Skip to main content
CVE-2026-23890 MEDIUM POC PATCH This Month

Pnpm versions up to 10.28.1 contains a vulnerability that allows attackers to overwriting config files, scripts, or other sensitive files (CVSS 6.5).

Node.js Path Traversal Pnpm Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23889 MEDIUM POC PATCH This Month

Path traversal in pnpm's tarball extraction on Windows allows attackers to write files outside the intended package directory by exploiting incomplete path normalization that fails to block backslash-based traversal sequences. Public exploit code exists for this vulnerability, which affects Windows developers and CI/CD pipelines (GitHub Actions, Azure DevOps) and could result in overwriting sensitive configuration files like .npmrc or build configurations. A patch is available in pnpm version 10.28.1 and later.

Windows Node.js Azure Github Path Traversal +2
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23888 MEDIUM POC PATCH This Month

Path traversal in pnpm's binary fetcher (versions prior to 10.28.1) allows attackers to write files outside the intended extraction directory through malicious ZIP entries or crafted prefix values, potentially overwriting critical configuration files and scripts on affected systems. All pnpm users installing packages with binary assets are vulnerable, particularly those in CI/CD pipelines or with custom Node.js binary configurations. Public exploit code exists for this medium-severity vulnerability.

Node.js Path Traversal Pnpm Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24056 MEDIUM POC PATCH This Month

pnpm versions prior to 10.28.2 fail to properly constrain symlink resolution when installing file: and git: dependencies, allowing malicious packages to copy sensitive files from the host system into node_modules and leak credentials. This affects developers using local file dependencies and CI/CD pipelines installing git-based packages, with public exploit code available. The vulnerability enables theft of credentials from locations like ~/.ssh/id_rsa and ~/.npmrc by exploiting symlinks to absolute paths outside the package root.

Node.js Pnpm Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2020-36960 MEDIUM POC This Month

Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. [CVSS 6.4 MEDIUM]

XSS
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2020-36956 MEDIUM POC This Month

Openfire 4.6.0 contains a stored cross-site scripting vulnerability in the nodejs plugin that allows attackers to inject malicious scripts through the 'path' parameter. [CVSS 6.4 MEDIUM]

Node.js XSS
NVD GitHub Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2020-36954 MEDIUM POC This Month

Xeroneit Library Management System 3.1 contains a stored cross-site scripting vulnerability in the Book Category feature that allows administrators to inject malicious scripts. Attackers can insert a payload in the Category Name field to execute arbitrary JavaScript code when the page is loaded. [CVSS 6.4 MEDIUM]

XSS
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2020-36955 MEDIUM POC This Month

Grav CMS 1.6.30 with Admin Plugin 1.9.18 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the page title field. [CVSS 6.4 MEDIUM]

XSS
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1412 MEDIUM POC This Month

Operation And Maintenance Security Management System versions up to 3.0.12. contains a security vulnerability (CVSS 7.3).

Command Injection Operation And Maintenance Security Management System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-50537 MEDIUM POC This Month

Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run() method, which validates test cases and checks for duplicates. [CVSS 5.5 MEDIUM]

Stack Overflow Eslint Red Hat
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-1443 MEDIUM POC This Month

SQL injection in Online Music Site 1.0's AdminDeleteUser.php allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker can leverage this to compromise data confidentiality, integrity, and availability.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-1422 MEDIUM POC This Month

SQL injection in the login page of code-projects Online Examination System 1.0 allows unauthenticated remote attackers to manipulate the User parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and affects confidentiality, integrity, and availability of the affected system.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-24131 MEDIUM POC PATCH This Month

pnpm versions before 10.28.2 fail to validate the `directories.bin` field during package processing, allowing malicious packages to use path traversal (e.g., `../../../../tmp`) to escape the package root and chmod 755 files at arbitrary locations on Unix-like systems. Public exploit code exists for this vulnerability. The issue affects Linux, macOS, and Node.js environments but not Windows due to platform-specific protections.

Linux Windows macOS Node.js Pnpm +2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-24476 MEDIUM POC PATCH This Month

Stored XSS in Shaarli versions before 0.16.0 allows authenticated attackers to inject malicious HTML by crafting tags starting with a double quote character, which breaks out of input tag validation on the homepage. An attacker with login credentials can exploit this to execute arbitrary JavaScript in victims' browsers with the victim's interaction. A patch is available in version 0.16.0 and public exploit code exists.

XSS Shaarli
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-70368 MEDIUM POC This Month

Worklenz version 2.1.5 contains a Stored Cross-Site Scripting (XSS) vulnerability in the Project Updates feature. An attacker can submit a malicious payload in the Updates text field which is then rendered in the reporting view without proper sanitization. [CVSS 5.4 MEDIUM]

XSS Worklenz
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-1410 MEDIUM POC This Month

Missing authentication in the Beetel 777VR1 firmware (versions up to 01.00.09) UART interface allows an attacker with physical access to bypass security controls through a complex exploitation process. Public exploit code exists for this vulnerability, though no patch has been released and the vendor has not responded to disclosure attempts. The attack requires direct device access and significant technical sophistication but could result in complete system compromise.

Authentication Bypass 777vr1 Firmware
NVD GitHub VulDB
CVSS 4.0
4.5
EPSS
0.0%
CVE-2026-1411 MEDIUM POC This Month

Improper access controls in the UART interface of Beetel 777VR1 firmware (up to version 01.00.09) allow attackers with physical access to bypass authentication mechanisms, though exploitation requires high technical complexity. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

Information Disclosure 777vr1 Firmware
NVD GitHub VulDB
CVSS 4.0
4.5
EPSS
0.0%
CVE-2025-9520 MEDIUM This Month

An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account. [CVSS 6.8 MEDIUM]

Authentication Bypass Omada Controller
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-14973 MEDIUM This Month

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks. [CVSS 6.8 MEDIUM]

WordPress SQLi PHP
NVD WPScan
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-57785 MEDIUM This Month

Hiawatha Webserver versions up to 11.7 contains a vulnerability that allows attackers to arbitrary code execution (CVSS 6.5).

RCE Hiawatha Webserver
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-24435 MEDIUM This Month

Tenda W30E firmware through V16.01.0.19(5037) is vulnerable to CORS misconfiguration that permits authenticated administrative endpoints to accept credentialed cross-origin requests from arbitrary origins. An authenticated attacker can exploit this vulnerability to perform unauthorized actions on affected devices by tricking administrators into visiting malicious web pages. No patch is currently available for this vulnerability.

Information Disclosure W30e Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24439 MEDIUM This Month

Tenda W30E firmware versions through V16.01.0.19(5037) omit the X-Content-Type-Options: nosniff header from web management interfaces, enabling MIME type confusion attacks. An unauthenticated remote attacker can exploit this to inject malicious scripts that browsers may execute as legitimate content, potentially compromising the integrity and confidentiality of management traffic. No patch is currently available for this vulnerability.

XSS W30e Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-9521 MEDIUM This Month

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security. [CVSS 6.5 MEDIUM]

Authentication Bypass Omada Controller
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24431 MEDIUM This Month

Tenda W30E V2 firmware through V16.01.0.19(5037) exposes stored administrative passwords in plaintext on the management interface, allowing any authenticated user to retrieve credentials. This information disclosure affects administrative account security and could enable privilege escalation or lateral movement. No patch is currently available.

Information Disclosure W30e Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-14525 MEDIUM PATCH This Month

A flaw was found in kubevirt. A user within a virtual machine (VM), if the guest agent is active, can exploit this by causing the agent to report an excessive number of network interfaces. [CVSS 6.4 MEDIUM]

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-11687 MEDIUM PATCH This Month

A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page - enabling DOM access, session cookie theft and other client-side attacks - via a crafted URL that supplies a malicious value to the q GET parameter (reflected DOM XSS). [CVSS 6.1 MEDIUM]

XSS Suse
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-9820 MEDIUM PATCH CISA This Month

A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. [CVSS 4.0 MEDIUM]

Denial Of Service Privilege Escalation RCE Stack Overflow Buffer Overflow
NVD VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-59472 MEDIUM PATCH This Month

A denial of service vulnerability exists in Next.js versions with Partial Prerendering (PPR) enabled when running in minimal mode. The PPR resume endpoint accepts unauthenticated POST requests with the `Next-Resume: 1` header and processes attacker-controlled postponed state data. [CVSS 5.9 MEDIUM]

Node.js Denial Of Service Next.Js Red Hat Vercel
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-59471 MEDIUM PATCH This Month

A denial of service vulnerability exists in self-hosted Next.js applications that have `remotePatterns` configured for the Image Optimizer. [CVSS 5.9 MEDIUM]

Denial Of Service Next.Js Red Hat Vercel
NVD GitHub HeroDevs
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-1425 MEDIUM This Month

Stack-based buffer overflow in pymumu SmartDNS versions up to 47.1 within the SVBC Record Parser component allows remote attackers to cause information disclosure and limited integrity/availability impact through specially crafted DNS SVCB/HTTPS records. Exploitation requires high complexity and specific conditions, making practical attacks difficult. No patch is currently available.

Buffer Overflow Stack Overflow
NVD GitHub VulDB
CVSS 3.1
5.6
EPSS
0.0%
CVE-2026-24437 MEDIUM This Month

Tenda W30E V2 firmware through version 16.01.0.19(5037) fails to implement proper cache-control headers on sensitive administrative responses, allowing a local authenticated attacker to retrieve cached credentials from the browser's storage. This high-confidentiality impact vulnerability has no available patch and affects users on vulnerable firmware versions.

Authentication Bypass W30e Firmware
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-1429 MEDIUM This Month

WellChoose's Single Sign-On Portal System contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript into user browsers through social engineering. An attacker could leverage this to steal session tokens, credentials, or perform actions on behalf of targeted users. A patch is not currently available; mitigation requires input validation and output encoding controls.

XSS Single Sign On Portal System
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-24433 MEDIUM This Month

Tenda W30E V2 firmware through V16.01.0.19(5037) fails to properly sanitize user input during account creation, allowing authenticated attackers to inject persistent malicious scripts that execute in administrators' browsers when accessing management pages. This stored XSS vulnerability enables session hijacking, credential theft, and unauthorized configuration changes with low complexity exploitation requiring only user interaction from an admin. No patch is currently available for affected devices.

XSS W30e Firmware
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-9522 MEDIUM This Month

Blind Server-Side Request Forgery (SSRF) in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information. [CVSS 5.3 MEDIUM]

SSRF Omada Controller
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-57783 MEDIUM This Month

Hiawatha versions up to 11.7 contains a vulnerability that allows attackers to request smuggling has been identified in Hiawatha webserver version 11 (CVSS 5.3).

Information Disclosure Hiawatha
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-11065 MEDIUM PATCH This Month

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. [CVSS 5.3 MEDIUM]

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1446 MEDIUM This Month

Stored XSS in ArcGIS Pro 3.6.0 and earlier allows local attackers to inject malicious scripts into application dialogs that execute when opened by users with standard local access. No patch is currently available, and exploitation requires user interaction with a specific dialog containing attacker-supplied input. The vulnerability affects the desktop application only and poses a confidentiality and integrity risk without requiring elevated privileges.

XSS Arcgis Pro
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-1224 MEDIUM This Month

Tanium addressed an uncontrolled resource consumption vulnerability in Discover. [CVSS 4.9 MEDIUM]

Denial Of Service Discover
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-24003 MEDIUM This Month

EVerest is an EV charging software stack. [CVSS 4.3 MEDIUM]

Authentication Bypass Everest
NVD GitHub
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-24432 MEDIUM This Month

Tenda W30E V2 firmware through V16.01.0.19(5037) lacks CSRF protections on administrative functions, enabling attackers to hijack authenticated admin sessions and modify configuration settings or reset administrator credentials. An attacker can craft malicious requests that execute with the privileges of a logged-in administrator when visited in their browser. No patch is currently available for this vulnerability.

CSRF W30e Firmware
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-14969 MEDIUM PATCH This Month

A flaw was found in Hibernate Reactive. When an HTTP endpoint is exposed to perform database operations, a remote client can prematurely close the HTTP connection. [CVSS 4.3 MEDIUM]

React Denial Of Service Red Hat
NVD
CVSS 3.1
4.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy