Skip to main content
CVE-2025-15545 MEDIUM POC This Month

The backup restore function does not properly validate unexpected or unrecognized tags within the backup file. When such a crafted file is restored, the injected tag is interpreted by a shell, allowing execution of arbitrary commands with root privileges. [CVSS 6.8 MEDIUM]

Code Injection Archer Re605x Firmware
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-24905 MEDIUM POC PATCH GHSA This Month

Inspektor Gadget versions prior to 0.48.1 allow local attackers with limited privileges to execute arbitrary commands during custom gadget image builds due to insufficient input sanitization in Makefile generation. An attacker who can control buildOptions parameters can inject shell commands that execute with the privileges of the build process. Public exploit code exists for this vulnerability.

Kubernetes Command Injection
NVD GitHub VulDB
CVSS 4.0
6.6
EPSS
0.1%
CVE-2020-37018 MEDIUM POC This Month

GOautodial 4.0 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through message subjects. [CVSS 6.4 MEDIUM]

XSS
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-71011 MEDIUM POC This Month

An input validation vulnerability in the flow.Tensor.new_empty/flow.Tensor.new_ones/flow.Tensor.new_zeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 6.2 MEDIUM]

Denial Of Service AI / ML Oneflow
NVD GitHub
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-71009 MEDIUM POC This Month

An input validation vulnerability in the flow.scatter/flow.scatter_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted indices. [CVSS 6.2 MEDIUM]

Denial Of Service AI / ML Oneflow
NVD GitHub
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-71008 MEDIUM POC This Month

Oneflow versions up to 0.9.0 contains a vulnerability that allows attackers to cause a Denial of Service (DoS) via a crafted input (CVSS 6.2).

Denial Of Service AI / ML Oneflow
NVD GitHub
CVSS 3.1
6.2
EPSS
0.0%
CVE-2020-36994 MEDIUM POC This Month

QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionality. [CVSS 6.2 MEDIUM]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-69749 MEDIUM POC This Month

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code. [CVSS 6.1 MEDIUM]

XSS Tale
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-1595 MEDIUM POC This Month

SQL injection in itsourcecode Society Management System 1.0 allows unauthenticated remote attackers to manipulate the student_id parameter in /admin/edit_student_query.php, enabling unauthorized database queries and potential data exfiltration or modification. Public exploit code exists for this vulnerability, and no patch is currently available, increasing the risk of active exploitation.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-1590 MEDIUM POC This Month

SQL injection in itsourcecode School Management System 1.0 via the ID parameter in /ramonsys/faculty/index.php enables unauthenticated remote attackers to read, modify, or delete database contents. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-1589 MEDIUM POC This Month

SQL injection in itsourcecode School Management System 1.0 via the txtsearch parameter in /ramonsys/inquiry/index.php enables unauthenticated remote attackers to execute arbitrary SQL queries with limited impact on confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-1594 MEDIUM POC This Month

SQL injection in itsourcecode Society Management System 1.0's expense administration interface allows unauthenticated remote attackers to manipulate the detail parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems expose confidentiality, integrity, and availability of underlying data.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-1593 MEDIUM POC This Month

Society Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-1587 MEDIUM POC This Month

Denial of service in Open5GS up to version 2.7.6 allows remote attackers to crash the SGWC service by manipulating the Modify Bearer Request handler in s11-handler.c. Public exploit code exists for this vulnerability and no patch is currently available. Organizations running affected versions should apply updates as they become available and consider network-level mitigations to restrict access to the S11 interface.

Denial Of Service Open5gs
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-1586 MEDIUM POC This Month

Remote denial of service in Open5GS up to version 2.7.5 affects the SGWC component's TEID-to-IP conversion function, allowing unauthenticated attackers to crash the service over the network. Public exploit code exists for this vulnerability, and while a fix has been developed, no official patch is currently available for affected deployments.

Denial Of Service Open5gs
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-24904 MEDIUM POC PATCH This Month

TrustTunnel VPN protocol versions prior to 0.9.115 contain a rule bypass vulnerability where fragmented TLS ClientHello messages fail to extract the client random value, causing the rules engine to skip client_random_prefix matching conditions and allow traffic that should be blocked. Public exploit code exists for this medium-severity network-accessible vulnerability affecting Industrial and TrustTunnel products. A patch is available for affected versions.

Industrial Trusttunnel
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2020-37007 MEDIUM POC This Month

Liman 0.7 contains a cross-site request forgery vulnerability that allows attackers to manipulate user account settings without proper request validation. [CVSS 5.3 MEDIUM]

CSRF Liman
NVD GitHub Exploit-DB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-15549 MEDIUM POC This Month

FluentCMS 2026 contains a stored cross-site scripting vulnerability that allows authenticated administrators to upload SVG files with embedded JavaScript via the File Management module. [CVSS 4.8 MEDIUM]

XSS Fluentcms
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-23571 MEDIUM This Month

TeamViewer DEX versions below 24.5 allow authenticated users with actioner privileges to execute arbitrary elevated commands on connected hosts through inadequate input validation in the 1E-Nomad-RunPkgStatusRequest instruction. An attacker with these credentials could inject malicious commands to gain unauthorized system access and control. The vulnerability requires user interaction and high-level privileges but carries a significant risk due to the potential for complete system compromise.

Command Injection Digital Employee Experience
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-23570 MEDIUM This Month

Log timestamp tampering in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to inject malicious UDP Sync commands that corrupt event timestamps, undermining log integrity and forensic investigation capabilities. This input validation flaw affects Windows deployments of the NomadBranch service and could enable attackers to obscure the timeline of malicious activities or create misleading audit trails. No patch is currently available for this medium-severity vulnerability.

Windows Digital Employee Experience
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-23566 MEDIUM This Month

Log tampering in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to inject, modify, or forge entries in the NomadBranch.log file through the UDP network handler, compromising log integrity and audit trail reliability. An attacker with network access can send crafted packets to the Content Distribution Service to manipulate logging records without authentication, potentially obscuring malicious activity or creating false audit entries.

Windows Digital Employee Experience
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-23565 MEDIUM This Month

TeamViewer DEX Client versions prior to 26.1 contain a null pointer dereference in the NomadBranch.exe Content Distribution Service that allows adjacent network attackers to crash the process without authentication. An attacker can exploit this vulnerability to disable the Content Distribution Service, causing a denial-of-service condition on affected Windows systems. No patch is currently available.

Windows Digital Employee Experience
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-23569 MEDIUM This Month

TeamViewer DEX Client versions before 26.1 contain an out-of-bounds read in the Content Distribution Service that enables remote attackers to leak stack memory and trigger denial of service without authentication. Successful exploitation could disclose memory contents useful for bypassing address space layout randomization and chaining with other vulnerabilities. No patch is currently available for this medium-severity flaw affecting Windows deployments.

Windows Denial Of Service Digital Employee Experience
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-24845 MEDIUM PATCH This Month

malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. [CVSS 6.5 MEDIUM]

Docker Malcontent Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24687 MEDIUM PATCH This Month

Authenticated users in Umbraco Forms versions 16 and 17 can exploit a path traversal vulnerability to read arbitrary files on Mac and Linux systems running the CMS. An attacker with backoffice access can enumerate and access sensitive files through the export endpoint by manipulating the fileName parameter. No patch is currently available, though the vulnerability is mitigated by restricting backoffice access and blocking path traversal sequences at the WAF level.

Linux Path Traversal Umbraco Forms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23567 MEDIUM This Month

Denial-of-service in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to crash the NomadBranch.exe service by sending specially crafted UDP packets that trigger a heap buffer overflow. The vulnerability stems from an integer underflow in the UDP command handler that can be exploited without authentication or user interaction. Currently, no patch is available and the attack requires network adjacency to the affected system.

Windows Buffer Overflow Heap Overflow Integer Overflow Denial Of Service +1
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23564 MEDIUM This Month

Digital Employee Experience is affected by cleartext transmission of sensitive information (CVSS 6.5).

Windows Digital Employee Experience
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15548 MEDIUM This Month

Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality. [CVSS 6.5 MEDIUM]

Information Disclosure Vx800v Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15344 MEDIUM This Month

Tanium addressed a SQL injection vulnerability in Asset. [CVSS 6.3 MEDIUM]

SQLi Asset
NVD
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-15541 MEDIUM This Month

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk. [CVSS 6.3 MEDIUM]

Path Traversal Vx800v Firmware
NVD
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-7015 MEDIUM This Month

Session Fixation vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Session Fixation.This issue affects QR Menu: before s1.05.12. [CVSS 5.7 MEDIUM]

Information Disclosure Session Fixation
NVD VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-23563 MEDIUM This Month

Digital Employee Experience versions up to 26.1 is affected by improper link resolution before file access (CVSS 5.7).

Windows Digital Employee Experience
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2025-7014 MEDIUM This Month

Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.This issue affects Menu Panel: through 29012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. [CVSS 5.7 MEDIUM]

Information Disclosure Session Fixation
NVD VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2025-7013 MEDIUM This Month

Authorization Bypass Through User-Controlled Key vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Exploitation of Trusted Identifiers.This issue affects Menu Panel: through 29012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. [CVSS 5.7 MEDIUM]

Authentication Bypass Menu Panel
NVD VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-24413 MEDIUM PATCH This Month

Icinga 2 on Windows versions 2.3.0 through 2.15.1 fail to properly restrict file permissions on the `%ProgramData%\icinga2\var` directory, allowing any local user to read sensitive data including private keys and synchronized configurations. All Windows installations are affected, and attackers with local access can extract cryptographic material and configuration details for lateral movement or further compromise. Patches are available in versions 2.13.14, 2.14.8, and 2.15.2, with workarounds available through updated Icinga for Windows packages or manual ACL remediation.

Windows Icinga Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-24846 MEDIUM PATCH This Month

malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. [CVSS 5.5 MEDIUM]

Path Traversal Malcontent Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-24414 MEDIUM This Month

Icinga PowerShell Framework versions prior to 1.13.4, 1.12.4, and 1.11.2 expose private certificate keys due to overly permissive directory permissions that allow all local users read access to the certificate folder. A local attacker with user-level privileges can retrieve these private keys to impersonate the Icinga service or intercept monitoring communications. No patch is currently available; manual ACL restrictions on the certificate directory are required as a temporary mitigation.

Windows Icinga Powershell Framework
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-1469 MEDIUM This Month

Stored XSS in RLE NOVA PlanManager allows authenticated users to inject malicious scripts via the comment and brand parameters, which are executed in other users' browsers without sanitization. An attacker can leverage this to hijack sessions, steal credentials, or perform unauthorized actions on behalf of victims. Exploitation requires user interaction and network access, with no patch currently available.

PHP XSS Planmanager
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-45160 MEDIUM This Month

A HTML injection vulnerability exists in the file upload functionality of Cacti <= 1.2.29. When a file with an invalid format is uploaded, the application reflects the submitted filename back into an error popup without proper sanitization. [CVSS 5.4 MEDIUM]

File Upload XSS Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-23568 MEDIUM This Month

Information disclosure and denial-of-service in TeamViewer DEX Client versions before 26.1 allows adjacent network attackers to trigger an out-of-bounds read via specially crafted packets, potentially leaking sensitive memory that could be leveraged to bypass ASLR protections. Affected Windows systems running the NomadBranch.exe content distribution service are vulnerable to attacks requiring only network proximity, with no authentication or user interaction needed.

Windows Information Disclosure Digital Employee Experience
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-15542 MEDIUM This Month

Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls. [CVSS 5.3 MEDIUM]

Denial Of Service Vx800v Firmware
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-55704 MEDIUM This Month

Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs. [CVSS 5.3 MEDIUM]

Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-25067 MEDIUM This Month

SmarterMail before build 9518 allows unauthenticated attackers to exploit a path traversal flaw in the background preview endpoint by supplying base64-encoded UNC paths, forcing the Windows service to initiate SMB connections to attacker-controlled servers. This enables credential coercion and NTLM relay attacks without requiring authentication or user interaction. No patch is currently available for this vulnerability.

Windows Smartermail
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-15550 MEDIUM This Month

birkir prime <= 0.4.0.beta.0 contains a cross-site request forgery vulnerability in its GraphQL endpoint that allows attackers to exploit GET-based query requests. [CVSS 5.3 MEDIUM]

CSRF
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-0936 MEDIUM CISA This Month

R PVI client versions up to 6.5 is affected by insertion of sensitive information into log file (CVSS 5.0).

Information Disclosure
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-15543 MEDIUM This Month

Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files. [CVSS 4.6 MEDIUM]

Path Traversal Vx800v Firmware
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-22764 MEDIUM This Month

Information disclosure in Dell OpenManage Network Integration versions before 3.9 stems from improper authentication controls that allow low-privileged remote attackers to access sensitive data. The vulnerability requires valid credentials but no user interaction, making it exploitable by authenticated users with minimal privileges. No patch is currently available for affected deployments.

Information Disclosure Openmanage Network Integration
NVD
CVSS 3.1
4.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy