Skip to main content
CVE-2021-47778 HIGH POC This Week

GetSimple CMS My SMTP Contact Plugin 1.1.2 contains a PHP code injection vulnerability. An authenticated administrator can inject arbitrary PHP code through plugin configuration parameters, leading to remote code execution on the server. [CVSS 7.2 HIGH]

PHP RCE Code Injection Getsimplecms
NVD GitHub Exploit-DB
CVSS 3.1
7.2
EPSS
1.1%
CVE-2025-68141 HIGH POC This Week

EVerest is an EV charging software stack. Prior to version 2025.10.0, during the deserialization of a `DC_ChargeLoopRes` message that includes Receipt as well as TaxCosts, the vector `<DetailedTax>tax_costs` in the target `Receipt` structure is accessed out of bounds. [CVSS 7.4 HIGH]

Null Pointer Dereference Deserialization Everest
NVD GitHub
CVSS 3.1
7.4
EPSS
0.1%
CVE-2025-68136 HIGH POC This Week

EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole new set of objects like `Session`, `IConnection` which open new TCP socket for the ISO15118-20 communications and registers callbacks for the created file descriptor, without closing and destroying the previous ones. Previous `Session` is not saved and the usage of an `unique_ptr` is lost, destroying connection data. Latter, if the used socket and therefore file des...

Null Pointer Dereference Everest
NVD GitHub
CVSS 3.1
7.4
EPSS
0.1%
CVE-2025-68133 HIGH POC PATCH This Week

EVerest is an EV charging software stack. In versions 2025.9.0 and below, an attacker can exhaust the operating system's memory and cause the module to terminate by initiating an unlimited number of TCP connections that never proceed to ISO 15118-2 communication. [CVSS 7.4 HIGH]

TLS Everest
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-23960 HIGH POC PATCH This Week

Stored cross-site scripting in Argo Workflows (CNCF Kubernetes workflow engine) before 3.6.17 and 3.7.8 lets any authenticated workflow author plant malicious JavaScript that executes in another user's browser under the Argo Server origin, hijacking the victim's session to perform privileged API actions on their behalf. Public exploit details exist via the GitHub Security Advisory (GHSA-cv78-6m8q-ph82), but there is no public exploit identified as weaponized and no CISA KEV listing; EPSS is very low at 0.05% (16th percentile). The flaw is patched in 3.6.17 and 3.7.8.

Kubernetes XSS Argo Workflows
NVD GitHub VulDB
CVSS 4.0
7.3
EPSS
0.1%
CVE-2021-47873 HIGH POC This Week

VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'v_interface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload. [CVSS 7.2 HIGH]

XSS
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2021-47858 HIGH POC This Week

Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. [CVSS 7.2 HIGH]

XSS
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2021-47855 HIGH POC This Week

Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. [CVSS 7.2 HIGH]

XSS
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2021-47857 HIGH POC This Week

Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. [CVSS 7.2 HIGH]

Moodle XSS
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-23986 HIGH POC PATCH This Week

Copier versions prior to 9.11.2 allow local attackers to write arbitrary files outside the intended project destination directory by exploiting symlink handling combined with the _preserve_symlinks feature in ostensibly safe templates. A malicious template author can craft a project template that bypasses security controls without requiring unsafe flags, enabling arbitrary file overwrites within the user's write permissions. Public exploit code exists for this vulnerability.

Information Disclosure Copier
NVD GitHub
CVSS 3.1
7.1
EPSS
0.1%
CVE-2021-47872 HIGH POC This Week

SEO Panel versions prior to 4.9.0 contain a blind SQL injection vulnerability in the archive.php page that allows authenticated attackers to manipulate database queries through the 'order_col' parameter. [CVSS 7.1 HIGH]

PHP SQLi
NVD GitHub Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2021-47830 MEDIUM POC This Month

GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery (CSRF) vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. [CVSS 6.5 MEDIUM]

RCE CSRF Getsimplecms
NVD GitHub Exploit-DB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-68135 MEDIUM POC This Month

EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the `TbdController` loop, leading to its caller and itself to silently terminates. [CVSS 6.5 MEDIUM]

Denial Of Service Everest
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2021-47849 MEDIUM POC This Month

Mini Mouse 9.3.0 contains a path traversal vulnerability that allows attackers to access sensitive system directories through the device information endpoint. Attackers can retrieve file lists from system directories like /usr, /etc, and /var by manipulating file path parameters in API requests. [CVSS 6.2 MEDIUM]

Path Traversal Mini Mouse
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.2%
CVE-2025-69285 MEDIUM POC This Month

SQLBot is an intelligent data query system based on a large language model and RAG. [CVSS 6.1 MEDIUM]

PostgreSQL AI / ML Sqlbot
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-23524 CRITICAL PATCH Act Now

Laravel Reverb WebSocket server versions 1.6.3 and below have an insecure deserialization vulnerability enabling remote code execution on the backend server.

Redis Laravel RCE Deserialization Reverb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-15521 CRITICAL Act Now

Academy LMS WordPress plugin has a privilege escalation vulnerability allowing unauthenticated users to bypass access controls and gain elevated privileges on WordPress sites.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-22807 CRITICAL PATCH Act Now

Remote code execution in vLLM 0.10.1 through 0.13.x lets an attacker who controls the model repository or path run arbitrary Python on the inference host: vLLM auto-loads Hugging Face `auto_map` dynamic modules during model resolution without honoring the `trust_remote_code` safety gate, so attacker-supplied code executes at server startup before any request is processed and without API access. The flaw carries a CVSS 9.8 and is fixed in 0.14.0, with Red Hat shipping multiple RHSA errata; however EPSS is only 0.06% (17th percentile) and there is no public exploit identified at time of analysis, so exploitation hinges on an attacker first influencing which model is loaded. This is a code-injection (CWE-94) trust-boundary bypass rather than a remotely reachable network service bug despite the AV:N rating.

Python Vllm Code Injection RCE
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-23518 CRITICAL PATCH Act Now

Fleet device management software has a signature verification bypass that allows attackers to install malicious firmware on managed devices across the fleet.

Windows Azure Fleet Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-23968 MEDIUM POC PATCH This Month

Copier versions before 9.11.2 allow local attackers to read arbitrary files outside the template directory by exploiting symlink handling when the default `_preserve_symlinks: false` setting is enabled, bypassing the library's safety guarantees for templates that don't require the unsafe flag. An attacker with local access can leverage this to access sensitive files through a malicious or compromised template. Public exploit code exists for this vulnerability.

Information Disclosure Copier
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-57681 MEDIUM POC This Month

The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-jira9 allows users and attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability. [CVSS 5.4 MEDIUM]

Jira XSS Worklogpro
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-23630 MEDIUM POC PATCH This Month

Stored XSS in Docmost 0.3.0-0.23.2 allows authenticated users to execute arbitrary JavaScript in the browsers of document viewers through malicious Mermaid diagram code blocks. The vulnerability exists because unsanitized SVG/HTML output from Mermaid rendering is directly injected into the DOM, and Mermaid's security controls can be disabled via diagram directives. Public exploit code exists for this vulnerability, which is fixed in version 0.24.0.

XSS Docmost
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2021-47817 MEDIUM POC This Month

OpenEMR 5.0.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript through user profile parameters. [CVSS 5.4 MEDIUM]

XSS Openemr
NVD Exploit-DB VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2021-47860 MEDIUM POC This Month

GetSimple CMS Custom JS 0.1 plugin contains a cross-site request forgery vulnerability that allows unauthenticated attackers to inject arbitrary client-side code into administrator browsers. [CVSS 5.3 MEDIUM]

XSS CSRF Getsimplecms
NVD GitHub Exploit-DB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-12781 MEDIUM POC PATCH This Month

When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64decode() functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. [CVSS 5.3 MEDIUM]

Python Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22822 CRITICAL PATCH Act Now

Cross-namespace secret disclosure in External Secrets Operator (versions 0.20.2 through 1.1.x) lets a low-privileged tenant who can author ExternalSecret resources abuse the `getSecretKey` template function to fetch secrets from other namespaces using the controller's own roleBinding, bypassing the operator's namespace-isolation safeguards. The function - originally added for the senhasegura DSM provider - was removed entirely in 1.2.0. There is no public exploit identified at time of analysis and EPSS is negligible (0.01%), but the authorization-bypass primitive is straightforward for any tenant with ExternalSecret create rights.

Kubernetes External Secrets Operator Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2021-47870 MEDIUM POC This Month

GetSimple CMS My SMTP Contact Plugin 1.1.2 suffers from a Stored Cross-Site Scripting (XSS) vulnerability. The plugin attempts to sanitize user input using htmlspecialchars(), but this can be bypassed by passing dangerous characters as escaped hex bytes. [CVSS 5.4 MEDIUM]

XSS Getsimplecms
NVD GitHub Exploit-DB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2026-23526 HIGH PATCH This Week

CVAT is an open source interactive video and image annotation tool for computer vision. [CVSS 8.8 HIGH]

Information Disclosure AI / ML Computer Vision Annotation Tool
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23754 HIGH PATCH This Week

D-Link D-View 8 versions 2.0.1.107 and below allow authenticated users to bypass access controls on backend API endpoints and retrieve credential data for arbitrary accounts, including administrators. An attacker can leverage exposed credentials to directly authenticate as any user and gain full administrative control over the D-View system. A patch is available to address this high-severity improper access control vulnerability.

D-Link D View 8
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-68132 MEDIUM POC PATCH This Month

EVerest is an EV charging software stack. Prior to version 2025.12.0, `is_message_crc_correct` in the DZG_GSH01 powermeter SLIP parser reads `vec[vec.size()-1]` and `vec[vec.size()-2]` without checking that at least two bytes are present. [CVSS 4.6 MEDIUM]

Denial Of Service Everest
NVD GitHub
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-22022 HIGH PATCH This Week

Unauthorized API access in Apache Solr 5.3.0 through 9.10.0 allows unauthenticated attackers to bypass the RuleBasedAuthorizationPlugin due to insufficient input validation in permission rule enforcement. This vulnerability affects only deployments using multiple roles with specific predefined permissions like config-read, config-edit, schema-read, metrics-read, or security-read without the "all" permission rule defined. Successful exploitation grants attackers unauthorized access to sensitive Solr APIs, potentially exposing configuration and security data.

Apache Solr Red Hat
NVD HeroDevs
CVSS 3.1
8.2
EPSS
0.2%
CVE-2026-23955 MEDIUM POC This Month

Everest EV charging software prior to version 2025.9.0 contains an improper pointer arithmetic flaw in error handling where integer values are concatenated to strings, allowing local operators with high privileges to read sensitive memory regions including heap and stack data. Public exploit code exists for this vulnerability. The flaw requires user interaction and is resolved in version 2025.9.0, though patches remain unavailable for affected earlier versions.

Information Disclosure Everest
NVD GitHub
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-23517 HIGH PATCH This Week

Fleet device management software versions prior to 4.78.3 suffer from broken access control that permits any authenticated user, including low-privilege observers, to access debug and profiling endpoints. Attackers can leverage this vulnerability to extract sensitive server diagnostics, runtime profiling data, and application state, or trigger CPU-intensive operations resulting in denial of service. The vulnerability affects multiple Fleet versions and has patches available.

Industrial Denial Of Service Fleet Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-24016 HIGH This Week

Arbitrary code execution in ServerView Agents for Windows installer results from insecure DLL loading, allowing local attackers with user privileges to execute malicious code with administrator rights during installation. The vulnerability affects Fsas Technologies Inc.'s installer component and currently has no available patch. An attacker with physical or local access can exploit this during the installation process to achieve full system compromise.

Windows
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2026-23737 HIGH POC PATCH This Week

Arbitrary code execution in Seroval versions 1.4.0 and below allows authenticated attackers to execute malicious JavaScript through improper deserialization handling in the fromJSON and fromCrossJSON functions. Exploitation requires multiple requests to the affected function and partial knowledge of runtime data usage, but grants full code execution capabilities. A patch is available in version 1.4.1 and later.

Deserialization Seroval Red Hat Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-13878 HIGH PATCH This Week

to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 versions up to 9.18.43 is affected by reachable assertion (CVSS 7.5).

Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21852 HIGH POC PATCH This Week

Claude Code versions prior to 2.0.65 allow attackers to steal Anthropic API keys from users by crafting malicious repositories that redirect API calls to attacker-controlled servers before the trust confirmation dialog appears. When a victim opens an infected repository, the tool automatically reads malicious configuration settings and sends API requests containing credentials before displaying any security prompt, enabling credential theft. Users should upgrade to version 2.0.65 or later, though auto-update users have already received the patch.

Authentication Bypass AI / ML Claude Code
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22977 MEDIUM PATCH CISA This Month

A null pointer dereference in the Linux kernel's socket error queue handling causes a denial of service when CONFIG_HARDENED_USERCOPY is enabled and applications attempt to retrieve error messages via recvmsg(). Local attackers with user privileges can trigger a kernel panic by reading from the socket error queue on affected systems running vulnerable kernel versions.

Linux Denial Of Service Null Pointer Dereference
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-68134 HIGH This Week

EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the `assert` function to handle errors frequently causes the module to crash. [CVSS 7.4 HIGH]

Denial Of Service Everest
NVD GitHub
CVSS 3.1
7.4
EPSS
0.1%
CVE-2026-23736 HIGH PATCH This Week

Seroval is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 7.3).

Deserialization Seroval Red Hat Suse
NVD GitHub
CVSS 3.1
7.3
EPSS
0.2%
CVE-2026-23755 HIGH PATCH This Week

D-Link D-View 8 installer versions 2.0.1.107 and below are vulnerable to DLL preloading attacks that execute with administrator privileges when a user approves a UAC prompt. An attacker can place a malicious version.dll file in the installer directory to achieve arbitrary code execution with system-level access. This vulnerability affects users installing or updating D-View 8 on Windows systems.

D-Link D View 8
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-0834 HIGH This Week

Unauthenticated adjacent network attackers can exploit a logic vulnerability in the TDDP module of TP-Link Archer C20 v6.0 and Archer AX53 v1.0 to execute administrative commands such as factory reset and device reboot without credentials. This allows attackers to cause loss of device configuration and service disruption on vulnerable routers. No patch is currently available for this high-severity vulnerability affecting both router models.

TP-Link Authentication Bypass
NVD
CVSS 4.0
7.2
EPSS
0.0%
CVE-2026-22444 HIGH PATCH This Week

Apache Solr 8.6 through 9.10.0 in standalone mode fails to properly validate the "create core" API parameters, allowing authenticated users to bypass the allowPaths security restriction and access unauthorized filesystem locations. On Windows systems configured with UNC path support, this vulnerability can lead to NTLM credential hash disclosure. Affected deployments using the allowPaths setting are at risk of unauthorized core creation and information exposure.

Windows Apache Solr Red Hat
NVD HeroDevs
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-24046 HIGH PATCH This Week

Backstage Scaffolder actions and archive extraction utilities are vulnerable to symlink-based path traversal attacks, allowing authenticated users with template creation privileges to read sensitive files, delete arbitrary files outside the workspace, or write malicious files via crafted symlinks in tar/zip archives. This affects deployments where users can create or execute Scaffolder templates, with no patch currently available for versions prior to @backstage/backend-defaults 0.12.2.

Path Traversal
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-14559 MEDIUM PATCH This Month

A flaw was found in the keycloak-services component of Keycloak. [CVSS 6.5 MEDIUM]

Authentication Bypass Red Hat
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24047 MEDIUM PATCH This Month

The resolveSafeChildPath function in Backstage's backend-plugin-api prior to version 0.1.17 improperly validates symlink chains and dangling symlinks, allowing authenticated attackers to bypass path traversal protections used by Scaffolder actions and other backend components. An attacker with low privileges could exploit this to access files outside the intended directory boundaries by chaining intermediate symlinks or creating symlinks pointing to non-existent paths that are later materialized during file operations. This affects Backstage installations relying on the vulnerable path validation function for security isolation.

Path Traversal Red Hat
NVD GitHub
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-20092 MEDIUM This Month

Improper file permissions in Cisco Intersight Virtual Appliance's maintenance shell allow authenticated administrators to escalate privileges to root and gain full control of the system. An attacker with local administrative access can manipulate configuration files to bypass intended privilege restrictions, potentially compromising sensitive data and workload configurations. No patch is currently available for this vulnerability.

Cisco Denial Of Service
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2026-22976 MEDIUM PATCH CISA This Month

A null pointer dereference in the Linux kernel's QFQ packet scheduler (net/sched/sch_qfq) allows local attackers with user privileges to cause a denial of service by deactivating an inactive aggregate during qdisc reset operations. The vulnerability occurs when multiple QFQ qdisc instances share a leaf qdisc, causing incorrect state assumptions during cleanup. A patch is available to resolve this issue.

Linux Null Pointer Dereference Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-22808 MEDIUM PATCH This Month

fleetdm/fleet is open source device management software. [CVSS 5.4 MEDIUM]

Windows XSS Fleet Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-23499 MEDIUM PATCH This Month

Authenticated staff users in Saleor e-commerce platform versions 3.0.0 through 3.22.26 can upload malicious HTML and SVG files containing JavaScript that execute in users' browsers when served from the same domain as the dashboard, potentially allowing token theft. An attacker with staff privileges could craft script injections to compromise other staff members' sessions and access tokens. This vulnerability affects deployments where media files are hosted on the same domain as the dashboard and patches are available in versions 3.20.108, 3.21.43, and 3.22.27.

File Upload XSS Saleor
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy