THREAT ALERT

ACT NOW CVE-2025-15556 7.5 Notepad++ versions prior to 8.8.9 contain an update integrity verification vulnerability (CVE-2025-15556) when using the WinGUp updater. The update mechanism fails to cryptographically verify downloaded metadata and installers, allowing man-in-the-middle attackers to serve malicious executables during the update process. KEV-listed, this supply chain risk affects one of the most widely used text editors on Windows. | EMERGENCY CVE-2026-1340 9.8 Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that allows unauthenticated attackers to achieve remote code execution on the mobile device management server. Compromising the MDM server provides access to all managed mobile device configurations, policies, and potentially the ability to push malicious profiles to enrolled devices. | ACT NOW CVE-2026-1281 9.8 Ivanti Endpoint Manager Mobile (EPMM) contains a critical code injection vulnerability (CVE-2026-1281, CVSS 9.8) that allows unauthenticated remote attackers to execute arbitrary code. With EPSS 64.8% and KEV listing, this vulnerability in the mobile device management platform threatens the security of every managed mobile device in the organization, as EPMM has the ability to push configurations, certificates, and apps to enrolled devices. | EMERGENCY CVE-2025-40551 9.8 SolarWinds Web Help Desk contains an unauthenticated Java deserialization vulnerability (CVE-2025-40551, CVSS 9.8) that enables remote code execution. With EPSS 80.6% and KEV listing, this is the more severe of two concurrent WHD vulnerabilities, allowing attackers to execute arbitrary commands on the host server without any credentials. | ACT NOW CVE-2025-40536 8.1 SolarWinds Web Help Desk contains a security control bypass vulnerability (CVE-2025-40536) that allows unauthenticated attackers to access restricted functionality. With EPSS 69% and KEV listing, this CVSS 8.1 vulnerability is particularly concerning given SolarWinds' history of being targeted in supply chain attacks and the sensitive IT service data typically stored in help desk systems. | EMERGENCY CVE-2026-24858 9.8 Fortinet FortiAnalyzer and FortiManager contain a critical authentication bypass vulnerability (CVE-2026-24858, CVSS 9.8) that allows unauthenticated remote attackers to gain administrative access through an alternate authentication path. With EPSS 2.8% but KEV listing confirming active exploitation, this vulnerability threatens the security management infrastructure that organizations rely on to protect their networks. | ACT NOW CVE-2026-21509 7.8 Microsoft Office contains a security feature bypass (CVE-2026-21509, CVSS 7.8) where reliance on untrusted inputs in security decisions allows local attackers to bypass protections designed to prevent execution of malicious content. KEV-listed with EPSS 9.3%, this vulnerability enables attackers to circumvent Office security features like Protected View or macro restrictions through crafted documents. | EMERGENCY CVE-2026-24423 9.8 SmarterTools SmarterMail prior to build 9511 contains a second critical vulnerability (CVE-2026-24423) — an unauthenticated remote code execution flaw in the ConnectToHub API method. An attacker can redirect the SmarterMail server to connect to a malicious HTTP endpoint that serves OS commands for execution. KEV-listed with EPSS 29%, this is chainable with CVE-2026-23760 for complete server compromise. | EMERGENCY CVE-2026-23760 9.8 SmarterTools SmarterMail prior to build 9511 contains a critical authentication bypass in the password reset API (CVE-2026-23760) that allows unauthenticated attackers to reset system administrator passwords without verification. With EPSS 65% and KEV listing, this trivially exploitable vulnerability enables complete email server takeover, compromising all hosted mailboxes and organizational communications. | ACT NOW CVE-2026-20045 8.2 Cisco Unified Communications Manager and related products contain a code injection vulnerability (CVE-2026-20045) that allows unauthenticated remote attackers to execute arbitrary code. This KEV-listed vulnerability affects the core enterprise voice/video infrastructure including Unified CM, IM&P, Unity Connection, and Webex Calling Dedicated Instance, making it a high-priority threat for organizations dependent on Cisco collaboration tools. | ACT NOW CVE-2026-24061 9.8 GNU Inetutils telnetd through version 2.7 contains a critical authentication bypass that allows remote attackers to gain root access by setting the USER environment variable to '-f root' during TELNET negotiation. With EPSS 75% and KEV listing, this trivially exploitable vulnerability (CVE-2026-24061) has been widely weaponized. Public PoC is available and patches exist. | EMERGENCY CVE-2026-20963 9.8 Microsoft Office SharePoint contains a deserialization vulnerability (CVE-2026-20963) that allows authenticated users to execute arbitrary code over the network through crafted serialized objects. KEV-listed with public PoC, this CVSS 8.8 vulnerability enables any SharePoint user to escalate to server-level code execution, making it a critical threat for organizations relying on SharePoint for document management and collaboration. | ACT NOW CVE-2026-22200 7.5 Arbitrary file disclosure in osTicket 1.18.x before 1.18.3 and 1.17.x before 1.17.7 allows unauthenticated attackers to read sensitive server files by injecting malicious PHP filter expressions into ticket descriptions that are processed during PDF export. The vulnerability exploits insufficient sanitization in the mPDF library integration, enabling attackers to embed arbitrary file contents as images in generated PDFs when exporting tickets. Public exploit code exists and the issue affects default configurations where guest ticket creation is enabled. | EMERGENCY CVE-2026-21891 9.4 ZimaOS (fork of CasaOS) through 1.5.0 has an authentication bypass where passwords for system service accounts are not properly validated during login. Attackers can access the system using known service account names with any password. PoC available, EPSS 13.6%. | ACT NOW CVE-2025-66376 7.2 Zimbra Collaboration Suite (ZCS) 10.x contains a stored XSS vulnerability in the Classic UI that allows attackers to execute arbitrary JavaScript through CSS @import directives in HTML emails. KEV-listed, this vulnerability (CVE-2025-66376) enables session hijacking and account takeover when administrators or users view malicious emails, making it a high-value target for email-based espionage campaigns. |

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — February 03, 2026

346 CVEs tracked today. 40 Critical, 99 High, 145 Medium, 15 Low.

CVE-2026-25510 CRITICAL CVSS 9.9
CI4MS (CodeIgniter 4 CMS skeleton) has a code injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary PHP code through the CMS module system.

PHP RCE Ci4ms
CVE-2026-25241 CRITICAL CVSS 9.8
PEAR PHP framework has a seventh SQL injection with higher EPSS (0.12%), indicating more active scanning for this particular injection vector.

PHP SQLi Pearweb
CVE-2026-25240 CRITICAL CVSS 9.8
PEAR PHP framework has another SQL injection vulnerability prior to version 1.33.0, the sixth in a series of critical security flaws in the PHP component distribution system.

PHP SQLi Pearweb
CVE-2026-25238 CRITICAL CVSS 9.8
PEAR PHP framework prior to 1.33.0 has a fifth SQL injection vulnerability, part of a comprehensive security audit that found multiple injection points across the framework.

PHP SQLi Pearweb
CVE-2026-25237 CRITICAL CVSS 9.8
PEAR PHP framework has a code execution vulnerability through unsafe use of preg_replace() that allows attackers to execute arbitrary PHP code.

PHP Pearweb
CVE-2026-25236 CRITICAL CVSS 9.8
PEAR PHP framework has a second SQL injection vulnerability in a different code path, providing an alternate database compromise vector.

PHP SQLi Pearweb
CVE-2026-25234 CRITICAL CVSS 9.8
PEAR PHP framework prior to 1.33.0 has a SQL injection vulnerability allowing attackers to extract data from the component distribution database.

PHP SQLi Pearweb
CVE-2026-25233 CRITICAL CVSS 9.1
PEAR PHP framework prior to 1.33.0 has a logic bug in the roadmap feature allowing unauthorized access through incorrect operator comparison.

PHP Pearweb
CVE-2026-25150 CRITICAL CVSS 9.3
Qwik JavaScript framework prior to 1.19.0 has a prototype pollution vulnerability that can lead to server-side code execution in SSR applications.

Denial Of Service Privilege Escalation Authentication Bypass Qwik
CVE-2026-24936 CRITICAL CVSS 9.8
ASUSTOR ADM has an input validation vulnerability when joining AD Domain that allows unauthenticated attackers to compromise the NAS device.

Code Injection Data Master
CVE-2026-24465 CRITICAL CVSS 9.8
ELECOM wireless LAN access point devices have a stack-based buffer overflow that allows remote attackers to execute code or crash the device via crafted packets.

Buffer Overflow Stack Overflow
CVE-2026-1632 CRITICAL CVSS 9.1
MOMA Seismic Station v2.4.2520 exposes its web management interface without authentication, allowing unauthenticated control of seismological monitoring equipment.

Authentication Bypass
CVE-2026-1568 CRITICAL CVSS 9.6
Rapid7 InsightVM before 8.34.0 has a SAML signature verification bypass (CVSS 9.6) allowing attackers to forge authentication assertions and gain unauthorized access.

Authentication Bypass
CVE-2025-70841 CRITICAL CVSS 10.0
Dokans SaaS e-commerce platform v3.9.2 has a CVSS 10.0 authentication bypass allowing unauthenticated attackers to obtain sensitive application secrets and tenant data.

Laravel Authentication Bypass Dokans
CVE-2025-69983 CRITICAL CVSS 9.8
FUXA v1.2.7 allows remote code execution through the project import functionality by importing crafted project files containing malicious code.

RCE Fuxa
CVE-2025-69981 CRITICAL CVSS 9.8
FUXA v1.2.7 has an unrestricted file upload in the /api/upload endpoint that lacks authentication and file type validation, enabling web shell deployment on SCADA systems.

SQLi Fuxa
CVE-2025-69971 CRITICAL CVSS 9.8
FUXA v1.2.7 has hard-coded JWT credentials (EPSS 4.8%) that allow attackers to forge authentication tokens and bypass all access controls on the SCADA interface.

Authentication Bypass Fuxa
CVE-2025-69970 CRITICAL CVSS 9.3
FUXA v1.2.7 SCADA/HMI system has insecure default configuration with security disabled by default, exposing industrial control interfaces without authentication.

Information Disclosure Fuxa
CVE-2025-67188 CRITICAL CVSS 9.8
TOTOLINK A950RG has a third buffer overflow in setRadvdCfg providing yet another RCE vector through the router's IPv6 configuration interface.

Buffer Overflow A950rg Firmware TOTOLINK
CVE-2025-67187 CRITICAL CVSS 9.8
TOTOLINK A950RG has a stack-based buffer overflow in a second endpoint, providing an additional RCE vector through the router's CGI interface.

Buffer Overflow Stack Overflow A950rg Firmware TOTOLINK
CVE-2025-67186 CRITICAL CVSS 9.8
TOTOLINK A950RG router firmware has a buffer overflow in setUrlFilterRules that allows remote attackers to execute code through the router's management interface.

Buffer Overflow Denial Of Service A950rg Firmware RCE TOTOLINK
CVE-2025-63624 CRITICAL CVSS 9.8
Kede Electronics IoT smart water meter monitoring platform v1.0 has a SQL injection allowing attackers to compromise the industrial monitoring database.

IoT Industrial SQLi Iot Smart Water Meter Firmware
CVE-2025-62799 CRITICAL CVSS 9.8
Fast DDS (eProsima) has a heap buffer overflow in its C++ DDS implementation that allows remote attackers to execute code through crafted DDS protocol messages.

Buffer Overflow Memory Corruption Denial Of Service Debian Linux Fast Dds
CVE-2025-61506 CRITICAL CVSS 9.8
MediaCrush through version 1.0.1 allows unauthenticated arbitrary file upload without file type restrictions, enabling web shell deployment and remote code execution.

File Upload Mediacrush
CVE-2025-57529 CRITICAL CVSS 9.8
YouDataSum CPAS Audit Management System v4.9 has a SQL injection in the archive report endpoint allowing extraction of audit and compliance data.

SQLi Cpas Audit Management System
CVE-2025-15556 HIGH CVSS 7.5
Notepad++ versions prior to 8.8.9 contain an update integrity verification vulnerability (CVE-2025-15556) when using the WinGUp updater. The update mechanism fails to cryptographically verify downloaded metadata and installers, allowing man-in-the-middle attackers to serve malicious executables during the update process. KEV-listed, this supply chain risk affects one of the most widely used text editors on Windows.

RCE
CVE-2025-10878 CRITICAL CVSS 10.0
AdminPando 1.0.1 by Fikir Odalari has a CVSS 10.0 SQL injection in the login functionality allowing complete authentication bypass and database takeover.

SQLi Authentication Bypass Fikir Odalari Adminpando
CVE-2025-5319 CRITICAL CVSS 9.8
Emit Informatics product has a SQL injection vulnerability allowing unauthenticated database compromise through unsanitized input parameters.

Industrial SQLi
CVE-2020-37094 CRITICAL CVSS 9.8
EspoCRM 5.8.5 has an authentication vulnerability allowing attackers to access other user accounts through IDOR in session handling.

Authentication Bypass Espocrm
CVE-2020-37090 CRITICAL CVSS 9.8
School ERP Pro 1.0 allows students to upload arbitrary PHP files, enabling remote code execution from a low-privileged student account.

PHP RCE School Erp Pro
CVE-2020-37082 CRITICAL CVSS 9.8
webERP 4.15.1 has an unauthenticated file access vulnerability allowing remote attackers to download sensitive files including configuration and database credentials.

Path Traversal Information Disclosure Weberp
CVE-2020-37080 CRITICAL CVSS 9.8
webTareas 2.0.p8 has an arbitrary file deletion vulnerability in the print_layout.php admin component enabling system disruption.

PHP
CVE-2020-37075 CRITICAL CVSS 9.8
LanSend 3.2 has a buffer overflow in the Add Computers Wizard file import enabling code execution through crafted computer list files.

Buffer Overflow
CVE-2020-37074 CRITICAL CVSS 9.8
Remote Desktop Audit 2.3.0.157 has a buffer overflow enabling code execution through crafted RDP scan responses.

Buffer Overflow
CVE-2020-37071 CRITICAL CVSS 9.8
CraftCMS 3 vCard Plugin 1.0.0 has an insecure deserialization vulnerability allowing unauthenticated remote code execution through crafted vCard data.

PHP RCE Deserialization
CVE-2020-37070 CRITICAL CVSS 9.8
CloudMe 1.11.2 cloud sync application has a buffer overflow enabling remote code execution through the network sync protocol.

RCE Buffer Overflow
CVE-2020-37069 CRITICAL CVSS 9.8
Konica Minolta FTP Utility 1.0 has a second buffer overflow in the NLST command, providing an additional RCE vector alongside the LIST vulnerability.

Buffer Overflow Denial Of Service Ftp Utility
CVE-2020-37068 CRITICAL CVSS 9.8
Konica Minolta FTP Utility 1.0 has a buffer overflow in the LIST command allowing remote attackers to execute code on systems running the utility.

Buffer Overflow Denial Of Service Ftp Utility
CVE-2020-37067 CRITICAL CVSS 9.8
Filetto 1.0 FTP server has a denial of service vulnerability in FEAT command processing causing uncontrolled resource consumption.

Buffer Overflow Denial Of Service
CVE-2020-37066 CRITICAL CVSS 9.8
GoldWave 5.70 audio editor has a buffer overflow enabling code execution through crafted audio files.

Buffer Overflow Stack Overflow
CVE-2020-37065 CRITICAL CVSS 9.8
StreamRipper32 2.6 has a buffer overflow in the Station/Song Section allowing remote code execution through crafted audio stream metadata.

Buffer Overflow
CVE-2026-25615 HIGH CVSS 7.2
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668. [CVSS 7.2 HIGH]

Deserialization Blesta
CVE-2026-25614 HIGH CVSS 7.5
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680. [CVSS 7.5 HIGH]

Deserialization Blesta
CVE-2026-25503 HIGH CVSS 7.1
Iccdev versions prior to 2.3.1.2 are vulnerable to denial of service when processing malformed ICC color profiles with invalid image encoding type values, causing application crashes due to type confusion. The vulnerability is remotely triggerable and public exploit code is available. A patch is available in version 2.3.1.2 and later.

Denial Of Service Iccdev
CVE-2026-25502 HIGH CVSS 7.8
Arbitrary code execution in iccDEV versions prior to 2.3.1.2 via stack-based buffer overflow in the icFixXml() function when parsing malformed ICC color profiles with crafted NamedColor2 tags. Local attackers with user interaction can exploit this vulnerability to execute arbitrary code with high impact on confidentiality, integrity, and availability. Public exploit code exists and a patch is available in version 2.3.1.2 and later.

Buffer Overflow Stack Overflow Iccdev
CVE-2026-25239 HIGH CVSS 7.5
SQL injection in PEAR's apidoc queue insertion allows unauthenticated remote attackers to manipulate database queries by controlling filename values, enabling unauthorized data modification. PEAR versions before 1.33.0 are affected, and no patch is currently available for affected deployments.

PHP SQLi Pearweb
CVE-2026-25235 HIGH CVSS 7.5
Pearweb versions up to 1.33.0 contains a vulnerability that allows attackers to guess verification tokens and potentially verify election account requests witho (CVSS 7.5).

PHP Pearweb
CVE-2026-25223 HIGH CVSS 7.5
Fastify versions before 5.7.2 allow attackers to bypass request body validation by injecting a tab character into the Content-Type header, enabling malicious payloads to reach application logic without validation checks. This remote attack requires no authentication and affects Node.js applications using vulnerable Fastify versions. A patch is available in version 5.7.2 and later.

Node.js Fastify Redhat
CVE-2026-25027 HIGH CVSS 7.5
ThemeMove Unicamp through version 2.7.1 contains a local file inclusion vulnerability in PHP that allows authenticated attackers to read arbitrary files on the server through improper filename validation in include/require statements. An attacker with valid credentials can leverage this flaw to access sensitive files and potentially execute arbitrary code. No patch is currently available for this vulnerability.

PHP Lfi
CVE-2026-25022 HIGH CVSS 8.5
Blind SQL injection in KiviCare clinic management system versions 3.6.16 and earlier allows authenticated attackers to execute arbitrary SQL queries over the network with no user interaction required. An attacker with valid credentials can exploit this vulnerability to extract sensitive data from the underlying database, though code execution is not possible. No patch is currently available for this HIGH severity vulnerability affecting the Iqonic Design product.

SQLi
CVE-2026-24954 HIGH CVSS 8.8
magepeopleteam WpEvently mage-eventpress is affected by deserialization of untrusted data (CVSS 8.8).

Deserialization
CVE-2026-24887 HIGH CVSS 8.8
Claude Code versions before 2.0.72 allow authenticated attackers to execute arbitrary commands by exploiting a command parsing defect that bypasses the execution confirmation prompt via malicious find command syntax. An attacker with the ability to inject untrusted content into a Claude Code context can trigger unintended command execution with high impact to confidentiality, integrity, and availability. No patch is currently available for affected deployments.

Command Injection AI / ML Claude Code
CVE-2026-24773 HIGH CVSS 7.5
Open Eclass Platform versions up to 4.2 is affected by authorization bypass through user-controlled key (CVSS 7.5).

Authentication Bypass Open Eclass Platform
CVE-2026-24762 HIGH CVSS 7.5
Rustfs versions up to 1.0.0 is affected by insertion of sensitive information into log file (CVSS 7.5).

Information Disclosure Rustfs
CVE-2026-24694 HIGH CVSS 7.8
Arbitrary code execution in Roland Cloud Manager installer versions 3.1.19 and earlier results from insecure DLL loading, enabling local attackers to execute malicious code with application-level privileges. An attacker with local access and user interaction can exploit this vulnerability to compromise systems running the affected installer. No patch is currently available to remediate this vulnerability.

Privilege Escalation RCE
CVE-2026-24672 HIGH CVSS 7.3
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 7.3 HIGH]

XSS Open Eclass Platform
CVE-2026-24669 HIGH CVSS 7.8
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 7.8 HIGH]

Authentication Bypass Open Eclass Platform
CVE-2026-24665 HIGH CVSS 8.7
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 8.7 HIGH]

XSS Open Eclass Platform
CVE-2026-24512 HIGH CVSS 8.8
Ingress-nginx controllers are vulnerable to arbitrary code execution through malicious path specifications in Ingress rules, allowing authenticated attackers to inject nginx configuration and execute commands with controller privileges. The vulnerability also enables disclosure of cluster-wide Secrets accessible to the controller. No patch is currently available, and exploitation requires low complexity with only low privileges needed.

Nginx Suse
CVE-2026-24149 HIGH CVSS 7.8
Local code injection in NVIDIA Megatron-LM allows authenticated users to achieve arbitrary code execution and privilege escalation through malicious input to vulnerable scripts. An attacker with local access can craft specially designed data to trigger unsafe code evaluation, enabling complete system compromise including data theft and modification. No patch is currently available for this vulnerability affecting all supported platforms.

Privilege Escalation Code Injection Information Disclosure AI / ML
CVE-2026-24052 HIGH CVSS 7.4
Claude Code versions prior to 1.0.111 fail to properly validate trusted domains for WebFetch requests, allowing attackers to register lookalike domains (e.g., modelcontextprotocol.io.example.com) that bypass validation checks. This enables unauthorized automated requests to attacker-controlled servers without user interaction, potentially resulting in sensitive data exfiltration from the user's environment. The vulnerability affects Claude Code's agentic coding functionality and requires upgrading to version 1.0.111 or later to remediate.

Python AI / ML Claude Code
CVE-2026-22550 HIGH CVSS 8.6
Authenticated command injection in WRC-X1500GS-B and WRC-X1500GSA-B routers enables logged-in users to execute arbitrary OS commands through specially crafted requests. An attacker with valid credentials can gain complete system control over the affected devices. No patch is currently available to remediate this vulnerability.

Command Injection
CVE-2026-21862 HIGH CVSS 7.5
RustFS is a distributed object storage system built in Rust. [CVSS 7.5 HIGH]

Authentication Bypass Rustfs
CVE-2026-1862 HIGH CVSS 8.8
Chrome versions up to 144.0.7559.132 is affected by access of resource using incompatible type (type confusion) (CVSS 8.8).

Chrome Google Suse
CVE-2026-1861 HIGH CVSS 8.8
Heap buffer overflow in Chrome's libvpx video codec allows remote attackers to achieve arbitrary code execution through a malicious webpage, requiring only user interaction to trigger exploitation. The vulnerability affects Chrome versions prior to 144.0.7559.132 and currently lacks a patch. With a CVSS score of 8.8, this high-severity flaw poses significant risk to users who visit compromised or attacker-controlled websites.

Buffer Overflow Chrome Google Suse
CVE-2026-1803 HIGH CVSS 8.1
Ziroom ZHOME A0101 devices running version 1.0.1.0 use hardcoded default credentials in the Dropbear SSH service, enabling unauthenticated remote attackers to gain unauthorized access with high impact to confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and the vendor has not provided a patch or response. While exploitation requires specific conditions, security professionals should prioritize assessment and credential rotation for affected systems.

Ssh
CVE-2026-1802 HIGH CVSS 7.3
Ziroom ZHOME A0101 version 1.0.1.0 contains a command injection vulnerability in the macAddrClone function that can be exploited remotely through manipulation of the macType parameter, allowing unauthenticated attackers to execute arbitrary commands. Public exploit code exists for this vulnerability, and the vendor has not provided a patch or response to disclosure requests. An attacker can leverage this flaw to achieve remote code execution with network access and no user interaction required.

Command Injection
CVE-2026-1730 HIGH CVSS 8.8
OS DataHub Maps (WordPress plugin) is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress RCE
CVE-2026-1580 HIGH CVSS 8.8
Arbitrary code execution in ingress-nginx controllers via malicious `nginx.ingress.kubernetes.io/auth-method` Ingress annotations allows authenticated attackers to execute commands within the controller context and access cluster-wide Secrets. This vulnerability affects Nginx and Kubernetes deployments where the ingress controller has default cluster-wide Secret access permissions. No patch is currently available.

Nginx Kubernetes Suse
CVE-2026-1375 HIGH CVSS 8.1
Authenticated instructors in Tutor LMS plugin for WordPress versions up to 3.9.5 can modify or delete courses owned by other users due to missing authorization checks in bulk action functions. An attacker with instructor-level access can manipulate course IDs in bulk requests to compromise arbitrary courses without proper permission validation. No patch is currently available.

WordPress
CVE-2026-1285 HIGH CVSS 7.5
Django's HTML truncation functions (chars(), words(), and related template filters) are vulnerable to denial-of-service attacks when processing specially crafted inputs with excessive unmatched HTML end tags. Affected versions include Django 6.0 before 6.0.2, 5.2 before 5.2.11, 4.2 before 4.2.28, and potentially unsupported series 5.0.x, 4.1.x, and 3.2.x. Remote attackers can exploit this to cause service disruptions without requiring authentication or user interaction.

Django Redhat Suse
CVE-2026-1065 HIGH CVSS 7.2
Unauthenticated attackers can upload malicious SVG files through the Form Maker by 10Web WordPress plugin (versions up to 1.15.35) due to insufficient file type validation, enabling stored cross-site scripting attacks against administrators and site visitors. The plugin's default allowlist includes SVG files and relies on weak substring-based extension checking, allowing JavaScript execution when the uploaded files are viewed. No patch is currently available.

WordPress XSS
CVE-2026-1058 HIGH CVSS 7.1
Stored XSS in WordPress Form Maker plugin (versions up to 1.15.35) allows unauthenticated attackers to inject malicious scripts through hidden form field values that execute when administrators view the submissions list. The vulnerability stems from improper output escaping after HTML entity decoding of user-supplied input. Website administrators using this plugin are at risk of account compromise and unauthorized actions performed within their WordPress dashboard.

WordPress XSS
CVE-2026-0617 HIGH CVSS 7.2
Stored XSS in LatePoint WordPress plugin versions up to 5.2.5 allows unauthenticated attackers to inject malicious scripts into customer profile fields that execute when administrators review activity history. The vulnerability stems from inadequate input sanitization and output escaping, potentially enabling credential theft or administrative account compromise. No patch is currently available.

WordPress XSS
CVE-2026-0383 HIGH CVSS 7.8
Brocade Fabric OS contains a command injection vulnerability that allows authenticated local users with shell access to read sensitive files and command history due to insecure storage practices. An attacker with local privileges can exploit this to access confidential information stored on the system. No patch is currently available.

Command Injection Fabric Operating System
CVE-2025-70758 HIGH CVSS 7.5
chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The application sends an HTTP redirect via header(Location:login.php) when a user is not authenticated but fails to call exit() afterward. [CVSS 7.5 HIGH]

PHP Authentication Bypass
CVE-2025-70560 HIGH CVSS 8.4
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. [CVSS 8.4 HIGH]

Python Deserialization Boltz RCE
CVE-2025-69875 HIGH CVSS 7.8
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. [CVSS 7.8 HIGH]

Privilege Escalation Total Security
CVE-2025-67853 HIGH CVSS 7.5
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. [CVSS 7.5 HIGH]

Moodle
CVE-2025-67850 HIGH CVSS 7.3
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. [CVSS 7.3 HIGH]

Moodle XSS
CVE-2025-67849 HIGH CVSS 7.3
A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. [CVSS 7.3 HIGH]

Moodle XSS AI / ML
CVE-2025-67848 HIGH CVSS 8.1
Moodle contains a vulnerability that allows attackers to authenticate through the Learning Tools Interoperability (LTI) Provider (CVSS 8.1).

Moodle Authentication Bypass Information Disclosure
CVE-2025-66374 HIGH CVSS 7.8
Endpoint Privilege Manager versions up to 25.10.0 is affected by improper privilege management (CVSS 7.8).

Privilege Escalation Endpoint Privilege Manager
CVE-2025-65875 HIGH CVSS 8.8
An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file. [CVSS 8.8 HIGH]

PHP Fpdf
CVE-2025-64438 HIGH CVSS 7.5
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]

Denial Of Service Fast Dds
CVE-2025-62673 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-62603 HIGH CVSS 7.5
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]

Deserialization Fast Dds Debian Linux
CVE-2025-62602 HIGH CVSS 7.5
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]

Buffer Overflow Integer Overflow Fast Dds Debian Linux
CVE-2025-62601 HIGH CVSS 7.5
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]

Buffer Overflow Integer Overflow Fast Dds
CVE-2025-62600 HIGH CVSS 8.6
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]

Information Disclosure Buffer Overflow
CVE-2025-62599 HIGH CVSS 8.6
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]

Information Disclosure Buffer Overflow
CVE-2025-62501 HIGH CVSS 8.1
Archer Ax53 Firmware versions up to 1.0 contains a vulnerability that allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) a (CVSS 8.1).

TP-Link Authentication Bypass Archer Ax53 Firmware
CVE-2025-62405 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-62404 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-61983 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-61944 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-60865 HIGH CVSS 7.8
Pc Helpsoft Driver Updater versions up to 9.1.57803.1174 is affected by improper access control (CVSS 7.8).

Windows Pc Helpsoft Driver Updater
CVE-2025-59487 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-59482 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-59439 HIGH CVSS 7.5
An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions. [CVSS 7.5 HIGH]

Samsung Denial Of Service Exynos 9110 Firmware Exynos W930 Firmware Exynos 990 Firmware
CVE-2025-58455 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-58383 HIGH CVSS 7.2
Fabric Operating System versions up to 9.2.1 is affected by execution with unnecessary privileges (CVSS 7.2).

Dns Fabric Operating System
CVE-2025-58382 HIGH CVSS 7.2
Fabric Operating System contains a vulnerability that allows attackers to an authenticated, remote attacker with administrative credentials to execute ar (CVSS 7.2).

RCE Fabric Operating System
CVE-2025-58077 HIGH CVSS 8.0
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
CVE-2025-14550 HIGH CVSS 7.5
An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. `ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers. [CVSS 7.5 HIGH]

Golang Django Redhat Suse
CVE-2025-12774 HIGH CVSS 7.5
A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. [CVSS 7.5 HIGH]

Information Disclosure Sannav
CVE-2025-9711 HIGH CVSS 7.8
Fabric Operating System versions up to 9.2.1 contains a vulnerability that allows attackers to elevating the privileges of the local authenticated user to “root” using the exp (CVSS 7.8).

Information Disclosure Fabric Operating System
CVE-2025-8590 HIGH CVSS 7.5
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Directory Indexing.This issue affects SKSPro: through 07012026. [CVSS 7.5 HIGH]

Information Disclosure
CVE-2025-8589 HIGH CVSS 7.6
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Reflected XSS.This issue affects SKSPro: through 07012026. [CVSS 7.6 HIGH]

XSS
CVE-2025-8461 HIGH CVSS 7.6
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Seres Software syWEB allows Reflected XSS.This issue affects syWEB: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. [CVSS 7.6 HIGH]

XSS
CVE-2025-8456 HIGH CVSS 7.6
Kod8 Software Technologies Trade Ltd. Co. Kod8 Individual and SME Website is affected by cross-site scripting (xss) (CVSS 7.6).

XSS
CVE-2025-7760 HIGH CVSS 7.6
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ofisimo Web-Based Software Technologies Association Web Package Flora allows XSS Through HTTP Headers.This issue affects Association Web Package Flora: from v3.0 through 03022026. [CVSS 7.6 HIGH]

XSS
CVE-2025-6397 HIGH CVSS 8.6
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026. [CVSS 8.6 HIGH]

XSS
CVE-2020-37116 HIGH CVSS 8.8
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise. [CVSS 8.8 HIGH]

PHP MySQL Open Eclass Platform
CVE-2020-37113 HIGH CVSS 8.8
Open Eclass Platform versions up to 1.7.3 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE Open Eclass Platform
CVE-2020-37112 HIGH CVSS 7.1
GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated parameters. [CVSS 7.1 HIGH]

SQLi Open Eclass Platform
CVE-2020-37110 HIGH CVSS 8.2
60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. [CVSS 8.2 HIGH]

PHP SQLi XSS 60cyclecms
CVE-2020-37108 HIGH CVSS 7.1
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of product_detail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information. [CVSS 7.1 HIGH]

PHP SQLi
CVE-2020-37105 HIGH CVSS 7.1
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. [CVSS 7.1 HIGH]

PHP SQLi
CVE-2020-37102 HIGH CVSS 7.8
WCAssistantService contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
CVE-2020-37101 HIGH CVSS 7.8
VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. [CVSS 7.8 HIGH]

Code Injection
CVE-2020-37100 HIGH CVSS 7.8
Syncbreeze versions up to 12.4.18 contains a vulnerability that allows attackers to execute arbitrary code with elevated system privileges (CVSS 7.8).

RCE Syncbreeze
CVE-2020-37099 HIGH CVSS 7.8
its service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
CVE-2020-37098 HIGH CVSS 7.8
Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
CVE-2020-37097 HIGH CVSS 7.5
Ew-7438Rpn Mini Firmware versions up to 1.13 is affected by insufficiently protected credentials (CVSS 7.5).

Information Disclosure Ew 7438rpn Mini Firmware
CVE-2020-37093 HIGH CVSS 7.5
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcore_get.cgi endpoint. [CVSS 7.5 HIGH]

Information Disclosure
CVE-2020-37092 HIGH CVSS 7.5
Netis E1+ version 1.2.32533 contains a hardcoded root account vulnerability that allows unauthenticated attackers to access the device with predefined credentials. Attackers can leverage the embedded root account with a crackable password to gain full administrative access to the network device. [CVSS 7.5 HIGH]

Authentication Bypass
CVE-2020-37089 HIGH CVSS 8.2
School ERP Pro 1.0 contains a SQL injection vulnerability in the 'es_messagesid' parameter that allows attackers to manipulate database queries through GET requests. [CVSS 8.2 HIGH]

SQLi School Erp Pro
CVE-2020-37088 HIGH CVSS 7.5
School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. [CVSS 7.5 HIGH]

PHP Path Traversal School Erp Pro
CVE-2020-37085 HIGH CVSS 7.5
VirtualTablet Server 3.0.2 contains a denial of service vulnerability that allows attackers to crash the service by sending oversized string payloads through the Thrift protocol. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2020-37084 HIGH CVSS 7.2
School Erp Pro versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 7.2).

PHP RCE School Erp Pro
CVE-2020-37083 HIGH CVSS 8.2
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. [CVSS 8.2 HIGH]

PHP SQLi
CVE-2020-37081 HIGH CVSS 7.1
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. [CVSS 7.1 HIGH]

PHP SQLi
CVE-2020-37078 HIGH CVSS 8.8
import module contains a vulnerability that allows attackers to delete arbitrary files by manipulating the delete_import parameter (CVSS 8.8).

Information Disclosure
CVE-2020-37076 HIGH CVSS 8.2
Victor CMS version 1.0 contains a SQL injection vulnerability in the 'post' parameter on post.php that allows remote attackers to manipulate database queries. [CVSS 8.2 HIGH]

PHP SQLi Victor Cms
CVE-2020-37073 HIGH CVSS 8.8
Victor Cms versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP Victor Cms
CVE-2020-37072 HIGH CVSS 7.2
Victor CMS 1.0 contains a stored cross-site scripting vulnerability in the 'comment_author' POST parameter that allows attackers to inject malicious scripts. Attackers can submit crafted JavaScript payloads through the comment submission form to execute arbitrary code in victim browsers. [CVSS 7.2 HIGH]

XSS Victor Cms
CVE-2019-25261 HIGH CVSS 7.8
Anydesk versions up to 5.4.0 contains a vulnerability that allows attackers to potentially inject malicious executables (CVSS 7.8).

Windows Anydesk
CVE-2019-25260 HIGH CVSS 8.2
OXID eShop versions 6.x prior to 6.3.4 contains a SQL injection vulnerability in the 'sorting' parameter that allows attackers to insert malicious database content. [CVSS 8.2 HIGH]

PHP SQLi
CVE-2026-25616 MEDIUM CVSS 4.7
Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665. [CVSS 4.7 MEDIUM]

XSS Blesta
CVE-2026-25522 MEDIUM CVSS 4.8
Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated attackers with high privileges to inject malicious scripts through unsanitized Shipping Zone name and description fields, which execute in administrators' browsers. Public exploit code exists for this vulnerability. Updates to versions 4.10.1 and 5.5.2 are available to remediate the issue.

XSS Craft Commerce
CVE-2026-25509 MEDIUM CVSS 5.3
CI4MS prior to version 0.28.5.0 contains an email enumeration vulnerability in its password reset functionality that allows unauthenticated attackers to determine whether specific email addresses are registered in the system. An attacker can exploit this information disclosure by analyzing response patterns during the authentication process to build a list of valid user accounts. A patch is available in version 0.28.5.0 and later.

Information Disclosure Ci4ms
CVE-2026-25490 MEDIUM CVSS 4.8
Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated attackers with high privileges to inject malicious scripts via the Address Line 1 field in Inventory Locations, which execute in administrators' browsers when the field is viewed in the admin panel. Public exploit code exists for this vulnerability. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
CVE-2026-25489 MEDIUM CVSS 4.8
Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated attackers with high privileges to inject malicious scripts via unsanitized Tax Zone name and description fields, executing arbitrary JavaScript in administrators' browsers. Public exploit code exists for this vulnerability. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
CVE-2026-25488 MEDIUM CVSS 4.8
Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated administrators with high privileges to inject malicious scripts through unsanitized Tax Category fields, which execute when other admins view the affected pages. Public exploit code exists for this vulnerability. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
CVE-2026-25487 MEDIUM CVSS 4.8
Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated administrators with high privileges to inject malicious scripts via unsanitized Tax Rates name fields, enabling arbitrary JavaScript execution in other administrators' browsers. Public exploit code exists for this vulnerability. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
CVE-2026-25486 MEDIUM CVSS 4.8
Stored XSS in Craft Commerce versions 5.0.0 through 5.5.1 permits authenticated attackers with administrative privileges to inject malicious scripts through the Shipping Methods Name field, which executes in other administrators' browsers when they access the Store Management interface. Public exploit code exists for this vulnerability. The flaw stems from insufficient input sanitization and is remediated in version 5.5.2.

XSS Craft Commerce
CVE-2026-25485 MEDIUM CVSS 4.8
Stored XSS in Craft Commerce shipping category fields allows authenticated attackers with high privileges to inject malicious scripts that execute in administrators' browsers, affecting versions 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1. The vulnerability stems from insufficient sanitization of the Name and Description fields in the Store Management section before display in the admin panel. Public exploit code exists, and patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
CVE-2026-25484 MEDIUM CVSS 4.8
Stored cross-site scripting in Craft Commerce versions 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated users with product type management permissions to inject malicious scripts via unsanitized product type names that execute when administrators view user permissions settings. Public exploit code exists for this vulnerability. Upgrades to versions 4.10.1 or 5.5.2 resolve the issue.

XSS Craft Commerce
CVE-2026-25483 MEDIUM CVSS 5.4
Stored XSS in Craft Commerce's Order Status History Message (versions 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1) allows authenticated attackers with database backup permissions to inject malicious scripts that execute in the context of other users' browsers. Public exploit code exists for this vulnerability, enabling attackers to exfiltrate sensitive data including user credentials, customer PII, order history, and 2FA recovery codes. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
CVE-2026-25482 MEDIUM CVSS 4.8
Craft Commerce versions 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 contain a stored DOM-based XSS vulnerability in the Recent Orders dashboard widget where unescaped Order Status Names allow arbitrary script execution when administrators access the dashboard. An attacker with the ability to modify order statuses can inject malicious JavaScript that executes in the context of any admin user, potentially leading to account compromise or unauthorized actions. Public exploit code exists for this vulnerability; patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
CVE-2026-25155 MEDIUM CVSS 5.9
Qwik versions prior to 1.12.0 contain a regular expression parsing error in the isContentType function that allows attackers to bypass Content-Type validation through crafted headers. An attacker can exploit this to perform cross-site request forgery (CSRF) attacks by manipulating how the application interprets request content types. A patch is available in version 1.12.0.

CSRF Qwik
CVE-2026-25151 MEDIUM CVSS 5.9
Qwik is a performance focused javascript framework. [CVSS 5.9 MEDIUM]

CSRF Qwik
CVE-2026-25149 MEDIUM CVSS 6.1
Qwik versions up to 1.19.0 is affected by url redirection to untrusted site (open redirect) (CVSS 6.1).

Open Redirect Qwik
CVE-2026-25148 MEDIUM CVSS 6.1
Improper serialization of virtual attributes in Qwik versions prior to 1.19.0 enables stored cross-site scripting attacks during server-side rendering, allowing attackers to inject malicious scripts that execute in users' browsers within the affected application context. The vulnerability requires user interaction and affects applications using vulnerable Qwik versions. A patch is available in version 1.19.0 and later.

XSS Qwik
CVE-2026-25036 MEDIUM CVSS 6.5
The Passster WordPress plugin through version 4.2.25 contains an authorization bypass that allows authenticated users to access content protection mechanisms without proper permission validation. An attacker with low-privilege WordPress credentials can circumvent access controls to view protected content that should be restricted. No patch is currently available for this vulnerability.

Authentication Bypass WordPress
CVE-2026-25028 MEDIUM CVSS 5.4
Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor is affected by missing authorization (CVSS 5.4).

Authentication Bypass
CVE-2026-25024 MEDIUM CVSS 5.4
Blair Williams ThirstyAffiliates thirstyaffiliates is affected by cross-site request forgery (csrf) (CVSS 5.4).

CSRF
CVE-2026-25023 MEDIUM CVSS 5.3
The ContestsWP plugin versions 2.0.7 and earlier expose sensitive embedded data through improper access controls, allowing unauthenticated attackers to retrieve information from the contest-code-checker component. This low-impact information disclosure affects WordPress sites running vulnerable versions of the Run Contests, Raffles, and Giveaways plugin. No patch is currently available to remediate this exposure.

Information Disclosure
CVE-2026-25021 MEDIUM CVSS 5.4
Mizan Themes Mizan Demo Importer mizan-demo-importer is affected by missing authorization (CVSS 5.4).

Authentication Bypass
CVE-2026-25020 MEDIUM CVSS 4.3
WP Sync for Notion plugin through version 1.7.0 contains improper access control that allows authenticated users to modify data without proper authorization checks. An attacker with WordPress user privileges could exploit this vulnerability to alter synchronized content between WordPress and Notion. The vulnerability requires user interaction and network access but poses a medium risk to WordPress installations using affected versions.

WordPress
CVE-2026-25019 MEDIUM CVSS 5.3
Atarim visual collaboration plugin versions 4.3.1 and earlier contain an access control bypass that allows unauthenticated remote attackers to modify data through improperly configured security levels. The vulnerability affects all installations of the affected plugin and requires no user interaction to exploit. No patch is currently available for this authorization flaw.

Authentication Bypass
CVE-2026-25016 MEDIUM CVSS 4.3
Nelio Popups versions 1.3.5 and earlier contain an authorization bypass vulnerability that allows authenticated users to modify popup content without proper access controls. An attacker with valid credentials can exploit misconfigured access control levels to make unauthorized changes to popups. No patch is currently available.

Authentication Bypass
CVE-2026-25015 MEDIUM CVSS 4.3
UsersWP plugin versions 1.2.53 and earlier contain a CSRF vulnerability that enables attackers to perform unauthorized actions on behalf of authenticated users without their knowledge. An attacker can craft malicious requests to modify user data or settings through a victim's browser session. No patch is currently available for this vulnerability.

CSRF
CVE-2026-25014 MEDIUM CVSS 4.3
Unauthenticated attackers can perform Cross-Site Request Forgery (CSRF) attacks against users of Enter Addons version 2.3.2 and earlier, potentially modifying victim data through unwanted actions. The vulnerability requires user interaction to succeed but carries no authentication barriers, allowing attackers to forge requests that alter application state. No patch is currently available to remediate this issue.

CSRF
CVE-2026-25012 MEDIUM CVSS 5.3
WP Bannerize Pro versions up to 1.11.0 contain a missing authorization vulnerability that allows unauthenticated attackers to bypass access control restrictions and gain unauthorized information disclosure. The improperly configured security levels enable remote exploitation without user interaction, potentially exposing sensitive banner configuration data. WordPress site administrators using affected versions should update to a patched release when available.

WordPress
CVE-2026-25011 MEDIUM CVSS 4.3
Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface is affected by missing authorization (CVSS 4.3).

WordPress
CVE-2026-25010 MEDIUM CVSS 5.3
ILLID Share This Image plugin version 2.09 and earlier contains an access control bypass that allows unauthenticated remote attackers to modify content through improperly configured authorization checks. The vulnerability requires no user interaction and can be exploited over the network to alter shared images or related data. No patch is currently available.

Authentication Bypass
CVE-2026-24998 MEDIUM CVSS 5.3
WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup contains a security vulnerability (CVSS 5.3).

WordPress
CVE-2026-24997 MEDIUM CVSS 5.3
Wired Impact Wired Impact Volunteer Management wired-impact-volunteer-management is affected by missing authorization (CVSS 5.3).

Authentication Bypass
CVE-2026-24996 MEDIUM CVSS 4.3
WPElemento Importer through version 0.6.4 contains a missing authorization flaw that allows authenticated users to modify data due to improper access control enforcement. An attacker with valid credentials can exploit this vulnerability to perform unauthorized modifications without requiring user interaction. No patch is currently available for this issue.

Authentication Bypass
CVE-2026-24995 MEDIUM CVSS 4.3
Iulia Cazan Latest Post Shortcode latest-post-shortcode is affected by missing authorization (CVSS 4.3).

Authentication Bypass
CVE-2026-24994 MEDIUM CVSS 5.3
sunshinephotocart Sunshine Photo Cart sunshine-photo-cart is affected by missing authorization (CVSS 5.3).

Authentication Bypass
CVE-2026-24992 MEDIUM CVSS 5.3
WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics contains a security vulnerability (CVSS 5.3).

WordPress Industrial
CVE-2026-24991 MEDIUM CVSS 5.3
HT Plugins Extensions For CF7 extensions-for-cf7 is affected by authorization bypass through user-controlled key (CVSS 5.3).

Authentication Bypass
CVE-2026-24990 MEDIUM CVSS 5.4
Improper access control in WP Docs plugin version 2.2.8 and earlier for WordPress allows authenticated users to modify or delete content they should not have permission to access. An attacker with user-level credentials can exploit misconfigured security settings to alter website data or cause service disruption.

WordPress
CVE-2026-24988 MEDIUM CVSS 6.5
The Events Calendar Shortcode & Block plugin through version 3.1.1 contains a stored cross-site scripting vulnerability that allows authenticated users with limited privileges to inject malicious scripts into event pages, affecting all site visitors. An attacker can exploit this by crafting malicious input that persists in the database and executes in users' browsers when they view affected event content. No patch is currently available for this medium-severity vulnerability.

XSS
CVE-2026-24986 MEDIUM CVSS 5.4
wp.insider Simple Membership WP user Import simple-membership-wp-user-import is affected by cross-site request forgery (csrf) (CVSS 5.4).

WordPress CSRF
CVE-2026-24985 MEDIUM CVSS 4.3
approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on is affected by missing authorization (CVSS 4.3).

WordPress
CVE-2026-24984 MEDIUM CVSS 6.5
Brecht Visual Link Preview versions 2.2.9 and earlier contain an authorization bypass vulnerability that allows authenticated users to access sensitive information they should not have permission to view. An attacker with valid credentials can exploit misconfigured access controls to read confidential data, though they cannot modify or delete information. No patch is currently available for this vulnerability.

Authentication Bypass
CVE-2026-24982 MEDIUM CVSS 5.3
Brainstorm Force Spectra ultimate-addons-for-gutenberg is affected by missing authorization (CVSS 5.3).

Authentication Bypass
CVE-2026-24967 MEDIUM CVSS 5.3
Amelia booking plugin versions up to 1.2.38 contain an authorization bypass that allows unauthenticated remote attackers to access sensitive information through improperly configured access control mechanisms. The vulnerability requires no user interaction and can be exploited over the network to disclose confidential data. No patch is currently available.

Authentication Bypass
CVE-2026-24966 MEDIUM CVSS 4.3
Copyscape Copyscape Premium copyscape-premium is affected by cross-site request forgery (csrf) (CVSS 4.3).

CSRF
CVE-2026-24965 MEDIUM CVSS 4.3
Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery is affected by missing authorization (CVSS 4.3).

Authentication Bypass
CVE-2026-24962 MEDIUM CVSS 4.3
Sigmize through version 0.0.9 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to perform unintended actions on behalf of authenticated users. The flaw requires user interaction but could enable unauthorized modifications or state changes within the application. No patch is currently available.

CSRF
CVE-2026-24961 MEDIUM CVSS 5.4
ThemeGoods Grand Blog versions prior to 3.1.5 contain a server-side request forgery vulnerability that allows unauthenticated remote attackers to make arbitrary HTTP requests from the affected server. The vulnerability enables attackers to access internal resources or interact with backend services on behalf of the server, potentially leading to information disclosure or lateral movement within the network. No patch is currently available for this issue.

SSRF
CVE-2026-24958 MEDIUM CVSS 6.5
Crocoblock JetElements For Elementor jet-elements is affected by cross-site scripting (xss) (CVSS 6.5).

XSS
CVE-2026-24957 MEDIUM CVSS 6.5
Unauthorized information disclosure in WordPress Strong Testimonials plugin version 3.2.20 and earlier stems from improper access control validation, allowing authenticated users to access sensitive data they should not have permission to view. An attacker with low-privilege WordPress account credentials can exploit this vulnerability to read confidential information without requiring user interaction. Currently, no patch is available for this vulnerability.

Authentication Bypass WordPress
CVE-2026-24952 MEDIUM CVSS 6.5
Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting is affected by cross-site scripting (xss) (CVSS 6.5).

XSS
CVE-2026-24951 MEDIUM CVSS 4.3
Insufficient access control checks in myCred plugin version 2.9.7.3 and earlier allow authenticated users to modify data they should not have permission to change. An attacker with valid credentials could exploit misconfigured security levels to perform unauthorized modifications, though the vulnerability requires legitimate user access and has no currently available patch.

Authentication Bypass
CVE-2026-24947 MEDIUM CVSS 4.3
LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit is affected by missing authorization (CVSS 4.3).

Authentication Bypass
CVE-2026-24945 MEDIUM CVSS 5.3
Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 is affected by missing authorization (CVSS 5.3).

Authentication Bypass
CVE-2026-24942 MEDIUM CVSS 4.3
magepeopleteam WpEvently mage-eventpress is affected by cross-site request forgery (csrf) (CVSS 4.3).

CSRF
CVE-2026-24940 MEDIUM CVSS 4.3
Insufficient access control in Themefic Travelfic Toolkit version 1.3.3 and earlier allows authenticated users to modify data due to improperly configured authorization checks. An attacker with valid credentials can bypass intended permission restrictions to perform unauthorized actions. No patch is currently available for this vulnerability.

Authentication Bypass
CVE-2026-24939 MEDIUM CVSS 4.3
WP Chill Modula Image Gallery modula-best-grid-gallery is affected by missing authorization (CVSS 4.3).

Authentication Bypass WordPress
CVE-2026-24938 MEDIUM CVSS 5.9
Stored XSS in Better Search plugin version 4.2.1 and earlier enables authenticated attackers with high privileges to inject malicious scripts that persist in web pages and execute in other users' browsers. The vulnerability requires user interaction to trigger but can compromise confidentiality, integrity, and availability across the application scope. No patch is currently available.

XSS
CVE-2026-24935 MEDIUM CVSS 5.6
Data Master ADM 4.1.0-4.3.3 and 5.0.0-5.1.1 are vulnerable to man-in-the-middle attacks due to improper SSL/TLS certificate validation in the NAT traversal module, allowing attackers to intercept tunnel establishment and redirect connections to the signaling server. An attacker exploiting this can proxy device service communications, disrupt availability, or position themselves for follow-on attacks, though further authentication is required to access actual device services. No patch is currently available.

Authentication Bypass Data Master
CVE-2026-24933 MEDIUM CVSS 5.9
Data Master versions 4.1.0-4.3.3 and 5.0.0-5.1.1 fail to validate SSL/TLS certificates during HTTPS communication, enabling unauthenticated attackers to conduct man-in-the-middle attacks and intercept sensitive data including emails, password hashes, and device serial numbers. The vulnerability affects API communication with no available patch, leaving affected installations at persistent risk of credential and information disclosure.

Authentication Bypass Data Master
CVE-2026-24932 MEDIUM CVSS 5.9
Improper TLS/SSL certificate validation in ADM's DDNS update function (versions 4.1.0-4.3.3.ROF1 and 5.0.0-5.1.1.RCI1) enables remote man-in-the-middle attacks to intercept HTTPS communications and extract sensitive data including user email, MD5 hashed passwords, and device serial numbers. An unauthenticated attacker on the network can exploit this weakness without user interaction to compromise DDNS update credentials. No patch is currently available for affected versions.

Tls Data Master
CVE-2026-24774 MEDIUM CVSS 4.3
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 4.3 MEDIUM]

Information Disclosure Open Eclass Platform
CVE-2026-24674 MEDIUM CVSS 4.7
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 4.7 MEDIUM]

XSS Open Eclass Platform
CVE-2026-24673 MEDIUM CVSS 4.3
Open Eclass Platform versions up to 4.2 is affected by unrestricted upload of file with dangerous type (CVSS 4.3).

File Upload Open Eclass Platform
CVE-2026-24671 MEDIUM CVSS 6.1
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 6.1 MEDIUM]

XSS Open Eclass Platform
CVE-2026-24670 MEDIUM CVSS 6.5
Broken access control in Open eClass Platform versions prior to 4.2 allows authenticated students to create course units, a privilege normally reserved for instructors and administrators. An attacker with valid student credentials can escalate their capabilities within the platform by performing unauthorized administrative actions. Public exploit code exists for this vulnerability, and no patch is currently available.

Authentication Bypass Open Eclass Platform
CVE-2026-24668 MEDIUM CVSS 6.5
Broken access control in Open eClass Platform before version 4.2 allows authenticated students to modify course content that should only be editable by instructors and administrators. Public exploit code exists for this vulnerability, and no patch is currently available for affected deployments. An attacker with valid student credentials can escalate their privileges to alter course materials and potentially disrupt educational content integrity.

Authentication Bypass Open Eclass Platform
CVE-2026-24667 MEDIUM CVSS 5.0
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 5.0 MEDIUM]

Authentication Bypass Open Eclass Platform
CVE-2026-24666 MEDIUM CVSS 6.5
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 6.5 MEDIUM]

CSRF Open Eclass Platform
CVE-2026-24664 MEDIUM CVSS 5.3
Open Eclass Platform versions up to 4.2 contains a vulnerability that allows attackers to identify valid user accounts by analyzing differences in the login response beha (CVSS 5.3).

Information Disclosure Open Eclass Platform
CVE-2026-24514 MEDIUM CVSS 6.5
Ingress-nginx's validating admission controller is vulnerable to denial of service through memory exhaustion when processing oversized requests, enabling authenticated attackers to crash the controller pod or exhaust node memory. The vulnerability requires valid credentials but no user interaction, affecting deployments relying on this validation feature. No patch is currently available.

Nginx Denial Of Service Suse
CVE-2026-24449 MEDIUM CVSS 5.1
WRC-X1500GS-B and WRC-X1500GSA-B routers contain a weak credential derivation vulnerability where initial administrative passwords can be predicted from publicly available system information, potentially allowing unauthenticated attackers to gain administrative access. The vulnerability requires physical proximity to the device to obtain necessary system details, limiting its practical exploitability. No patch is currently available for affected devices.

Information Disclosure
CVE-2026-24441 MEDIUM CVSS 5.9
Tenda AC7 firmware V03.03.03.01_cn and earlier transmits account credentials in cleartext over HTTP, enabling network-positioned attackers to intercept and obtain authentication material without user interaction. This cleartext credential exposure in HTTP responses creates a high confidentiality risk for affected device users. No patch is currently available for this vulnerability.

Information Disclosure Ac7 Firmware
CVE-2026-24434 MEDIUM CVSS 6.5
Tenda AC7 firmware through V03.03.03.01_cn lacks CSRF protections on administrative web functions, enabling attackers to trick authenticated administrators into executing unauthorized configuration changes. An unauthenticated attacker can craft malicious requests that, when visited by an admin, modify router settings without their knowledge or consent. No patch is currently available.

CSRF Ac7 Firmware
CVE-2026-24427 MEDIUM CVSS 5.5
Tenda AC7 firmware v03.03.03.01_cn and earlier transmits administrative credentials in plaintext within web management responses and fails to set proper Cache-Control headers, allowing credentials to be cached by browsers. A local attacker with access to a client system or browser profile can retrieve these cached credentials to gain unauthorized administrative access to affected routers. No patch is currently available for this vulnerability.

Information Disclosure Ac7 Firmware
CVE-2026-24426 MEDIUM CVSS 6.1
The Tenda AC7 firmware web management interface fails to properly sanitize user input, enabling reflected cross-site scripting (XSS) attacks that can inject malicious scripts into a victim's browser. An unauthenticated attacker can exploit this vulnerability to steal session cookies, perform unauthorized actions, or redirect users to malicious sites. No patch is currently available for affected firmware versions V03.03.03.01_cn and earlier.

XSS Ac7 Firmware
CVE-2026-24053 MEDIUM CVSS 6.5
Claude Code versions prior to 2.0.74 allow authenticated users to write files outside designated directories by exploiting inadequate Bash command validation in ZSH clobber syntax parsing. An attacker with the ability to inject malicious content into a Claude Code context window on a ZSH-based system can bypass file restrictions and achieve unauthorized file writes without triggering user permission prompts. This vulnerability requires user interaction and ZSH environment configuration, making it suitable for supply chain or prompt injection attacks against Claude Code users.

Path Traversal AI / ML Claude Code
CVE-2026-23795 MEDIUM CVSS 4.9
Syncope versions up to 3.0.15 is affected by improper restriction of xml external entity reference (CVSS 4.9).

Apache XXE Syncope
CVE-2026-23794 MEDIUM CVSS 6.8
Reflected XSS in Apache Syncope's Enduser Login page. An attacker that tricks a legitimate user into clicking a malicious link and logging in to Syncope Enduser could steal that user's credentials. [CVSS 6.8 MEDIUM]

Apache XSS Syncope
CVE-2026-22228 MEDIUM CVSS 4.9
TP-Link Archer BE230 v1.2 before 1.2.4 Build 20251218 rel.70420 is susceptible to denial-of-service attacks when an authenticated high-privilege user restores a specially crafted configuration file with excessively long parameters. The malicious configuration causes the device to become unresponsive and requires a manual reboot to restore functionality. No patch is currently available for this vulnerability.

TP-Link Archer Be230 Firmware
CVE-2026-22220 MEDIUM CVSS 4.5
TP-Link Archer BE230 firmware v1.2 before build 20251218 rel.70420 lacks proper input validation in HTTP request processing, allowing a network-adjacent attacker with high privileges to crash the web service. An attacker exploiting this vulnerability can render the device's web interface temporarily unavailable until manual recovery or reboot occurs. No patch is currently available.

TP-Link Denial Of Service Archer Be230 Firmware
CVE-2026-20704 MEDIUM CVSS 4.3
Unauthenticated attackers can perform unauthorized actions on WRC-X1500GS-B and WRC-X1500GSA-B routers through cross-site request forgery attacks that exploit the lack of CSRF protections. An attacker can trick authenticated users into visiting a malicious webpage that silently executes unwanted commands on the affected device. No patch is currently available.

CSRF
CVE-2026-1812 MEDIUM CVSS 6.3
Path traversal in Bolo Solo up to version 2.6.4 allows authenticated attackers to manipulate file path arguments in the backup import function, potentially accessing or modifying arbitrary files on the affected system. Public exploit code exists for this vulnerability, and the maintainers have not yet released a patch despite early notification. The attack requires valid credentials but can be executed remotely over the network.

Java Path Traversal Bolo Solo
CVE-2026-1811 MEDIUM CVSS 6.3
Path traversal in Bolo Solo's importFromMarkdown function allows authenticated attackers to manipulate file paths and access arbitrary files on affected systems. The vulnerability affects Bolo Solo versions up to 2.6.4 and requires valid credentials but no user interaction to exploit. Public exploit code exists for this vulnerability, and no patch is currently available.

Java Path Traversal Bolo Solo
CVE-2026-1810 MEDIUM CVSS 6.3
Path traversal in Bolo Solo up to version 2.6.4 allows authenticated attackers to manipulate ZIP file extraction operations in the BackupService component, potentially reading or writing arbitrary files on the affected system. Public exploit code is available for this vulnerability, and the vendor has not yet provided a patch despite early notification.

Java Path Traversal Bolo Solo
CVE-2026-1801 MEDIUM CVSS 5.3
HTTP request smuggling in libsoup allows remote attackers to exploit non-compliant chunk header parsing by injecting malformed requests with LF-only line endings instead of proper CRLF formatting. Without requiring authentication, an attacker can cause libsoup to interpret multiple HTTP requests from a single network message, potentially leading to information disclosure. No patch is currently available for this vulnerability.

Information Disclosure Request Smuggling Redhat Suse
CVE-2026-1755 MEDIUM CVSS 6.4
Stored cross-site scripting in WordPress Menu Icons by ThemeIsle plugin (versions up to 0.13.20) allows authenticated users with Author-level permissions or higher to inject malicious scripts through the attachment image alt meta field due to improper input sanitization. The injected scripts execute in the browsers of visitors accessing the affected pages, enabling session hijacking, credential theft, or malware distribution.

WordPress XSS
CVE-2026-1592 MEDIUM CVSS 6.3
Stored cross-site scripting in Foxit PDF Editor Cloud's Create New Layer feature allows authenticated attackers to execute arbitrary JavaScript by injecting malicious code that persists when layers are accessed by other users. The vulnerability affects pdfonline.foxit.com versions prior to 2026-02-03 and requires user interaction to trigger. No patch is currently available.

XSS Pdf Editor Cloud
CVE-2026-1591 MEDIUM CVSS 6.3
Foxit PDF Editor Cloud contains a stored XSS vulnerability in its file upload functionality where malicious usernames are not properly sanitized before being displayed in the upload file list, enabling authenticated attackers to execute arbitrary JavaScript in other users' browsers. The vulnerability affects pdfonline.foxit.com versions prior to 2026-02-03 and currently has no available patch. An attacker with valid credentials could craft a malicious username to compromise account security or steal sensitive document data from other users viewing the file list.

XSS Pdf Editor Cloud
CVE-2026-1447 MEDIUM CVSS 5.4
Unauthenticated attackers can forge requests to create or modify contact notes in WordPress Mail Mint plugin versions up to 1.19.2 by exploiting missing CSRF protections, requiring only that a site administrator clicks a malicious link. The lack of input validation on these operations enables stored XSS attacks that could compromise administrator accounts and site integrity. No patch is currently available.

WordPress XSS CSRF
CVE-2026-1371 MEDIUM CVSS 5.3
The Tutor LMS plugin for WordPress fails to enforce capability checks in its coupon details AJAX function, allowing authenticated subscribers to disclose sensitive coupon data including codes, discount amounts, and usage metrics through nonce validation bypass. This information exposure affects all versions up to 3.9.5 and requires only valid user authentication to exploit. No patch is currently available.

WordPress Information Disclosure
CVE-2026-1312 MEDIUM CVSS 5.4
SQL injection in Django's QuerySet.order_by() method allows authenticated attackers to execute arbitrary SQL commands through specially crafted column aliases containing periods when used with FilteredRelation and dictionary expansion. This vulnerability affects Django versions 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28, with potentially older unsupported versions also impacted. Patches are available for all affected versions.

Golang Django SQLi Redhat Suse
CVE-2026-1287 MEDIUM CVSS 5.4
SQL injection via FilteredRelation column aliases in Django 4.2, 5.2, and 6.0 allows authenticated attackers to execute arbitrary SQL queries through crafted dictionary arguments in QuerySet methods like annotate() and aggregate(). An attacker with database access can exploit control characters in alias names to bypass input validation and potentially extract sensitive data or modify database contents. Patches are available for all affected versions, and unsupported Django releases may also be vulnerable.

Golang Django SQLi Redhat Suse
CVE-2026-1210 MEDIUM CVSS 6.4
Authenticated contributors and above can inject malicious scripts into WordPress pages through the Happy Addons for Elementor plugin (versions up to 3.20.7) via improper sanitization of the '_elementor_data' meta field, resulting in stored XSS that executes for all users viewing affected pages. An attacker with contributor-level permissions can leverage this to steal credentials, perform actions on behalf of administrators, or deface website content. No patch is currently available.

WordPress XSS
CVE-2026-1207 MEDIUM CVSS 5.4
SQL injection in Django's PostGIS RasterField lookups allows authenticated attackers to execute arbitrary SQL commands through the band index parameter in affected versions 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Unsupported Django series including 5.0.x, 4.1.x, and 3.2.x may also be vulnerable. A patch is available and authentication is required to exploit this vulnerability.

Golang Django Redhat Suse
CVE-2026-0950 MEDIUM CVSS 5.3
Spectra Gutenberg Blocks plugin for WordPress fails to properly check password protection before displaying post excerpts, allowing unauthenticated attackers to read excerpts from password-protected posts through Post Grid, Post Masonry, Post Carousel, and Post Timeline blocks. The vulnerability affects all versions up to 2.19.17 and requires no authentication or user interaction to exploit. Currently, no patch is available.

WordPress Information Disclosure
CVE-2026-0909 MEDIUM CVSS 5.3
WP ULike (WordPress plugin) versions up to 4.8.3.1. is affected by authorization bypass through user-controlled key (CVSS 5.3).

WordPress
CVE-2025-71179 MEDIUM CVSS 6.1
Creativeitem Academy LMS 7.0 contains reflected Cross-Site Scripting (XSS) vulnerabilities via the search parameter to the /academy/blogs endpoint, and the string parameter to the /academy/course_bundles/search/query endpoint. [CVSS 6.1 MEDIUM]

XSS Academy Lms
CVE-2025-70849 MEDIUM CVSS 6.1
Arbitrary File Upload in podinfo thru 6.9.0 allows unauthenticated attackers to upload arbitrary files via crafted POST request to the /store endpoint. [CVSS 6.1 MEDIUM]

XSS Podinfo Suse
CVE-2025-70559 MEDIUM CVSS 6.5
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]

Python Privilege Escalation Deserialization RCE Suse
CVE-2025-70311 MEDIUM CVSS 6.5
JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do interface for attack. [CVSS 6.5 MEDIUM]

SQLi Jeewms
CVE-2025-69848 MEDIUM CVSS 5.4
NetBox is an open-source infrastructure resource modeling and IP address management platform. [CVSS 5.4 MEDIUM]

XSS Netbox
CVE-2025-69431 MEDIUM CVSS 6.1
The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. [CVSS 6.1 MEDIUM]

Path Traversal Q2c Firmware
CVE-2025-69430 MEDIUM CVSS 6.1
An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 (version equal to or prior to V1.9.12), DM3 (version equal to or prior to V1.9.12), and DM200 (version equal to or prior to V1.2.23) that could be exploited by attackers to leak or tamper with the internal file system. [CVSS 6.1 MEDIUM]

Path Traversal Dm2 Firmware Dm200 Firmware Dm3 Firmware
CVE-2025-69429 MEDIUM CVSS 6.1
The ORICO NAS CD3510 (version V1.9.12 and below) contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. [CVSS 6.1 MEDIUM]

Path Traversal Cd3510 Firmware
CVE-2025-67857 MEDIUM CVSS 4.3
A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. [CVSS 4.3 MEDIUM]

Moodle Information Disclosure
CVE-2025-67856 MEDIUM CVSS 5.4
A flaw was found in Moodle. An authorization logic flaw, specifically due to incomplete role checks during the badge awarding process, allowed badges to be granted without proper verification. [CVSS 5.4 MEDIUM]

Moodle Privilege Escalation
CVE-2025-67855 MEDIUM CVSS 5.4
A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. [CVSS 5.4 MEDIUM]

XSS Information Disclosure Moodle
CVE-2025-67851 MEDIUM CVSS 6.1
A flaw was found in moodle. This formula injection vulnerability occurs when data fields are exported without proper escaping. [CVSS 6.1 MEDIUM]

Moodle
CVE-2025-67189 MEDIUM CVSS 6.5
A950Rg Firmware versions up to 4.1.2cu.5204_b20210112 is affected by classic buffer overflow (CVSS 6.5).

Buffer Overflow Denial Of Service A950rg Firmware RCE TOTOLINK
CVE-2025-65924 MEDIUM CVSS 4.1
ERPNext thru 15.88.1 does not sanitize or remove certain HTML tags specifically `<a>` hyperlinks in fields that are intended for plain text. Although JavaScript is blocked (preventing XSS), the HTML is still preserved in the generated PDF document. [CVSS 4.1 MEDIUM]

XSS Erpnext
CVE-2025-65923 MEDIUM CVSS 5.4
A Stored Cross-Site Scripting (XSS) vulnerability was discovered within the CSV import mechanism of ERPNext thru 15.88.1 when using the Update Existing Recordsoption. [CVSS 5.4 MEDIUM]

XSS Erpnext
CVE-2025-65017 MEDIUM CVSS 6.5
Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the private data exports can lead to data leaks in case the UUID generation, causing collisions for the generated UUIDs. [CVSS 6.5 MEDIUM]

Information Disclosure Decidim
CVE-2025-64098 MEDIUM CVSS 5.9
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 5.9 MEDIUM]

Integer Overflow Debian Linux Fast Dds
CVE-2025-63372 MEDIUM CVSS 4.3
Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents. [CVSS 4.3 MEDIUM]

Path Traversal Zip Rar Extractor Tool
CVE-2025-61645 MEDIUM CVSS 6.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. [CVSS 6.1 MEDIUM]

Mediawiki PHP XSS Redhat
CVE-2025-58379 MEDIUM CVSS 5.5
Fabric Operating System versions up to 9.2.1 is affected by execution with unnecessary privileges (CVSS 5.5).

Privilege Escalation Fabric Operating System
CVE-2025-58348 MEDIUM CVSS 5.5
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 5.5).

Samsung Linux Exynos 850 Firmware Exynos 980 Firmware Exynos 1380 Firmware
CVE-2025-58347 MEDIUM CVSS 5.5
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 5.5).

Samsung Linux Exynos 1380 Firmware Exynos 980 Firmware Exynos W1000 Firmware
CVE-2025-58346 MEDIUM CVSS 5.5
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 5.5).

Samsung Linux Exynos 980 Firmware Exynos 1280 Firmware Exynos 1380 Firmware
CVE-2025-58345 MEDIUM CVSS 5.5
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 5.5).

Samsung Linux Exynos 1080 Firmware Exynos W920 Firmware Exynos 1380 Firmware
CVE-2025-58344 MEDIUM CVSS 6.2
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.2).

Samsung Linux Exynos 1280 Firmware Exynos 980 Firmware Exynos 1580 Firmware
CVE-2025-58343 MEDIUM CVSS 5.5
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 5.5).

Samsung Linux Exynos 1580 Firmware Exynos 1080 Firmware Exynos 1380 Firmware
CVE-2025-58342 MEDIUM CVSS 6.2
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.2).

Samsung Linux Exynos 1480 Firmware Exynos 980 Firmware Exynos 1080 Firmware
CVE-2025-58341 MEDIUM CVSS 6.2
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.2).

Samsung Linux Exynos 980 Firmware Exynos W930 Firmware Exynos 850 Firmware
CVE-2025-58340 MEDIUM CVSS 6.2
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.2).

Samsung Linux Exynos 980 Firmware Exynos 1080 Firmware Exynos 850 Firmware
CVE-2025-52628 MEDIUM CVSS 4.6
Aion versions up to 2.0 contains a vulnerability that allows attackers to cookies to be sent in cross-site requests, potentially increasing exposure to cr (CVSS 4.6).

CSRF Aion
CVE-2025-52627 MEDIUM CVSS 5.5
Aion versions up to 2.0 is affected by incorrect permission assignment for critical resource (CVSS 5.5).

Privilege Escalation Aion
CVE-2025-52626 MEDIUM CVSS 4.5
A Potential Command Injection vulnerability in HCL AION. An This can allow unintended command execution, potentially leading to unauthorized actions on the underlying system.This issue affects AION: 2.0 [CVSS 4.5 MEDIUM]

Command Injection Aion
CVE-2025-46651 MEDIUM CVSS 4.3
Tiny File Manager through 2.6 contains a server-side request forgery (SSRF) vulnerability in the URL upload feature. [CVSS 4.3 MEDIUM]

SSRF Tiny File Manager
CVE-2025-36094 MEDIUM CVSS 5.4
Cloud Pak For Business Automation versions up to 24.0.0 contains a vulnerability that allows attackers to an authenticated user to cause a denial of service or corrupt existing data due (CVSS 5.4).

IBM Denial Of Service Cloud Pak For Business Automation
CVE-2025-36033 MEDIUM CVSS 5.4
Engineering Lifecycle Management versions up to 7.0.3 is affected by cross-site scripting (xss) (CVSS 5.4).

IBM XSS Engineering Lifecycle Management
CVE-2025-14274 MEDIUM CVSS 5.4
Unlimited Elements for Elementor (WordPress plugin) versions up to 2.0.1. is affected by cross-site scripting (xss) (CVSS 5.4).

WordPress XSS PHP
CVE-2025-13473 MEDIUM CVSS 5.3
Django versions up to 6.0.2 contains a vulnerability that allows attackers to enumerate users via a timing attack (CVSS 5.3).

Golang Django Redhat Suse
CVE-2025-12773 MEDIUM CVSS 6.5
A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. [CVSS 6.5 MEDIUM]

Information Disclosure Sannav
CVE-2020-37115 MEDIUM CVSS 6.5
GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access. [CVSS 6.5 MEDIUM]

Authentication Bypass Open Eclass Platform
CVE-2020-37114 MEDIUM CVSS 4.3
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. [CVSS 4.3 MEDIUM]

Aws Information Disclosure Open Eclass Platform
CVE-2020-37111 MEDIUM CVSS 6.1
60CycleCMS 2.5.2 contains a cross-site scripting (XSS) vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. [CVSS 6.1 MEDIUM]

PHP SQLi XSS 60cyclecms
CVE-2020-37103 MEDIUM CVSS 6.4
DotNetNuke 9.5 contains a persistent cross-site scripting vulnerability that allows normal users to upload malicious XML files with executable scripts through journal tools. [CVSS 6.4 MEDIUM]

Dotnet XSS CSRF Dotnetnuke
CVE-2020-37096 MEDIUM CVSS 5.3
Ew-7438Rpn Mini Firmware versions up to 1.13 is affected by cross-site request forgery (csrf) (CVSS 5.3).

CSRF Ew 7438rpn Mini Firmware
CVE-2020-37091 MEDIUM CVSS 5.3
Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows attackers to create administrative accounts without authentication. [CVSS 5.3 MEDIUM]

PHP CSRF
CVE-2020-37086 MEDIUM CVSS 6.2
Easy Transfer 1.7 iOS mobile application contains a directory traversal vulnerability that allows remote attackers to access unauthorized file system paths without authentication. [CVSS 6.2 MEDIUM]

Path Traversal
CVE-2020-37077 MEDIUM CVSS 6.5
Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. [CVSS 6.5 MEDIUM]

PHP Path Traversal
CVE-2019-25265 MEDIUM CVSS 6.4
group description field of the admin edit groups section. Attackers can inject malicious JavaScript through the description field is affected by cross-site scripting (xss) (CVSS 6.4).

XSS
CVE-2019-25264 MEDIUM CVSS 6.4
Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags to execute arbitrary JavaScript when the accessory is viewed by other users. [CVSS 6.4 MEDIUM]

XSS
CVE-2019-25263 MEDIUM CVSS 6.4
Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. [CVSS 6.4 MEDIUM]

XSS
CVE-2026-25224 LOW CVSS 3.7
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.3, a denial-of-service vulnerability in Fastify’s Web Streams response handling can allow a remote client to exhaust server memory. Applications that return a ReadableStream (or Response with a Web Stream body) via reply.send() are impacted. A slow or non-reading client can trigger unbounded buffering when backpressure is ignored, leading to process crashes or severe degradation. This issue has been patched in...

Node.js Denial Of Service
CVE-2026-24934 LOW CVSS 3.7
The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. [CVSS 3.7 LOW]

Authentication Bypass
CVE-2026-24513 LOW CVSS 3.1
A security issue was discovered in ingress-nginx where the protection afforded by the `auth-url` Ingress annotation may not be effective in the presence of a specific misconfiguration. [CVSS 3.1 LOW]

Nginx
CVE-2026-1814 None
Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword() method.

Information Disclosure
CVE-2026-1788 None
: Out-of-bounds Write vulnerability in Xquic Project Xquic Server xquic on Linux (QUIC protocol implementation, packet processing module modules) allows : Buffer Manipulation.This issue affects Xquic Server: through 1.8.3.

Linux
CVE-2026-1664 None
Summary An Insecure Direct Object Reference has been found to exist in `createHeaderBasedEmailResolver()` function within the Cloudflare Agents SDK.

Github
CVE-2026-1432 None
SQL injection vulnerability in the Buroweb platform version 2505.0.12, specifically in the 'tablon' component. This vulnerability is present in several parameters that do not correctly sanitize user input in the endpoint '/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON'.

SQLi
CVE-2026-1341 None
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control.

Authentication Bypass
CVE-2026-0620 None
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality.

Information Disclosure
CVE-2025-67852 LOW CVSS 3.5
A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. [CVSS 3.5 LOW]

Moodle Information Disclosure Open Redirect
CVE-2025-67484 None
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php.

Mediawiki PHP
CVE-2025-67483 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Page.Preview.Js.

XSS
CVE-2025-67482 None
Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C.

Information Disclosure
CVE-2025-67481 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js.

XSS
CVE-2025-67480 None
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php.

Mediawiki PHP
CVE-2025-67479 None
Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php.

Mediawiki PHP
CVE-2025-67478 None
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php.

PHP
CVE-2025-67477 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js.

XSS
CVE-2025-67476 None
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php.

Mediawiki PHP
CVE-2025-67475 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php.

PHP XSS
CVE-2025-65081 None
An out-of-bounds read vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow RCE Information Disclosure
CVE-2025-65080 None
A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow RCE
CVE-2025-65079 None
A heap-based buffer overflow vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow Heap Overflow
CVE-2025-65078 None
An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code.

Privilege Escalation RCE
CVE-2025-65077 None
A relative path traversal vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Path Traversal
CVE-2025-61658 None
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php.

PHP
CVE-2025-61657 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js.

XSS
CVE-2025-61656 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js.

XSS
CVE-2025-61655 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor.

PHP XSS
CVE-2025-61654 None
Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php.

PHP
CVE-2025-61653 None
Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php.

PHP
CVE-2025-61652 None
Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.

Code Injection
CVE-2025-61651 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js.

XSS
CVE-2025-61650 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php.

PHP XSS
CVE-2025-61649 None
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php.

PHP
CVE-2025-61648 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser.

XSS
CVE-2025-61647 None
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php.

PHP
CVE-2025-61646 LOW CVSS 1.2
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php.

PHP Path Traversal
CVE-2025-61644 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/WatchlistTopSectionWidget.Js.

Mediawiki XSS
CVE-2025-61643 LOW CVSS 2.7
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php.

PHP Information Disclosure
CVE-2025-61642 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php.

PHP XSS
CVE-2025-61641 LOW CVSS 1.7
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php.

PHP Path Traversal
CVE-2025-61640 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js.

Mediawiki XSS
CVE-2025-61639 None
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php.

Mediawiki PHP
CVE-2025-61638 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php.

Mediawiki PHP XSS
CVE-2025-61637 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js, resources/src/mediawiki.Page.Preview.Js.

Mediawiki XSS
CVE-2025-61636 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php.

Mediawiki PHP XSS
CVE-2025-61635 None
Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php.

PHP
CVE-2025-61634 LOW CVSS 3.1
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php.

PHP Path Traversal
CVE-2025-59902 None
HTML injection vulnerability in NICE Chat. This vulnerability allows an attacker to inject and render arbitrary HTML content in email transcripts by modifying the 'firstName' and 'lastName' parameters during a chat session.

XSS
CVE-2025-58381 LOW CVSS 2.3
Fabric Operating System versions up to 9.2.1 contains a vulnerability that allows attackers to an authenticated attacker with admin privileges using the shell commands “sour (CVSS 2.3).

Information Disclosure
CVE-2025-58380 LOW CVSS 2.3
Fabric Operating System versions up to 9.2.1 contains a vulnerability that allows attackers to an authenticated attacker with admin privileges using the shell command “grep” t (CVSS 2.3).

Information Disclosure
CVE-2025-52633 LOW CVSS 3.1
HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. [CVSS 3.1 LOW]

Authentication Bypass
CVE-2025-52631 LOW CVSS 3.7
HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. [CVSS 3.7 LOW]

Information Disclosure
CVE-2025-52629 LOW CVSS 3.7
HCL AION is susceptible to Missing Content-Security-Policy. An The absence of a CSP header may increase the risk of cross-site scripting and other content injection attacks by allowing unsafe scripts or resources to execute..This issue affects AION: 2.0. [CVSS 3.7 LOW]

XSS
CVE-2025-52623 LOW CVSS 3.7
HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability. This can allow autocomplete on password fields may lead to unintended storage or disclosure of sensitive credentials, potentially increasing the risk of unauthorized access. [CVSS 3.7 LOW]

Authentication Bypass
CVE-2025-41065 None
Stored Cross-Site Scripting (XSS) vulnerability type in LUNA software v7.5.5.6. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by inyecting a malicious payload through the 'Edit Batch Name' function.

XSS
CVE-2025-33081 LOW CVSS 3.3
IBM Concert 1.0.0 through 2.1.0 stores potentially sensitive information in log files that could be read by a local user. [CVSS 3.3 LOW]

IBM
CVE-2025-11598 None
data exposed depends on the last application view displayed versions up to 4.71.0 contains a security vulnerability.

Information Disclosure iOS
CVE-2025-11261 None
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js.

XSS
CVE-2025-11173 None
Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php.

PHP
CVE-2020-37087 None
Easy Transfer Wifi Transfer v1.7 for iOS contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts by manipulating the oldPath, newPath, and path parameters in Create Folder and Move/Edit functions.

XSS

Today's Vulnerabilities Vulnerabilities