THREAT ALERT

EMERGENCY CVE-2026-20963 9.8 Microsoft Office SharePoint contains a deserialization vulnerability (CVE-2026-20963) that allows authenticated users to execute arbitrary code over the network through crafted serialized objects. KEV-listed with public PoC, this CVSS 8.8 vulnerability enables any SharePoint user to escalate to server-level code execution, making it a critical threat for organizations relying on SharePoint for document management and collaboration. | ACT NOW CVE-2026-22200 7.5 Arbitrary file disclosure in osTicket 1.18.x before 1.18.3 and 1.17.x before 1.17.7 allows unauthenticated attackers to read sensitive server files by injecting malicious PHP filter expressions into ticket descriptions that are processed during PDF export. The vulnerability exploits insufficient sanitization in the mPDF library integration, enabling attackers to embed arbitrary file contents as images in generated PDFs when exporting tickets. Public exploit code exists and the issue affects default configurations where guest ticket creation is enabled. | EMERGENCY CVE-2026-21891 9.4 ZimaOS (fork of CasaOS) through 1.5.0 has an authentication bypass where passwords for system service accounts are not properly validated during login. Attackers can access the system using known service account names with any password. PoC available, EPSS 13.6%. | ACT NOW CVE-2025-66376 7.2 Zimbra Collaboration Suite (ZCS) 10.x contains a stored XSS vulnerability in the Classic UI that allows attackers to execute arbitrary JavaScript through CSS @import directives in HTML emails. KEV-listed, this vulnerability (CVE-2025-66376) enables session hijacking and account takeover when administrators or users view malicious emails, making it a high-value target for email-based espionage campaigns. | ACT NOW CVE-2025-43529 8.8 WebKit arbitrary code execution via use-after-free memory corruption affects Safari 26.2, iOS/iPadOS 18.7.3 through 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, and watchOS 26.2, allowing remote attackers to execute arbitrary code by convincing users to visit malicious websites. This vulnerability is confirmed actively exploited (CISA KEV) in extremely sophisticated targeted attacks against specific individuals on iOS versions prior to iOS 26, per Apple's security bulletin. EPSS score of 0.12% (32nd percentile) significantly understates real-world risk given confirmed exploitation. Related vulnerability CVE-2025-14174 was issued for the same exploitation campaign, suggesting a complex attack chain targeting Apple ecosystem users. |

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — January 15, 2026

152 CVEs tracked today. 17 Critical, 61 High, 65 Medium, 6 Low.

CVE-2026-23520 CRITICAL CVSS 9.0
Arcane Docker management tool before 1.13.0 has command injection in lifecycle labels. Container labels are passed to /bin/sh -c without sanitization, enabling RCE. PoC available.

Docker Command Injection Arcane Suse
CVE-2026-23519 CRITICAL CVSS 9.8
RustCrypto CMOV before 0.4.4 emits non-constant-time assembly on ARM Cortex-M0/M0+/M1 targets. Cryptographic operations that rely on constant-time guarantees are broken on these embedded platforms. PoC available, patch available.

Industrial Cmov
CVE-2026-22908 CRITICAL CVSS 9.1
Uploading unvalidated container images enables remote attackers with admin access to achieve full system compromise through malicious containers.

Information Disclosure Tdc X401gl Firmware
CVE-2026-22907 CRITICAL CVSS 9.9
Container management vulnerability allows authenticated users to escape to the host filesystem with read/write access. CVSS 9.9 with scope change.

Authentication Bypass Tdc X401gl Firmware
CVE-2026-1009 CRITICAL CVSS 9.0
Altium Forum has stored XSS in forum posts with scope change (CVSS 9.0). Authenticated attackers can inject JavaScript that executes in other users' sessions, including accessing Altium design tools and project data.

XSS Altium Live
CVE-2025-70892 CRITICAL CVSS 9.8
Phpgurukul Cyber Cafe Management System v1.0 has SQL injection in the username parameter of add-users.php. PoC available.

PHP SQLi Cyber Cafe Management System
CVE-2025-67822 CRITICAL CVSS 9.4
Mitel MiVoice MX-ONE 7.3-7.8 SP1 has authentication bypass in the Provisioning Manager. Unauthenticated attackers can access user or admin accounts in the VoIP management system.

Authentication Bypass Mivoice Mx One
CVE-2025-67647 CRITICAL CVSS 9.1
SvelteKit 2.19.0-2.49.4 has SSRF/DoS affecting applications with prerendered routes. Can be exploited to make the server perform arbitrary requests or become unresponsive. Patch available.

Denial Of Service Kit Adapter Node
CVE-2025-67084 CRITICAL CVSS 9.9
InvoicePlane through 1.6.3 allows authenticated users to upload PHP files as attachments that can be executed remotely. Low privileges sufficient with scope change. PoC available.

PHP RCE Invoiceplane
CVE-2025-67079 CRITICAL CVSS 9.8
Omnispace Agora Project (before 25.10) allows RCE through crafted PDF upload that exploits the ImageMagick MSL engine via the thumbnail function.

File Upload Agora Project
CVE-2025-62193 CRITICAL CVSS 9.8
NOAA PMEL Live Access Server (LAS) has unauthenticated RCE through PyFerret SPAWN commands embedded in requests. Scientific data servers running LAS are vulnerable to complete compromise.

RCE Command Injection
CVE-2023-7334 CRITICAL CVSS 9.8
Changjetong T+ (through 16.x) has .NET deserialization RCE in an AjaxPro endpoint. Attacker-controlled JSON triggers deserialization of malicious .NET types. PoC available.

Dotnet RCE Deserialization
CVE-2021-47819 CRITICAL CVSS 9.8
ProjeQtOr Project Management 9.1.4 allows guest users to upload PHP files through profile attachments. Unauthenticated RCE via web shell. PoC available.

PHP
CVE-2021-47781 CRITICAL CVSS 9.8
Cmder Console Emulator 1.3.18 can be crashed via a malicious .cmd file with repeated characters, causing buffer overflow and DoS. PoC available.

Buffer Overflow Denial Of Service
CVE-2021-47774 CRITICAL CVSS 9.8
Kingdia CD Extractor 3.0.2 has a buffer overflow in the registration name field. PoC available.

Dns RCE Buffer Overflow
CVE-2021-47772 CRITICAL CVSS 9.8
10-Strike Network Inventory Explorer Pro 9.31 has a buffer overflow in text file import that enables RCE through crafted files. PoC available.

RCE Buffer Overflow Network Inventory Explorer
CVE-2021-47753 CRITICAL CVSS 9.8
phpKF CMS 3.00 Beta allows unauthenticated PHP file upload by disguising it as a PNG, then renaming it for execution. PoC available.

PHP Cms
CVE-2026-23622 HIGH CVSS 8.8
Inadequate CSRF protection in Easy!Appointments 1.5.2 and earlier allows unauthenticated attackers to perform state-changing operations through GET requests, enabling account creation, credential modification, and complete admin account takeover. The vulnerability exists because csrf_verify() only validates POST requests while application endpoints accept parameters via GET or $_REQUEST. Public exploit code exists for this high-severity flaw and no patch is currently available.

PHP CSRF
CVE-2026-23527 HIGH CVSS 8.9
HTTP request smuggling in H3 framework versions before 1.15.5 allows remote attackers to bypass security controls by exploiting improper case-sensitive validation of the Transfer-Encoding header. The vulnerability enables attackers to inject malicious requests that diverge between client and server parsing, potentially leading to cache poisoning, session hijacking, or other attacks. Public exploit code exists for this vulnerability.

Code Injection H3 Redhat
CVE-2026-23493 HIGH CVSS 8.6
Pimcore versions up to 12.3.1 is affected by insertion of sensitive information into log file (CVSS 8.6).

Information Disclosure Pimcore
CVE-2026-22910 HIGH CVSS 7.5
TDC X401GL firmware contains hardcoded default credentials for privileged user accounts, enabling unauthenticated attackers to gain unauthorized administrative access over the network. This vulnerability affects all deployments using default configurations and could allow attackers to compromise system integrity and perform unauthorized operations. No patch is currently available.

Authentication Bypass Tdc X401gl Firmware
CVE-2026-22909 HIGH CVSS 7.5
TDC X401gl devices with unpatched firmware lack proper authorization controls for critical system functions, enabling unauthenticated remote attackers to arbitrarily start, stop, or delete applications and cause denial of service. This network-accessible vulnerability requires no user interaction and affects all default configurations. No patch is currently available.

Authentication Bypass Tdc X401gl Firmware
CVE-2026-22867 HIGH CVSS 8.7
Stored XSS in LaSuite Doc versions 3.8.0 through 4.3.0 allows authenticated users with document editing privileges to inject malicious JavaScript URLs into the Interlinking feature, which execute when other users click the crafted links. This vulnerability affects the collaborative documentation platform's security model by enabling arbitrary code execution in victims' browsers. A patch is available in version 4.4.0.

XSS Docs
CVE-2026-22864 HIGH CVSS 8.1
Arbitrary code execution in Deno runtime versions before 2.5.6 allows unauthenticated attackers to bypass shell script execution restrictions by using alternate casing in batch file extensions (e.g., .BAT, .Bat instead of .bat). The case-sensitive validation flaw enables attackers to spawn blocked Windows batch and command files, achieving remote code execution. Public exploit code exists and no patch is currently available for affected systems.

Windows Deno Suse
CVE-2026-22863 HIGH CVSS 7.5
Deno versions up to 2.6.0 contains a vulnerability that allows attackers to have infinite encryptions (CVSS 7.5).

Information Disclosure Deno Suse
CVE-2026-22803 HIGH CVSS 7.5
SvelteKit versions 2.49.0 through 2.49.4 are vulnerable to denial-of-service attacks through the experimental form remote function, which fails to properly validate binary-encoded form payloads and can be exploited to exhaust server memory. An unauthenticated remote attacker can craft a malicious payload to trigger excessive memory allocation, rendering affected applications unavailable. The vulnerability is resolved in version 2.49.5.

Denial Of Service Kit
CVE-2026-22775 HIGH CVSS 7.5
Denial of service in Svelte devalue library versions 5.1.0 through 5.6.1 allows remote attackers to exhaust CPU and memory resources by supplying malformed input to the parse function, affecting applications that process untrusted serialized data. The vulnerability stems from insufficient validation of ArrayBuffer inputs during deserialization. Applications should upgrade to version 5.6.2 or later.

Denial Of Service Devalue Redhat Suse
CVE-2026-22774 HIGH CVSS 7.5
Denial of service in Svelte devalue versions 5.3.0 through 5.6.1 allows remote attackers to exhaust CPU and memory resources by supplying malformed input to the parse function, affecting applications that process untrusted data. The vulnerability stems from insufficient validation of typed array inputs before hydration, enabling attackers to trigger excessive resource consumption. Update to version 5.6.2 or later to remediate.

Denial Of Service Devalue Redhat
CVE-2026-22265 HIGH CVSS 7.5
Authenticated command injection in Roxy-WI versions prior to 8.2.8.2 enables attackers to execute arbitrary system commands through improper sanitization of the grep parameter in log viewing functionality. Public exploit code exists for this vulnerability, affecting users managing HAProxy, Nginx, Apache, and Keepalived servers through the web interface. A patch is available in version 8.2.8.2 and later.

Apache Nginx Command Injection Roxy Wi
CVE-2026-22249 HIGH CVSS 7.1
Docmost versions 0.21.0 through 0.23.x contain a path traversal vulnerability in the zip import feature that allows authenticated attackers to write arbitrary files to the system due to insufficient filename validation. Public exploit code exists for this vulnerability, which could enable attackers to overwrite critical application files or achieve code execution. The vulnerability is patched in version 0.24.0 and affects all installations using the vulnerable import functionality.

Path Traversal Docmost
CVE-2026-21920 HIGH CVSS 7.5
Denial-of-service attacks against Juniper SRX Series devices running Junos OS 23.4 through 24.4 can be triggered remotely by sending a maliciously crafted DNS request, causing the flowd process to crash and interrupt service until recovery completes. The vulnerability stems from an unchecked return value in the DNS module that allows unauthenticated, network-based attackers to exploit DNS-enabled SRX configurations without any user interaction. No patch is currently available for affected versions.

Juniper Dns Denial Of Service Junos
CVE-2026-21918 HIGH CVSS 7.5
Juniper Networks Junos OS on SRX and MX Series is vulnerable to a double free condition in the flow processing daemon that an unauthenticated network attacker can trigger via a specific TCP packet sequence, causing the daemon to crash and the Fabric Routing Card to restart. This denial-of-service vulnerability affects all versions before 22.4R3-S7, 23.2 before 23.2R2-S3, 23.4 before 23.4R2-S4, and 24.2 before 24.2R2, with no patch currently available. An attacker on the network can exploit this vulnerability without authentication or user interaction to disrupt service availability.

Juniper Denial Of Service Junos
CVE-2026-21917 HIGH CVSS 7.5
Malformed SSL packets can trigger a Denial-of-Service condition in Juniper SRX devices running Junos OS with UTM Web-Filtering enabled, causing Forwarding Processor Card (FPC) crashes and restarts without requiring authentication. An unauthenticated network-based attacker can exploit this input validation flaw in the Web-Filtering module to disrupt device availability across affected Junos versions (23.2R2-S2 through 24.4R2). No patches are currently available for earlier Junos versions, and affected systems remain vulnerable until updates are applied.

Juniper Tls Denial Of Service Junos
CVE-2026-21914 HIGH CVSS 7.5
Juniper SRX Series devices are vulnerable to denial-of-service attacks when processing malformed GTP Modify Bearer Request messages, which trigger an improper lock condition that freezes packet processing threads and causes watchdog timeouts. An unauthenticated network attacker can exploit this without user interaction to crash the forwarding processor and cause complete traffic outages requiring device restart. No patch is currently available for affected Junos OS versions.

Juniper Denial Of Service Junos
CVE-2026-21913 HIGH CVSS 7.5
Unauthenticated network-based attackers can cause a denial of service on Juniper EX4000-48T, EX4000-48P, and EX4000-48MP switches by sending high-volume traffic that crashes the FXPC component and forces a device restart. The vulnerability stems from improper resource initialization in the Internal Device Manager and results in complete service outage until automatic recovery completes. Affected versions include Junos OS 24.4 before 24.4R2 and 25.2 before 25.2R1, with no patch currently available.

Juniper Denial Of Service Junos
CVE-2026-21908 HIGH CVSS 7.1
Juniper Junos OS and Junos OS Evolved contain a use-after-free vulnerability in the 802.1X authentication daemon that allows authenticated, network-adjacent attackers to crash the process or achieve arbitrary code execution as root by triggering specific port state changes. Exploitation requires precise timing of a change-of-authorization event during port transitions, making reliable exploitation difficult but possible. Systems with 802.1X port-based network access control enabled are affected, and no patch is currently available.

Juniper Use After Free Denial Of Service Junos Junos Os Evolved
CVE-2026-21906 HIGH CVSS 7.5
Juniper Junos OS SRX Series suffers a denial of service vulnerability in the packet forwarding engine when PowerMode IPsec and GRE performance acceleration are both enabled, allowing remote attackers to crash the device by sending a specially crafted ICMP packet through a GRE tunnel. The crash results in immediate traffic loss and device restart, affecting systems with both features active on vulnerable SRX platforms. No patch is currently available.

Juniper Denial Of Service Junos
CVE-2026-21905 HIGH CVSS 7.5
Denial of service in Juniper Junos SIP application layer gateway allows unauthenticated remote attackers to crash critical processes by sending malformed SIP messages over TCP, affecting SRX Series and MX Series devices with specific service cards. The vulnerability exploits improper header parsing that triggers an infinite loop and watchdog timer expiration, disabling network traffic flow without requiring authentication or user interaction. No patch is currently available for this high-severity flaw.

Juniper Denial Of Service Junos
CVE-2026-1010 HIGH CVSS 8.0
Stored XSS in Altium Workflow Engine allows authenticated users to inject malicious scripts into workflow forms that execute with administrator privileges when viewed. An attacker can exploit this to escalate privileges, create new admin accounts, steal session tokens, and perform arbitrary administrative actions. No patch is currently available for the on-premises enterprise server deployment.

XSS Privilege Escalation On Prem Enterprise Server
CVE-2026-1008 HIGH CVSS 7.6
Stored XSS in Altium Live user profile fields allows authenticated attackers to inject malicious scripts that execute when other users view the compromised profile, potentially enabling session hijacking or phishing attacks. The vulnerability stems from inadequate server-side input validation that fails to properly sanitize whitespace-based attribute injection techniques. Exploitation requires a valid user account and victim interaction but carries high risk due to cross-site impact affecting other platform users.

XSS Altium Live
CVE-2026-0915 HIGH CVSS 7.5
Stack memory disclosure in GNU C Library versions 2.0-2.42 allows unauthenticated remote attackers to leak sensitive stack contents via crafted DNS queries when getnetbyaddr functions are configured to use the DNS backend for network lookups. This vulnerability affects systems running vulnerable Glibc and DNS resolver combinations, with no available patch currently released.

Dns Glibc Redhat Suse
CVE-2026-0897 HIGH CVSS 7.5
Keras versions up to 3.13.0 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Google Python Denial Of Service AI / ML Keras
CVE-2026-0227 HIGH CVSS 7.5
Unauthenticated remote attackers can crash Palo Alto Networks PAN-OS firewalls through repeated requests, forcing the devices into maintenance mode and causing denial of service. This vulnerability affects Palo Alto firewalls and Prisma Access deployments with no available patch, creating ongoing operational risk. The attack requires no authentication or user interaction and can be exploited over the network.

Paloalto Denial Of Service Pan Os Prisma Access
CVE-2025-71019 HIGH CVSS 7.5
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the wanSpeed parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service Ax1806 Firmware Tenda
CVE-2025-70893 HIGH CVSS 8.8
A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe Management System v1.0 within the adminprofile.php endpoint. [CVSS 8.8 HIGH]

PHP SQLi Cyber Cafe Management System
CVE-2025-70744 HIGH CVSS 7.5
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the cloneType parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service Ax1806 Firmware Tenda
CVE-2025-70656 HIGH CVSS 7.5
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the mac parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service Ax1806 Firmware Tenda
CVE-2025-70308 HIGH CVSS 7.5
An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .gsf file. [CVSS 7.5 HIGH]

Denial Of Service Gpac
CVE-2025-70307 HIGH CVSS 7.5
A stack overflow in the dump_ttxt_sample function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service Gpac
CVE-2025-70304 HIGH CVSS 7.5
A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service Gpac
CVE-2025-70298 HIGH CVSS 8.2
GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function. [CVSS 8.2 HIGH]

Buffer Overflow Information Disclosure Gpac
CVE-2025-67823 HIGH CVSS 8.2
A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting (XSS) attack due to insufficient input validation. [CVSS 8.2 HIGH]

XSS Micontact Center Business Cx
CVE-2025-67246 HIGH CVSS 7.3
A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresses. [CVSS 7.3 HIGH]

Linux Privilege Escalation Information Disclosure Ludashi Driver
CVE-2025-67077 HIGH CVSS 8.8
Agora-Project versions up to 25.10 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

File Upload Agora Project
CVE-2025-67076 HIGH CVSS 7.5
Directory traversal vulnerability in Omnispace Agora Project before 25.10 allowing unauthenticated attackers to read files on the system via the misc controller and the ExternalGetFile action. Only files with an extension can be read. [CVSS 7.5 HIGH]

Path Traversal Agora Project
CVE-2025-66417 HIGH CVSS 7.5
GLPI is a free asset and IT management software package. From 11.0.0, < 11.0.3, an unauthenticated user can perform a SQL injection through the inventory endpoint. [CVSS 7.5 HIGH]

SQLi Glpi
CVE-2025-66292 HIGH CVSS 8.1
DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. [CVSS 8.1 HIGH]

Golang Path Traversal Dpanel Suse
CVE-2025-64516 HIGH CVSS 7.5
GLPI is a free asset and IT management software package. Prior to 10.0.21 and 11.0.3, an unauthorized user can access GLPI documents attached to any item (ticket, asset, ...). [CVSS 7.5 HIGH]

Authentication Bypass Glpi
CVE-2025-61973 HIGH CVSS 8.8
A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges. [CVSS 8.8 HIGH]

Privilege Escalation
CVE-2025-60003 HIGH CVSS 7.5
A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). [CVSS 7.5 HIGH]

Juniper Buffer Overflow Denial Of Service Junos Os Evolved Junos
CVE-2025-59960 HIGH CVSS 7.4
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service (DoS) on the downstream DHCP server. By default, the DHCP relay agent inserts its own Option 82 information when forwarding client requests, optionally replacing any Option 82 information provided by the client. When a speci...

Juniper Denial Of Service Junos Junos Os Evolved
CVE-2025-36911 HIGH CVSS 7.1
Android versions up to - contains a vulnerability that allows attackers to remote (proximal/adjacent) information disclosure of user's conversations and lo (CVSS 7.1).

Information Disclosure Android Google
CVE-2025-13062 HIGH CVSS 8.8
Supreme Modules Lite (WordPress plugin) versions up to 2.5.62. is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress RCE PHP
CVE-2025-9014 HIGH CVSS 7.5
A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, caused by improper input validation. [CVSS 7.5 HIGH]

TP-Link Null Pointer Dereference Denial Of Service Tl Wr841n Firmware
CVE-2024-48077 HIGH CVSS 7.5
An issue in nanomq v0.22.7 allows attackers to cause a Denial of Service (DoS) via a crafted request. The number of data packets received in the recv-q queue of the Nanomq process continues to increase, causing the nanomq broker to fall into a deadlock and be unable to provide normal services. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2021-47784 HIGH CVSS 7.5
Cyberfox Web Browser 52.9.1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the search bar with excessive data. Attackers can generate a 9,000,000 byte payload and paste it into the search bar to trigger an application crash. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2021-47777 HIGH CVSS 8.2
Build Smart ERP 21.0817 contains an unauthenticated SQL injection vulnerability in the 'eidValue' parameter of the login validation endpoint. [CVSS 8.2 HIGH]

SQLi
CVE-2021-47775 HIGH CVSS 8.4
YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. [CVSS 8.4 HIGH]

Dns Buffer Overflow
CVE-2021-47773 HIGH CVSS 7.8
Dynojet Power Core 2.3.0 contains an unquoted service path vulnerability in the DJ.UpdateService that allows local authenticated users to potentially execute code with elevated privileges. [CVSS 7.8 HIGH]

Information Disclosure Power Core
CVE-2021-47767 HIGH CVSS 7.8
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. [CVSS 7.8 HIGH]

Privilege Escalation Network Inventory Explorer
CVE-2021-47766 HIGH CVSS 7.1
Kmaleon 1.1.0.205 contains an authenticated SQL injection vulnerability in the 'tipocomb' parameter of kmaleonW.php that allows attackers to manipulate database queries. [CVSS 7.1 HIGH]

PHP SQLi
CVE-2021-47763 HIGH CVSS 8.2
Aimeos 2021.10 LTS contains a SQL injection vulnerability in the json api 'sort' parameter that allows attackers to inject malicious database queries. Attackers can manipulate the sort parameter to reveal table and column names by sending crafted GET requests to the jsonapi/review endpoint. [CVSS 8.2 HIGH]

SQLi
CVE-2021-47762 HIGH CVSS 7.8
HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
CVE-2021-47761 HIGH CVSS 7.8
MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service executable files in the MariaDB bin directory. Attackers can replace the mysqld.exe with a malicious executable, which will execute with system privileges when the computer restarts. [CVSS 7.8 HIGH]

MySQL Mariadb Privilege Escalation
CVE-2021-47758 HIGH CVSS 8.8
Patient Management System versions up to 2.0.2 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE Patient Management System
CVE-2021-47757 HIGH CVSS 8.8
Patient Management System versions up to 2.0.2 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE Patient Management System
CVE-2021-47755 HIGH CVSS 7.5
Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. [CVSS 7.5 HIGH]

Path Traversal Oliver V5 Library
CVE-2021-47752 HIGH CVSS 7.5
Awebserver versions up to 18 is affected by allocation of resources without limits or throttling (CVSS 7.5).

MySQL Denial Of Service Awebserver
CVE-2026-23511 MEDIUM CVSS 5.3
Zitadel versions prior to 4.9.1 and 3.4.6 contain a user enumeration vulnerability in their login interfaces that allows unauthenticated attackers to discover valid user accounts by testing usernames and user IDs. An attacker can leverage this information disclosure to build lists of existing users for targeted attacks against the identity management platform. The vulnerability has been patched in versions 4.9.1 and 3.4.6.

Information Disclosure Zitadel Suse
CVE-2026-23496 MEDIUM CVSS 5.4
Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. [CVSS 5.4 MEDIUM]

Authentication Bypass Web2print Tools
CVE-2026-23495 MEDIUM CVSS 4.3
Pimcore Admin Classic Bundle versions prior to 2.2.3 and 1.7.16 fail to enforce proper authorization on the Predefined Properties API endpoint, allowing authenticated backend users without explicit permissions to enumerate all property configurations. Public exploit code exists for this vulnerability. The flaw impacts any Pimcore deployment where backend user access controls rely on role-based restrictions for sensitive metadata definitions.

Authentication Bypass Admin Classic Bundle
CVE-2026-23494 MEDIUM CVSS 4.3
Pimcore versions prior to 12.3.1 and 11.5.14 fail to properly validate authorization on the static routes API endpoint, allowing authenticated users without proper permissions to view sensitive route configurations including regex patterns and controller mappings. Public exploit code exists for this vulnerability, and no patch is currently available. The issue affects both PHP and Pimcore installations where backend users with limited privileges could gain unauthorized access to routing infrastructure details.

PHP Pimcore
CVE-2026-22918 MEDIUM CVSS 4.3
Tdc X401gl firmware lacks clickjacking protections, allowing remote attackers to deceive users into executing unintended actions on maliciously crafted pages. An attacker could leverage this vulnerability to trick users into divulging sensitive information or modifying device settings without their knowledge or consent.

Information Disclosure XSS Tdc X401gl Firmware
CVE-2026-22917 MEDIUM CVSS 4.3
Denial of service conditions in TDC X401GL firmware can be triggered by authenticated network attackers through improper input handling at a system endpoint, resulting in resource exhaustion and service unavailability. The vulnerability requires valid credentials and network access but no user interaction, affecting the availability of affected devices. No patch is currently available for this medium-severity issue.

Denial Of Service Tdc X401gl Firmware
CVE-2026-22916 MEDIUM CVSS 4.3
TDC X401GL firmware lacks proper authorization controls on privileged operations, allowing authenticated users to trigger system functions like reboot or factory reset without appropriate restrictions. This could enable attackers with low-level credentials to disrupt service availability or erase device configurations. No patch is currently available for this vulnerability.

Information Disclosure Tdc X401gl Firmware
CVE-2026-22915 MEDIUM CVSS 4.3
Tdc X401gl Firmware contains an information disclosure vulnerability that allows authenticated attackers to access files in restricted directories on the device. The low-privileged access requirement and network-based attack vector create risk for exposure of sensitive data stored on affected devices. No patch is currently available for this vulnerability.

Information Disclosure Tdc X401gl Firmware
CVE-2026-22914 MEDIUM CVSS 4.3
TDC X401GL devices allow authenticated users to write files to restricted locations due to insufficient access controls, enabling unauthorized system modification. The vulnerability requires valid credentials and affects the device's integrity but not confidentiality or availability. No patch is currently available for this firmware issue.

Information Disclosure Tdc X401gl Firmware
CVE-2026-22913 MEDIUM CVSS 4.3
TDC X401GL firmware contains a reflected cross-site scripting vulnerability in URL parameter handling that allows unauthenticated attackers to inject malicious scripts executed in authenticated users' browsers. Successful exploitation enables attackers to steal sensitive data from compromised sessions without user knowledge. No patch is currently available.

Information Disclosure XSS Tdc X401gl Firmware
CVE-2026-22912 MEDIUM CVSS 4.3
Insufficient validation of login parameters in TDC X401gl Firmware enables open redirect attacks that can redirect authenticated users to attacker-controlled websites. This allows threat actors to harvest credentials and conduct phishing attacks against unsuspecting users following successful authentication. The vulnerability requires user interaction but carries minimal complexity, affecting systems accessible over the network.

Open Redirect Tdc X401gl Firmware
CVE-2026-22911 MEDIUM CVSS 5.3
TDC X401GL firmware updates contain hardcoded password hashes for system accounts that are accessible to unauthenticated remote attackers over the network. An attacker could extract these hashes and potentially recover credentials to gain unauthorized access to the device. No patch is currently available for this vulnerability.

Authentication Bypass Tdc X401gl Firmware
CVE-2026-22646 MEDIUM CVSS 4.3
Incoming Goods Suite exposes sensitive internal system information through error messages accessible to authenticated users, enabling attackers to gather reconnaissance data such as file paths and database details for further exploitation. With network accessibility and low complexity requirements, an attacker with valid credentials can leverage this information disclosure to map the application's architecture and identify additional vulnerabilities.

Information Disclosure Incoming Goods Suite
CVE-2026-22645 MEDIUM CVSS 5.3
Incoming Goods Suite exposes component names, versions, and license details to unauthenticated users, enabling attackers to identify and exploit known vulnerabilities in those dependencies. This information disclosure affects any organization running the application and allows remote adversaries to conduct targeted attacks without authentication.

Information Disclosure Incoming Goods Suite
CVE-2026-22644 MEDIUM CVSS 5.3
Incoming Goods Suite contains a vulnerability that allows attackers to hijack the user's session and gain unauthorized access (CVSS 5.3).

Authentication Bypass Incoming Goods Suite
CVE-2026-22045 MEDIUM CVSS 5.9
Denial of service in Traefik versions prior to 2.11.35 and 3.6.7 allows unauthenticated remote attackers to exhaust server resources by establishing incomplete ACME TLS-ALPN connections and leaving them open indefinitely. An attacker can send minimal ClientHello messages with the acme-tls/1 protocol and cease responding, causing goroutines and file descriptors to be held until the entry point becomes unavailable. The vulnerability affects systems with ACME TLS challenge enabled.

Golang Tls Denial Of Service Traefik Redhat
CVE-2026-21921 MEDIUM CVSS 6.5
Repeated telemetry collector subscriptions in Juniper Junos OS and Junos OS Evolved trigger a use-after-free vulnerability in the chassis daemon, allowing authenticated network attackers to crash critical processes and cause denial of service. Affected versions prior to 22.4R3-S8, 23.2R2-S5, and 23.4R2 are vulnerable when telemetry-capable daemons experience continuous sensor subscription cycles. No patch is currently available, leaving affected systems exposed until updates are released.

Juniper Use After Free Denial Of Service Junos Junos Os Evolved
CVE-2026-21912 MEDIUM CVSS 5.5
A race condition in Juniper Junos OS on MX10k Series with LC480 or LC2101 line cards allows low-privileged local users to crash line card and potentially chassis daemons by repeatedly executing the 'show system firmware' command. Affected versions include all releases before 21.2R3-S10 and multiple later branches up to 23.2R, with no patch currently available. This denial of service vulnerability requires local access and can be triggered without elevated privileges.

Juniper Denial Of Service Race Condition Junos
CVE-2026-21911 MEDIUM CVSS 6.5
MAC learning failures in Juniper Junos OS Evolved's Layer 2 Control Protocol Daemon can be triggered by a network-adjacent attacker who repeatedly toggles the management interface, causing label-switched interface MAC address learning to halt while generating excessive logs and consuming high CPU resources. This calculation error (CWE-682) affects availability through denial of service and currently has no available patch. The attack requires network adjacency but no authentication or user interaction.

Juniper Junos Os Evolved
CVE-2026-21910 MEDIUM CVSS 6.5
EVPN-VXLAN traffic interruption in Juniper Junos on EX4k and QFX5k Series platforms allows adjacent network attackers to trigger interface link flaps that cause inter-VNI traffic to drop in configurations using Virtual Port-Link Aggregation Groups. An unauthenticated attacker can exploit this condition to deny service to VXLAN traffic between virtual network identifiers when multiple load-balanced next-hop routes exist for the same destination. No patch is currently available for this vulnerability.

Juniper Denial Of Service Junos
CVE-2026-21909 MEDIUM CVSS 6.5
Denial of service in Juniper Junos OS and Junos OS Evolved allows an adjacent IS-IS neighbor to trigger a memory leak in the routing protocol daemon by sending specially crafted update packets. Repeated exploitation exhausts available memory and crashes the rpd process, rendering routing unavailable. No patch is currently available.

Juniper Denial Of Service Junos Os Evolved Junos
CVE-2026-21907 MEDIUM CVSS 5.9
Junos Space versions up to 24.1 is affected by use of a broken or risky cryptographic algorithm (CVSS 5.9).

Juniper Tls Junos Space
CVE-2026-21903 MEDIUM CVSS 6.5
Denial-of-service in Juniper Junos OS Packet Forwarding Engine allows authenticated attackers to crash Forwarding Processor Cards by subscribing to telemetry sensors at scale, forcing service restarts and network disruption. The vulnerability affects Junos versions before 22.4R3-S7, 23.2R2-S4, and 23.4R2, with no patch currently available. Installation of specific YANG sensor packages mitigates the issue.

Juniper Buffer Overflow Stack Overflow Denial Of Service Junos
CVE-2026-20076 MEDIUM CVSS 4.8
Stored XSS in Cisco ISE's web management interface allows authenticated administrators to inject malicious scripts that execute in other users' browsers, potentially compromising sensitive information or hijacking administrative sessions. Exploitation requires valid admin credentials and user interaction, making it suitable for insider threats or compromised accounts. No patch is currently available.

Cisco XSS Identity Services Engine
CVE-2026-20075 MEDIUM CVSS 4.8
Stored XSS in Cisco Prime Infrastructure and EPNM web management interfaces allows authenticated administrators with high privileges to inject malicious scripts that execute in other users' browsers, potentially enabling session hijacking or credential theft. The vulnerability stems from insufficient input validation in specific data fields and requires valid admin credentials to exploit. No patch is currently available.

Cisco XSS Prime Infrastructure Evolved Programmable Network Manager
CVE-2026-20047 MEDIUM CVSS 4.8
Cisco ISE and ISE-PIC's web management interface fails to properly sanitize user input, enabling authenticated admins to inject malicious scripts that execute in other users' browsers. Successful exploitation allows attackers with valid administrative credentials to steal session data or perform actions on behalf of legitimate users through reflected XSS attacks. No patch is currently available.

Cisco XSS Identity Services Engine
CVE-2026-1002 MEDIUM CVSS 5.3
Improper URI path normalization in Vert.x Web's static file handler allows remote attackers to manipulate the cache and deny access to static files through specially crafted request URIs containing encoded path traversal sequences. An unauthenticated attacker can exploit this vulnerability over the network with no user interaction to cause denial of service by returning HTTP 404 responses for normally accessible files. Public exploit code exists and patches are available.

Github Vert.X Web Redhat
CVE-2026-0990 MEDIUM CVSS 5.9
libxml2's xmlCatalogXMLResolveURI function is vulnerable to uncontrolled recursion when processing self-referencing delegate URI entries in XML catalogs, allowing remote attackers to trigger stack exhaustion and crash applications. This configuration-dependent denial of service requires specially crafted XML input but no authentication, affecting any application using the vulnerable library to parse untrusted catalogs. No patch is currently available.

Denial Of Service
CVE-2026-0203 MEDIUM CVSS 6.5
Juniper Junos OS Forwarding Plane Crash (FPC) denial of service occurs when a network-adjacent attacker sends a specially crafted ICMPv4 packet with a malformed IP header, causing the affected line card to crash and restart. The attack is limited to directly adjacent networks since upstream routers filter such malformed packets before forwarding. No patch is currently available for this vulnerability affecting multiple Junos OS versions.

Juniper Denial Of Service Junos
CVE-2025-70891 MEDIUM CVSS 6.1
Cyber Cafe Management System versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 6.1).

PHP XSS Cyber Cafe Management System
CVE-2025-70890 MEDIUM CVSS 6.1
Cyber Cafe Management System versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 6.1).

PHP XSS Cyber Cafe Management System
CVE-2025-70310 MEDIUM CVSS 5.5
A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .ogg file. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
CVE-2025-70309 MEDIUM CVSS 5.5
A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file. [CVSS 5.5 MEDIUM]

Stack Overflow Denial Of Service Gpac
CVE-2025-70305 MEDIUM CVSS 5.5
A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file. [CVSS 5.5 MEDIUM]

Stack Overflow Denial Of Service Gpac
CVE-2025-70303 MEDIUM CVSS 5.5
A heap overflow in the uncv_parse_config() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
CVE-2025-70302 MEDIUM CVSS 5.5
A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
CVE-2025-70299 MEDIUM CVSS 6.5
A heap overflow in the avi_parse_input_file() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file. [CVSS 6.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
CVE-2025-68671 MEDIUM CVSS 6.5
lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. [CVSS 6.5 MEDIUM]

Information Disclosure Lakefs Suse
CVE-2025-67083 MEDIUM CVSS 5.3
Directory traversal vulnerability in InvoicePlane through 1.6.3 allows unauthenticated attackers to read files from the server. The ability to read files and the file type depends on the web server and its configuration. [CVSS 5.3 MEDIUM]

Path Traversal Invoiceplane
CVE-2025-67082 MEDIUM CVSS 6.5
An SQL injection vulnerability in InvoicePlane through 1.6.3 has been identified in "maxQuantity" and "minQuantity" parameters when generating a report. An authenticated attacker can exploit this issue via error-based SQL injection, allowing for the extraction of arbitrary data from the database. [CVSS 6.5 MEDIUM]

SQLi Invoiceplane
CVE-2025-67081 MEDIUM CVSS 4.9
An SQL injection vulnerability in Itflow through 25.06 has been identified in the "role_id" parameter when editing a profile. An attacker with admin account can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database. [CVSS 4.9 MEDIUM]

SQLi Itflow
CVE-2025-67078 MEDIUM CVSS 6.1
Cross site scripting (XSS) vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors. [CVSS 6.1 MEDIUM]

XSS Agora Project
CVE-2025-67025 MEDIUM CVSS 6.1
Cross Site Scripting vulnerability in Anycomment anycomment.io 0.4.4 allows a remote attacker to execute arbitrary code via the Anycomment comment section [CVSS 6.1 MEDIUM]

XSS Anycomment.Io
CVE-2025-65368 MEDIUM CVSS 6.1
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting (XSS) via user input and LLM output. [CVSS 6.1 MEDIUM]

XSS AI / ML Sparkyfitness
CVE-2025-65349 MEDIUM CVSS 5.4
Wireless Mini Router Wireless-N 300M Firmware versions up to 28k.minirouter.20190211 is affected by cross-site scripting (xss) (CVSS 5.4).

XSS Wireless Mini Router Wireless N 300m Firmware
CVE-2025-60011 MEDIUM CVSS 5.8
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact for downstream devices. When an affected device receives a specific optional, transitive BGP attribute over an existing BGP session, it will be erroneously modified before propagation to peers. When the attribute is detected as malformed by the peers, these...

Juniper Junos Junos Os Evolved
CVE-2025-60007 MEDIUM CVSS 5.5
A NULL Pointer Dereference vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS on MX, SRX and EX Series allows a local attacker with low privileges to cause a Denial-of-Service (DoS). [CVSS 5.5 MEDIUM]

Juniper Null Pointer Dereference Denial Of Service Junos
CVE-2025-59961 MEDIUM CVSS 5.5
An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the resource. This vulnerability allows any low-privileged user logged into the system to connect to the Unix socket and issue commands to manage the DHCP service, in essence, taking administrative control...

Juniper Junos Junos Os Evolved
CVE-2025-59959 MEDIUM CVSS 5.5
An Untrusted Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial-of-Service (DoS). [CVSS 5.5 MEDIUM]

Juniper Denial Of Service Junos Junos Os Evolved
CVE-2025-52987 MEDIUM CVSS 6.1
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. [CVSS 6.1 MEDIUM]

Juniper Paragon Automation
CVE-2025-15265 MEDIUM CVSS 6.1
An SSR XSS exists in async hydration when attacker‑controlled keys are passed to hydratable. The key is embedded inside a <script> block without HTML‑safe escaping, allowing </script> to terminate the script and inject arbitrary JavaScript. [CVSS 6.1 MEDIUM]

XSS Svelte Redhat
CVE-2025-14448 MEDIUM CVSS 5.4
WP-Members Membership Plugin (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 5.4).

WordPress XSS Wp Members PHP
CVE-2025-13859 MEDIUM CVSS 6.4
The AffiliateX - Amazon Affiliate Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_customization_settings AJAX action in versions 1.0.0 to 1.3.9.3. [CVSS 6.4 MEDIUM]

WordPress PHP
CVE-2025-13844 MEDIUM CVSS 5.3
CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody. [CVSS 5.3 MEDIUM]

Memory Corruption Ecostruxure Power Build Rapsody
CVE-2025-12895 MEDIUM CVSS 5.3
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kalium_vc_contact_form_request() function in all versions up to, and including, 3.29. [CVSS 5.3 MEDIUM]

WordPress PHP
CVE-2021-47843 MEDIUM CVSS 5.4
Tagstoo 2.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious payloads through files or custom tags. Attackers can execute arbitrary JavaScript code to spawn system processes, access files, and perform remote code execution on the victim's computer. [CVSS 5.4 MEDIUM]

RCE XSS Tagstoo
CVE-2021-47799 MEDIUM CVSS 6.2
its Sudo configuration contains a vulnerability that allows attackers to gain root access (CVSS 6.2).

Dns Privilege Escalation
CVE-2021-47776 MEDIUM CVSS 5.3
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. [CVSS 5.3 MEDIUM]

SSRF Umbraco Cms
CVE-2021-47771 MEDIUM CVSS 5.5
Rdp Manager versions up to 4.9.9.3 is affected by allocation of resources without limits or throttling (CVSS 5.5).

Denial Of Service Rdp Manager
CVE-2021-47769 MEDIUM CVSS 4.8
Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. [CVSS 4.8 MEDIUM]

XSS Isshue
CVE-2021-47768 MEDIUM CVSS 6.1
ImportExportTools NG 10.0.4 contains a persistent HTML injection vulnerability in the email export module that allows remote attackers to inject malicious HTML payloads. [CVSS 6.1 MEDIUM]

XSS Importexporttools Ng
CVE-2021-47765 MEDIUM CVSS 5.5
AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating username and error report fields. [CVSS 5.5 MEDIUM]

Denial Of Service Absolutetelnet
CVE-2021-47764 MEDIUM CVSS 5.5
AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating DialUp connection and license name fields. [CVSS 5.5 MEDIUM]

Denial Of Service Absolutetelnet
CVE-2021-47759 MEDIUM CVSS 6.2
MTPutty 1.0.1.21 contains a sensitive information disclosure vulnerability that allows local attackers to view SSH connection passwords through Windows PowerShell process listing. [CVSS 6.2 MEDIUM]

Windows Ssh Information Disclosure
CVE-2021-47754 MEDIUM CVSS 6.5
Arunna 1.0.0 contains a cross-site request forgery vulnerability that allows attackers to manipulate user profile settings without authentication. [CVSS 6.5 MEDIUM]

CSRF Arunna
CVE-2026-23746 None
Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard) versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service (DCG.SmartCardControllerService.exe).

Dotnet RCE
CVE-2026-22920 LOW CVSS 3.7
The device's passwords have not been adequately salted, making them vulnerable to password extraction attacks. [CVSS 3.7 LOW]

Information Disclosure
CVE-2026-22919 LOW CVSS 3.8
An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks, leading to the extraction of sensitive data. [CVSS 3.8 LOW]

XSS
CVE-2026-0992 LOW CVSS 2.9
A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated <nextCatalog> elements pointing to the same downstream catalog. [CVSS 2.9 LOW]

Denial Of Service
CVE-2026-0989 LOW CVSS 3.7
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives. [CVSS 3.7 LOW]

Denial Of Service
CVE-2026-0976 LOW CVSS 3.7
A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. [CVSS 3.7 LOW]

Code Injection
CVE-2025-14457 LOW CVSS 3.7
Drag and Drop Multiple File Upload for Contact Form 7 (WordPress plugin) is affected by missing authorization (CVSS 3.7).

WordPress PHP
CVE-2025-13845 None
CWE-416: Use After Free vulnerability that could cause remote code execution when the end user imports the malicious project file (SSD file) into Rapsody.

RCE Use After Free
CVE-2011-10041 None
Uploadify WordPress plugin versions up to and including 1.0 contain an arbitrary file upload vulnerability in process_upload.php due to missing file type validation.

WordPress PHP RCE

Today's Vulnerabilities Vulnerabilities