Django's HTML truncation functions (chars(), words(), and related template filters) are vulnerable to denial-of-service attacks when processing specially crafted inputs with excessive unmatched HTML end tags. Affected versions include Django 6.0 before 6.0.2, 5.2 before 5.2.11, 4.2 before 4.2.28, and potentially unsupported series 5.0.x, 4.1.x, and 3.2.x. Remote attackers can exploit this to cause service disruptions without requiring authentication or user interaction.
chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The application sends an HTTP redirect via header(Location:login.php) when a user is not authenticated but fails to call exit() afterward. [CVSS 7.5 HIGH]
An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. `ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers. [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
Pearweb versions up to 1.33.0 contains a vulnerability that allows attackers to guess verification tokens and potentially verify election account requests witho (CVSS 7.5).
Rustfs versions up to 1.0.0 is affected by insertion of sensitive information into log file (CVSS 7.5).
SQL injection in PEAR's apidoc queue insertion allows unauthenticated remote attackers to manipulate database queries by controlling filename values, enabling unauthorized data modification. PEAR versions before 1.33.0 are affected, and no patch is currently available for affected deployments.
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680. [CVSS 7.5 HIGH]
RustFS is a distributed object storage system built in Rust. [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions. [CVSS 7.5 HIGH]
Fastify versions before 5.7.2 allow attackers to bypass request body validation by injecting a tab character into the Content-Type header, enabling malicious payloads to reach application logic without validation checks. This remote attack requires no authentication and affects Node.js applications using vulnerable Fastify versions. A patch is available in version 5.7.2 and later.
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Directory Indexing.This issue affects SKSPro: through 07012026. [CVSS 7.5 HIGH]
A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. [CVSS 7.5 HIGH]
Claude Code versions prior to 1.0.111 fail to properly validate trusted domains for WebFetch requests, allowing attackers to register lookalike domains (e.g., modelcontextprotocol.io.example.com) that bypass validation checks. This enables unauthorized automated requests to attacker-controlled servers without user interaction, potentially resulting in sensitive data exfiltration from the user's environment. The vulnerability affects Claude Code's agentic coding functionality and requires upgrading to version 1.0.111 or later to remediate.
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. [CVSS 7.3 HIGH]
A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. [CVSS 7.3 HIGH]
Fabric Operating System contains a vulnerability that allows attackers to an authenticated, remote attacker with administrative credentials to execute ar (CVSS 7.2).
Stored XSS in LatePoint WordPress plugin versions up to 5.2.5 allows unauthenticated attackers to inject malicious scripts into customer profile fields that execute when administrators review activity history. The vulnerability stems from inadequate input sanitization and output escaping, potentially enabling credential theft or administrative account compromise. No patch is currently available.
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668. [CVSS 7.2 HIGH]
Fabric Operating System versions up to 9.2.1 is affected by execution with unnecessary privileges (CVSS 7.2).
Unauthenticated attackers can upload malicious SVG files through the Form Maker by 10Web WordPress plugin (versions up to 1.15.35) due to insufficient file type validation, enabling stored cross-site scripting attacks against administrators and site visitors. The plugin's default allowlist includes SVG files and relies on weak substring-based extension checking, allowing JavaScript execution when the uploaded files are viewed. No patch is currently available.
Stored XSS in WordPress Form Maker plugin (versions up to 1.15.35) allows unauthenticated attackers to inject malicious scripts through hidden form field values that execute when administrators view the submissions list. The vulnerability stems from improper output escaping after HTML entity decoding of user-supplied input. Website administrators using this plugin are at risk of account compromise and unauthorized actions performed within their WordPress dashboard.
Reflected XSS in Apache Syncope's Enduser Login page. An attacker that tricks a legitimate user into clicking a malicious link and logging in to Syncope Enduser could steal that user's credentials. [CVSS 6.8 MEDIUM]
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]
The Events Calendar Shortcode & Block plugin through version 3.1.1 contains a stored cross-site scripting vulnerability that allows authenticated users with limited privileges to inject malicious scripts into event pages, affecting all site visitors. An attacker can exploit this by crafting malicious input that persists in the database and executes in users' browsers when they view affected event content. No patch is currently available for this medium-severity vulnerability.
Crocoblock JetElements For Elementor jet-elements is affected by cross-site scripting (xss) (CVSS 6.5).
Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting is affected by cross-site scripting (xss) (CVSS 6.5).
Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the private data exports can lead to data leaks in case the UUID generation, causing collisions for the generated UUIDs. [CVSS 6.5 MEDIUM]
A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. [CVSS 6.5 MEDIUM]
Unauthorized information disclosure in WordPress Strong Testimonials plugin version 3.2.20 and earlier stems from improper access control validation, allowing authenticated users to access sensitive data they should not have permission to view. An attacker with low-privilege WordPress account credentials can exploit this vulnerability to read confidential information without requiring user interaction. Currently, no patch is available for this vulnerability.
Claude Code versions prior to 2.0.74 allow authenticated users to write files outside designated directories by exploiting inadequate Bash command validation in ZSH clobber syntax parsing. An attacker with the ability to inject malicious content into a Claude Code context window on a ZSH-based system can bypass file restrictions and achieve unauthorized file writes without triggering user permission prompts. This vulnerability requires user interaction and ZSH environment configuration, making it suitable for supply chain or prompt injection attacks against Claude Code users.
Ingress-nginx's validating admission controller is vulnerable to denial of service through memory exhaustion when processing oversized requests, enabling authenticated attackers to crash the controller pod or exhaust node memory. The vulnerability requires valid credentials but no user interaction, affecting deployments relying on this validation feature. No patch is currently available.
JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do interface for attack. [CVSS 6.5 MEDIUM]
The Passster WordPress plugin through version 4.2.25 contains an authorization bypass that allows authenticated users to access content protection mechanisms without proper permission validation. An attacker with low-privilege WordPress credentials can circumvent access controls to view protected content that should be restricted. No patch is currently available for this vulnerability.
Brecht Visual Link Preview versions 2.2.9 and earlier contain an authorization bypass vulnerability that allows authenticated users to access sensitive information they should not have permission to view. An attacker with valid credentials can exploit misconfigured access controls to read confidential data, though they cannot modify or delete information. No patch is currently available for this vulnerability.
Tenda AC7 firmware through V03.03.03.01_cn lacks CSRF protections on administrative web functions, enabling attackers to trick authenticated administrators into executing unauthorized configuration changes. An unauthenticated attacker can craft malicious requests that, when visited by an admin, modify router settings without their knowledge or consent. No patch is currently available.
Stored cross-site scripting in WordPress Menu Icons by ThemeIsle plugin (versions up to 0.13.20) allows authenticated users with Author-level permissions or higher to inject malicious scripts through the attachment image alt meta field due to improper input sanitization. The injected scripts execute in the browsers of visitors accessing the affected pages, enabling session hijacking, credential theft, or malware distribution.
Authenticated contributors and above can inject malicious scripts into WordPress pages through the Happy Addons for Elementor plugin (versions up to 3.20.7) via improper sanitization of the '_elementor_data' meta field, resulting in stored XSS that executes for all users viewing affected pages. An attacker with contributor-level permissions can leverage this to steal credentials, perform actions on behalf of administrators, or deface website content. No patch is currently available.
Stored cross-site scripting in Foxit PDF Editor Cloud's Create New Layer feature allows authenticated attackers to execute arbitrary JavaScript by injecting malicious code that persists when layers are accessed by other users. The vulnerability affects pdfonline.foxit.com versions prior to 2026-02-03 and requires user interaction to trigger. No patch is currently available.
Foxit PDF Editor Cloud contains a stored XSS vulnerability in its file upload functionality where malicious usernames are not properly sanitized before being displayed in the upload file list, enabling authenticated attackers to execute arbitrary JavaScript in other users' browsers. The vulnerability affects pdfonline.foxit.com versions prior to 2026-02-03 and currently has no available patch. An attacker with valid credentials could craft a malicious username to compromise account security or steal sensitive document data from other users viewing the file list.
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.2).
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.2).
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.2).
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.2).
Path traversal in Bolo Solo up to version 2.6.4 allows authenticated attackers to manipulate file path arguments in the backup import function, potentially accessing or modifying arbitrary files on the affected system. Public exploit code exists for this vulnerability, and the maintainers have not yet released a patch despite early notification. The attack requires valid credentials but can be executed remotely over the network.
Path traversal in Bolo Solo up to version 2.6.4 allows authenticated attackers to manipulate ZIP file extraction operations in the BackupService component, potentially reading or writing arbitrary files on the affected system. Public exploit code is available for this vulnerability, and the vendor has not yet provided a patch despite early notification.