrial Denial Of Service Privilege Escalation Command Injection +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71110 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in defer_free() before accessing freed memory When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free() before defer_free().

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71143 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws member of 'struct clk_hw_onecell_data' with __counted_by, which informs the bounds sanitizer (UBSAN_BOUNDS) about the number of elements in .hws[], so that it can warn when .hws[] is accessed out of bounds.

Linux Samsung Buffer Overflow Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71122 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARN_ON by corrupting the reserved interval tree.

Linux Buffer Overflow Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-13455 HIGH This Week

Thinkplus Fu100 Firmware versions up to - is affected by authentication bypass by spoofing (CVSS 7.8).

Authentication Bypass Thinkplus Tsd303 Firmware Thinkplus Fu100 Firmware Thinkplus Fu200 Firmware Thinkplus Tu800 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-12053 HIGH This Week

The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow. [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-12052 HIGH This Week

The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow. [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-12051 HIGH This Week

The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow. [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-68968 HIGH This Week

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function. [CVSS 7.8 HIGH]

Information Disclosure Harmonyos
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-12050 HIGH This Week

The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow. [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-11224 HIGH PATCH This Week

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to execute stored cross-site scripting through improper input validation in the Kubernetes proxy functionality. [CVSS 7.7 HIGH]

Kubernetes Gitlab XSS
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2025-12166 HIGH This Week

The Appointment Booking Calendar - Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection via the `order` and `append_where_sql` parameters in all versions up to, and including, 1.6.9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. [CVSS 7.5 HIGH]

WordPress SQLi PHP
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-14770 HIGH This Week

The Shipping Rate By Cities plugin for WordPress is vulnerable to SQL Injection via the 'city' parameter in all versions up to, and including, 2.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. [CVSS 7.5 HIGH]

WordPress SQLi PHP
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21889 HIGH PATCH This Week

Weblate versions prior to 5.15.2 expose screenshot images through the web server without authentication controls, enabling unauthenticated attackers to retrieve sensitive screenshots by predicting their filenames. This improper access control flaw affects all users whose screenshot content should be restricted. A patch is available in version 5.15.2 and later.

Authentication Bypass Weblate Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22240 HIGH This Week

Bluvoyix stores user passwords in plaintext and exposes them through unauthenticated APIs, allowing remote attackers to retrieve credentials without authentication and gain administrative access to customer accounts. This high-severity vulnerability affects all users of the platform and could lead to complete compromise of customer data, with no patch currently available.

Information Disclosure Bluvoyix
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-9142 HIGH This Week

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory. [CVSS 7.5 HIGH]

Windows
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-15266 HIGH This Week

The GeekyBot - Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the chat message field in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. [CVSS 7.2 HIGH]

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-37183 HIGH This Week

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. [CVSS 7.2 HIGH]

SQLi Edgeconnect Sd Wan Orchestrator
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-37182 HIGH This Week

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. [CVSS 7.2 HIGH]

SQLi Edgeconnect Sd Wan Orchestrator
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-37181 HIGH This Week

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. [CVSS 7.2 HIGH]

SQLi Edgeconnect Sd Wan Orchestrator
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-23498 HIGH PATCH This Week

Shopware versions 6.7.0.0 through 6.7.6.0 contain a code injection vulnerability in the map() function override that fails to validate PHP Closures against an allowlist, enabling authenticated attackers with high privileges to execute arbitrary code. The vulnerability reintroduces a regression from CVE-2023-2017 and affects the open commerce platform's core functionality. A patch is available in version 6.7.6.1.

PHP Shopware
NVD GitHub
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-15283 HIGH This Week

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name_directory_name' and 'name_directory_description' parameters in all versions up to, and including, 1.30.3 due to insufficient input sanitization and output escaping. [CVSS 7.2 HIGH]

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-15378 HIGH This Week

The AJS Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'note_list_class' and 'popup_display_effect_in' parameters in all versions up to, and including, 1.0 due to missing authorization and nonce verification on settings save, as well as insufficient input sanitization and output escaping. [CVSS 7.2 HIGH]

WordPress XSS PHP
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-14613 HIGH This Week

The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0. This is due to the plugin using wp_remote_get() instead of wp_safe_remote_get() to fetch content from a user-supplied URL in the 'url' parameter of the [gcfu] shortcode. [CVSS 7.2 HIGH]

WordPress SSRF PHP
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-71136 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read() to return -EIO. Those values are further used as indexes for accessing arrays.

Linux Buffer Overflow Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-71133 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdma_net_event irdma_net_event() should not dereference anything from "neigh" (alias "ptr") until it has checked that the event is NETEVENT_NEIGH_UPDATE.

Linux Buffer Overflow Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-71116 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: libceph: make decode_pool() more resilient against corrupted osdmaps If the osdmap is (maliciously) corrupted such that the encoded length of ceph_pg_pool envelope is less than what is expected for a particular encoding version, out-of-bounds reads may ensue because the only bounds check that is there is based on that length value.

Linux Buffer Overflow Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-71112 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlan_del_fail_bmap is BITS_TO_LONGS(VLAN_N_VID).

Linux Information Disclosure Buffer Overflow
NVD VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-14615 HIGH This Week

The DASHBOARD BUILDER - WordPress plugin for Charts and Graphs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.7. This is due to missing nonce validation on the settings handler in dashboardbuilder-admin.php. [CVSS 7.1 HIGH]

WordPress PHP SQLi CSRF
NVD
CVSS 3.1
7.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy