Skip to main content
CVE-2021-47839 MEDIUM POC This Month

Marky 0.0.1 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code execution. [CVSS 7.2 HIGH]

RCE XSS
NVD GitHub Exploit-DB VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2021-47836 MEDIUM POC This Month

Markdown Explorer 0.1.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious code through file uploads and editor inputs. Attackers can upload markdown files with embedded JavaScript payloads to execute remote commands and potentially gain system access. [CVSS 6.1 MEDIUM]

XSS
NVD GitHub Exploit-DB VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-20759 HIGH This Week

Authenticated command injection in TOA Corporation TRIFORA 3 series network cameras allows low-privilege monitoring users to execute arbitrary OS commands on affected devices. The vulnerability requires valid credentials but no user interaction, making it exploitable by insiders or accounts obtained through credential compromise. No patch is currently available for this high-severity flaw affecting network infrastructure.

Command Injection
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2025-12957 HIGH This Week

All-in-One Video Gallery (WordPress plugin) versions up to 4.5.7. is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress RCE PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-21625 HIGH This Week

Arbitrary file upload in Joomla's Easy Discuss component allows authenticated attackers to bypass file validation by spoofing extensions, since the component relies solely on extension checks without verifying MIME types. An attacker with user privileges can upload malicious files to achieve remote code execution on affected systems. No patch is currently available.

Joomla Easydiscuss
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-64691 HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (OS standard user) to tamper with TCL Macro scripts and escalate privileges to OS system, potentially resulting in complete compromise of the model application server. [CVSS 8.8 HIGH]

RCE Code Injection Process Optimization
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-65118 HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbitrary code and escalate privileges to OS System, potentially resulting in complete compromise of the Model Application Server. [CVSS 8.8 HIGH]

Privilege Escalation RCE Process Optimization
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-0695 HIGH This Week

Stored cross-site scripting in ConnectWise PSA versions before 2026.1 allows authenticated users to inject malicious scripts into Time Entry notes that execute in other users' browsers when viewed in the audit trail. An attacker with legitimate access could leverage this to steal session tokens, perform unauthorized actions, or compromise other users within the PSA system. No patch is currently available.

XSS Professional Service Automation
NVD
CVSS 3.1
8.7
EPSS
0.0%
CVE-2025-61943 HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Standard User) to tamper with queries in Captive Historian and achieve code execution under SQL Server administrative privileges, potentially resulting in complete compromise of the SQL Server. [CVSS 8.4 HIGH]

MSSQL Process Optimization
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-12007 HIGH This Week

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image. [CVSS 8.4 HIGH]

Information Disclosure
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-23724 MEDIUM POC PATCH This Month

Stored XSS in WeGIA's attendance incident form allows authenticated attackers to inject malicious scripts through unsanitized dropdown fields, affecting versions prior to 3.6.2. An attacker with login credentials can craft payloads that execute in other users' browsers when they view the affected page. Public exploit code exists for this vulnerability, and a patch is available in version 3.6.2 and later.

PHP XSS Wegia
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-23731 MEDIUM POC PATCH This Month

WeGIA prior to version 3.6.2 lacks framing protection headers (X-Frame-Options and Content-Security-Policy), allowing attackers to perform clickjacking attacks by embedding the application within malicious web pages to trick users into unintended actions. Public exploit code exists for this vulnerability, affecting charitable institutions using vulnerable versions of the web manager.

XSS Wegia
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-14844 HIGH PATCH This Week

Restrict Content versions up to 3.2.16 is affected by authorization bypass through user-controlled key (CVSS 8.2).

WordPress Restrict Content PHP
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2025-62291 HIGH PATCH This Week

In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow. [CVSS 8.1 HIGH]

Buffer Overflow Heap Overflow Integer Overflow Red Hat Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-14510 HIGH CISA This Week

Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120. [CVSS 8.1 HIGH]

Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-64729 HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and escalate their privileges to the identity of a victim user who subsequently interacts with the project files. [CVSS 8.1 HIGH]

Authentication Bypass Process Optimization
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-20960 HIGH PATCH This Week

Insufficient authorization controls in Microsoft Power Apps enable authenticated attackers to achieve remote code execution through network access. An attacker with valid credentials can bypass permission checks to execute arbitrary code within the affected environment. No patch is currently available for this vulnerability.

Microsoft Power Apps
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-23535 HIGH PATCH This Week

The wlc Weblate command-line client prior to version 1.17.2 is vulnerable to arbitrary file write attacks through path traversal when downloading multi-translations from a malicious or compromised server. An authenticated attacker can exploit this vulnerability by crafting a specially designed server response to write files to arbitrary locations on the victim's system, potentially compromising system integrity. This vulnerability affects wlc versions before 1.17.2 and is fixed in the patched version.

Path Traversal Wlc
NVD GitHub
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-68921 HIGH This Week

SteelSeries Nahimic 3 1.10.7 allows Directory traversal. [CVSS 7.8 HIGH]

Path Traversal Nahimic
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-0975 HIGH This Week

Delta Electronics DIAView has Command Injection vulnerability. [CVSS 7.8 HIGH]

Industrial Command Injection Diaview
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-44238 HIGH This Week

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. [CVSS 7.8 HIGH]

Apple Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-48647 HIGH This Week

In cpm_fwtp_msg_handler of cpm/google/lib/tracepoint/cpm_fwtp_ipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23529 HIGH This Week

Arbitrary file read vulnerability in Kafka Connect BigQuery Connector prior to version 2.11.0 allows authenticated attackers to read sensitive files by injecting malicious credential configurations through improperly validated credential_source parameters. An attacker with connector configuration privileges can exploit this to access arbitrary files on the system or perform server-side request forgery attacks against internal endpoints. No patch is currently available for affected Apache Kafka deployments.

Apache SSRF
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-68924 HIGH This Week

Umbraco Forms versions up to 8.13.16 is affected by inclusion of functionality from untrusted control sphere (CVSS 7.5).

RCE Umbraco Forms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-1023 HIGH This Week

Gotac's Statistics Database System lacks authentication controls on query functionality, enabling unauthenticated remote attackers to directly access and retrieve sensitive database contents. With a CVSS score of 7.5, this vulnerability poses a significant confidentiality risk to organizations running affected versions, and no patch is currently available.

Industrial Statistics Database System
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1022 HIGH This Week

Gotac's Statistics Database System is vulnerable to unauthenticated path traversal attacks that enable remote attackers to read arbitrary files from affected systems without authentication. The vulnerability affects industrial and statistics database deployments, allowing an attacker to download sensitive system files and potentially obtain confidential data. No patch is currently available for this high-severity vulnerability.

Industrial Path Traversal Statistics Database System
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1018 HIGH This Week

Gotac's Police Statistics Database System is vulnerable to unauthenticated arbitrary file read attacks via absolute path traversal, enabling remote attackers to download sensitive system files without authentication. The vulnerability carries high severity (CVSS 7.5) with broad network accessibility and no user interaction required. No patch is currently available, leaving affected deployments at risk until remediation is released.

Industrial Path Traversal Police Statistics Database System
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-68675 HIGH PATCH GHSA This Week

In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information. These fields were not treated as sensitive by default and therefore were not automatically masked in log output. As a result, when such connections are rendered or printed to logs, proxy credentials embedded in these fields could be exposed. Users are recommended to upgrade to 3.1.6 or later for Airflow 3, and 2.11.1 or la...

Apache Airflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-68438 HIGH PATCH GHSA This Week

In Apache Airflow versions before 3.1.6, when rendered template fields in a Dag exceed [core] max_templated_field_length, sensitive values could be exposed in cleartext in the Rendered Templates UI. [CVSS 7.5 HIGH]

Apache Airflow
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-23490 HIGH PATCH This Week

pyasn1 is a generic ASN.1 library for Python. versions up to 0.6.2 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Python Denial Of Service Debian Linux Pyasn1
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-0613 HIGH This Week

The Librarian's web_fetch tool can be exploited via SSRF to perform unauthorized GET requests against internal IP addresses and cloud services within the Hertzner environment, allowing attackers to conduct port scanning and reconnaissance of the infrastructure. This unauthenticated network-based attack requires no user interaction and could expose sensitive internal services and their configurations. While the vendor has released patches, exploitation remains possible on unpatched instances.

SSRF AI / ML The Librarian
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-0616 HIGH This Week

TheLibrarian's web_fetch tool can expose the Adminer interface, enabling unauthenticated remote attackers to obtain credentials for the internal backend system. This high-severity vulnerability affects AI/ML deployments and TheLibrarian installations, with no patch currently available. An attacker with network access could leverage the exposed interface to gain unauthorized administrative access to the backend infrastructure.

Information Disclosure AI / ML The Librarian
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-0612 HIGH This Week

The Librarian's web_fetch tool permits attackers to retrieve arbitrary external content and proxy requests through the application's infrastructure without authentication, resulting in information disclosure. This network-accessible vulnerability affects all versions of The Librarian AI/ML product and has high severity due to its ease of exploitation and potential for infrastructure abuse. A vendor patch is currently unavailable.

Information Disclosure AI / ML The Librarian
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-59870 HIGH This Week

HCL MyXalytics  is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk [CVSS 7.4 HIGH]

Information Disclosure Myxalytics
NVD
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-22865 HIGH PATCH This Week

Gradle versions before 9.3.0 fail to properly handle certain exceptions during dependency resolution, allowing attackers who control a repository to serve malicious artifacts by disrupting legitimate repository services. When transient errors occur, Gradle incorrectly continues to the next configured repository instead of disabling the failing source, enabling attackers to intercept and redirect dependency resolution to attacker-controlled repositories. This vulnerability affects Java builds using vulnerable Gradle versions and requires network-level control over a repository to exploit.

Java Gradle Suse
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-22816 HIGH PATCH This Week

Gradle before version 9.3.0 fails to treat certain dependency resolution exceptions as fatal errors, allowing builds to continue using alternate repositories when encountering unresolvable hostnames. An attacker could exploit this by registering a domain matching a typo or lapsed registration to intercept and supply malicious dependencies to affected builds. This affects Java projects using vulnerable Gradle versions with multiple configured repositories.

Java Gradle Suse
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-15032 HIGH This Week

blank indicator in custom-sized new windows in Dia versions up to 1.9.0 is affected by improper restriction of rendered ui layers or frames (CVSS 7.4).

Windows macOS
NVD
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-65117 HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements. [CVSS 7.4 HIGH]

Privilege Escalation Process Optimization
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-0615 HIGH This Week

The Librarian's web_fetch tool can access the supervisord status page, exposing information about running backend processes to unauthenticated remote attackers. This information disclosure vulnerability (CVSS 7.3) affects AI/ML deployments and could enable attackers to map internal service architecture and identify targets for further exploitation. No patch is currently available for this vulnerability.

Information Disclosure AI / ML The Librarian
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-31510 HIGH This Week

In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting (XSS) allows remote attackers to inject arbitrary web script or HTML (into the login page) via the tab parameter, for Choice authentication. [CVSS 7.2 HIGH]

LDAP XSS
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-12006 HIGH This Week

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image. [CVSS 7.2 HIGH]

Information Disclosure
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-24528 HIGH PATCH This Week

In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash. [CVSS 7.1 HIGH]

Integer Overflow Denial Of Service Red Hat Suse
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-21223 HIGH PATCH This Week

Chromium-based Microsoft Edge contains a privilege management flaw that enables local authenticated users to circumvent security controls through improper access restrictions. An authorized attacker can exploit this vulnerability to gain unauthorized capabilities on the affected system, though the specific security feature being bypassed is not detailed. No patch is currently available for this high-severity issue.

Microsoft Edge Chromium Chrome
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-64769 HIGH This Week

The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or data leakage in certain man-in-the-middle or passive inspection scenarios. [CVSS 7.1 HIGH]

Information Disclosure Process Optimization
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-14435 MEDIUM PATCH This Month

Mattermost versions 10.11.x <= 10.11.8, 11.1.x <= 11.1.1, 11.0.x <= 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops. [CVSS 6.8 MEDIUM]

Denial Of Service Mattermost Server Suse
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-24531 MEDIUM PATCH This Month

In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass. [CVSS 6.7 MEDIUM]

Authentication Bypass Red Hat Suse
NVD GitHub
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-12641 MEDIUM This Month

The Awesome Support - WordPress HelpDesk & Support Plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in all versions up to, and including, 6.3.6. [CVSS 6.5 MEDIUM]

WordPress PHP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-22876 MEDIUM This Month

TOA Corporation TRIFORA 3 series network cameras contain a path traversal vulnerability that allows authenticated users with monitoring privileges or higher to read arbitrary files from the device. An attacker with valid credentials can exploit this flaw to access sensitive information stored on the affected cameras. No patch is currently available for this vulnerability.

Path Traversal
NVD
CVSS 3.0
6.5
EPSS
0.0%
CVE-2026-0696 MEDIUM This Month

Professional Service Automation contains a vulnerability that allows attackers to client-side scripts access to session cookie values (CVSS 6.5).

Information Disclosure Professional Service Automation
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-0949 MEDIUM This Month

Postgres Enterprise Manager versions up to 9.8.1 is affected by cross-site scripting (xss) (CVSS 6.5).

XSS Postgres Enterprise Manager
NVD
CVSS 3.1
6.5
EPSS
0.0%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy