Skip to main content
CVE-2026-23064 MEDIUM PATCH This Month

A null pointer dereference in the Linux kernel's net/sched act_ife module allows local users with low privileges to cause a denial of service through a kernel crash when the ife_encode() function fails to validate return values. The vulnerability affects the traffic control scheduling subsystem and requires local access to trigger.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23061 MEDIUM PATCH This Month

The Linux kernel's Kvaser USB CAN driver fails to properly release USB request block (URB) memory in its completion callback, allowing a local attacker with user privileges to cause a denial of service through memory exhaustion. The vulnerability occurs because URBs are unanchored by the USB framework before the completion function executes, preventing proper cleanup during device removal. No patch is currently available for this medium-severity issue.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23060 MEDIUM PATCH This Month

The Linux kernel's authencesn crypto module fails to validate minimum AAD (Associated Authenticated Data) length, allowing local attackers with unprivileged access to trigger a NULL pointer dereference and kernel panic by submitting specially crafted authentication requests with oversized AAD parameters. This denial-of-service vulnerability affects systems running vulnerable Linux kernel versions and requires local access to exploit. No patch is currently available.

Linux Null Pointer Dereference Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23109 MEDIUM PATCH This Month

A denial of service vulnerability in the Linux kernel's writeback mechanism allows local users with standard privileges to cause indefinite hangs in wait_sb_inodes() when interacting with faulty FUSE servers that fail to respond to write requests. The vulnerability stems from improper handling of mappings without data integrity semantics, which should be skipped during synchronization operations but are instead waited upon indefinitely. An attacker controlling a malfunctioning FUSE server can exploit this to freeze system operations that depend on filesystem synchronization.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23104 MEDIUM PATCH This Month

A use-after-free vulnerability in the Linux kernel's ice driver causes a denial of service when devlink reload is followed by driver removal, as freed HWMON sensor memory is accessed by sysfs attribute handlers. Local users with sufficient privileges can trigger recurring kernel page faults approximately every 10 minutes when system monitoring tools attempt to read the orphaned hwmon attributes. This affects Linux systems with ice network drivers and causes system instability through repeated call traces.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23086 MEDIUM PATCH This Month

Local denial of service in Linux kernel vsock virtio transport allows a local attacker with unprivileged user privileges to exhaust host memory by advertising a large peer buffer size and reading data slowly, forcing the kernel to queue excessive sk_buff allocations. The vulnerability affects both guest-to-host and host-to-guest communication paths due to shared code between virtio transports. No patch is currently available.

Linux Ubuntu Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23082 MEDIUM PATCH This Month

The Linux kernel's CAN gs_usb driver contains a denial of service vulnerability where failure to submit a USB request results in an anchored URB that is never released, causing the device close function to hang indefinitely. A local attacker with USB device access can trigger this condition by causing usb_submit_urb() to fail, blocking system operations. No patch is currently available for this medium-severity flaw.

Linux Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23081 MEDIUM PATCH This Month

The Intel XWay PHY driver in the Linux kernel fails to properly release device tree node references, causing memory leaks that can degrade system stability over time. Local users with sufficient privileges can trigger this refcount leakage through repeated device tree operations, potentially leading to denial of service conditions as memory resources become exhausted.

Linux Information Disclosure Intel Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23079 MEDIUM PATCH This Month

Memory resource leaks in the Linux kernel's GPIO character device interface allow local users with basic privileges to exhaust system memory through repeated errors in the lineinfo_changed_notify() function. An attacker can trigger this condition without user interaction, potentially causing denial of service through memory exhaustion. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23070 MEDIUM PATCH This Month

The Linux kernel's OcteonTX2 firmware driver fails to validate firmware data structures before access, causing kernel panics on systems without a MAC block. A local privileged attacker can trigger a denial of service by accessing the uninitialized firmware data region. No patch is currently available for this medium-severity vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23069 MEDIUM PATCH This Month

An integer underflow in the Linux kernel's vsock/virtio credit calculation allows a local attacker with unprivileged access to cause a denial of service by exhausting system resources when the peer shrinks its advertised buffer while data is in flight. The vulnerability enables more data to be queued than the peer can handle, potentially leading to system instability. No patch is currently available for this medium-severity issue.

Linux Integer Overflow Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23067 MEDIUM PATCH This Month

The Linux kernel's ARM IOMMU page table unmapping function returns a signedness-corrupted value when encountering unmapped memory, causing IOVA address overflow that triggers a kernel panic. Local attackers with sufficient privileges can exploit this to cause a denial of service by attempting to unmap invalid IOMMU pages. A patch is not yet available for this medium-severity vulnerability.

Linux Buffer Overflow Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23100 MEDIUM PATCH This Month

The Linux kernel's hugetlb_pmd_shared() function fails to properly detect PMD table sharing, resulting in a denial of service condition affecting systems with local user access. An attacker with local privileges can exploit this to cause system instability or performance degradation through resource exhaustion. No patch is currently available.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23094 MEDIUM PATCH This Month

The Linux kernel uacce driver improperly validates callback function implementations before creating isolation policy sysfs files, allowing local users with sufficient privileges to trigger a system crash by accessing unimplemented callback functions. This denial of service vulnerability affects systems where device isolation is configured but callback functions are incompletely implemented. No patch is currently available.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23088 MEDIUM PATCH This Month

Linux kernel null pointer dereference in the tracing subsystem causes a denial of service when synthetic events reference stacktrace fields from other synthetic events. Local users with tracing permissions can trigger a kernel crash by creating chained synthetic events that pass stacktrace data between them. No patch is currently available for this vulnerability.

Linux Debian Denial Of Service Null Pointer Dereference Linux Kernel +2
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23062 MEDIUM PATCH This Month

The hp-bioscfg driver in the Linux kernel contains a null pointer dereference vulnerability triggered by an off-by-one error and missing NULL checks in the GET_INSTANCE_ID macro when accessing BIOS configuration sysfs attributes. Local users with unprivileged access can trigger a kernel panic by reading certain attribute files, causing denial of service during BIOS configuration operations. No patch is currently available for this vulnerability.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23072 MEDIUM PATCH This Month

A memory leak in the Linux kernel's l2tp_udp_encap_recv() function fails to properly release l2tp_session and l2tp_tunnel structures when protocol version validation fails, allowing a local attacker to exhaust kernel memory and trigger a denial of service. The vulnerability affects all Linux systems running the vulnerable kernel versions, and exploitation requires local access with unprivileged user privileges. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23065 MEDIUM PATCH This Month

A memory leak in the Linux kernel's AMD platform driver allows local authenticated users to exhaust system memory through repeated failures in the WBRF (Wifi Band RFI Mitigation) record function, potentially leading to denial of service. The vulnerability exists in the wbrf_record() function where a temporary buffer allocated via kcalloc() is not properly freed when the acpi_evaluate_dsm() call fails. An attacker with local access and sufficient privileges could trigger this condition multiple times to consume available memory and degrade system performance.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25122 MEDIUM PATCH This Month

Resource exhaustion in Apko versions 0.14.8 through 1.0.x allows local attackers to cause denial of service by supplying a malicious APK archive with excessive gzip-compressed data that forces unbounded decompression work. The expandapk.Split function fails to impose limits on gzip inflation, enabling attackers to exhaust CPU resources and trigger process timeouts when parsing attacker-controlled APK streams. This issue is resolved in version 1.1.0.

Denial Of Service Apko Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20986 MEDIUM This Month

Samsung Members versions prior to 15.5.05.4 contain a path traversal vulnerability that enables local attackers to overwrite arbitrary data within the application. This vulnerability requires local access and valid user credentials but does not provide read access to sensitive information. No patch is currently available to address this issue.

Samsung Path Traversal Members
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20977 MEDIUM This Month

Android versions up to 14.0 contains a vulnerability that allows attackers to interrupt its functioning (CVSS 5.5).

Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25145 MEDIUM PATCH This Month

Melange versions 0.14.0 through 0.40.2 allow local attackers with configuration file control to read arbitrary files from the host system through path traversal in license file path validation, potentially exfiltrating sensitive data embedded in generated SBOMs. This vulnerability affects build pipeline scenarios where configuration is user-controlled, such as pull request-driven CI or build-as-a-service environments. A patch is available in version 0.40.3.

Golang Path Traversal Melange Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25054 MEDIUM PATCH This Month

Stored cross-site scripting in n8n's markdown rendering component allows authenticated users to inject malicious scripts into workflows and sticky notes that execute with session privileges when viewed by other users. An attacker with workflow modification permissions can exploit this to hijack sessions and compromise accounts of users who interact with affected workflows. Versions 1.123.9 and 2.2.1 contain fixes for this vulnerability.

XSS AI / ML N8n
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-25051 MEDIUM PATCH This Month

Improper Content Security Policy enforcement in n8n workflow automation allows authenticated users to inject persistent XSS payloads into webhook responses that execute with same-origin privileges when other users access the affected workflows. An attacker with workflow creation/modification permissions could exploit this to hijack sessions and compromise user accounts. The vulnerability affects n8n versions prior to 1.123.2.

XSS AI / ML N8n
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-22875 MEDIUM This Month

Stored XSS in Movable Type's Export Sites feature allows authenticated attackers to inject malicious scripts that execute in the browsers of logged-in users. The vulnerability affects Movable Type 7 and 8.4 series (both EOL) and requires an attacker to first store the crafted payload through the application. No patch is currently available for this medium-severity flaw.

XSS
NVD
CVSS 3.0
5.4
EPSS
0.0%
CVE-2026-21393 MEDIUM This Month

Stored XSS in Movable Type's Edit Comment feature allows authenticated attackers to inject malicious scripts that execute in logged-in users' browsers, affecting both current and end-of-life versions including the 7 and 8.4 series. An attacker with login credentials can craft and store malicious input that triggers arbitrary script execution when other users view or interact with comments. No patch is currently available for this medium-severity vulnerability.

XSS
NVD
CVSS 3.0
5.4
EPSS
0.0%
CVE-2025-14461 MEDIUM This Month

The Xendit Payment plugin for WordPress is vulnerable to unauthorized order status manipulation in all versions up to, and including, 6.0.2. This is due to the plugin exposing a publicly accessible WooCommerce API callback endpoint (`wc_xendit_callback`) that processes payment callbacks without any authentication or cryptographic verification that the requests originate from Xendit's payment gateway. This makes it possible for unauthenticated attackers to mark any WooCommerce order as paid by...

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-15482 MEDIUM This Month

Chapa Payment Gateway Plugin for WooCommerce (WordPress plugin) versions up to 1.0.3 is affected by information exposure (CVSS 5.3).

WordPress Information Disclosure PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-39724 MEDIUM This Month

IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 (on CP4D 4.8), 7.7 (on CP4D 5.0), and 7.8 (on CP4D 5.1) do not properly limit the allocation of system resources. An authenticated user with internal knowledge of the environment could exploit this weakness to cause a denial of service. [CVSS 5.3 MEDIUM]

IBM Denial Of Service
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-0944 MEDIUM PATCH This Month

Group Invite versions up to 2.3.9 is affected by improper check for unusual or exceptional conditions (CVSS 5.3).

Drupal Group Invite
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-38010 MEDIUM This Month

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system. [CVSS 5.3 MEDIUM]

IBM Cloud Pak System Os Image For Red Hat Linux Systems
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-38281 MEDIUM This Month

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. [CVSS 5.3 MEDIUM]

IBM Os Image For Red Hat Linux Systems Cloud Pak System
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-38017 MEDIUM This Month

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. [CVSS 5.3 MEDIUM]

IBM XSS Cloud Pak System Os Image For Red Hat Linux Systems
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-15507 MEDIUM This Month

The Magic Import Document Extractor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_sync_usage() function in all versions up to, and including, 1.0.4. [CVSS 5.3 MEDIUM]

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-0679 MEDIUM This Month

Unauthenticated attackers can manipulate WooCommerce order statuses through an authorization bypass in the Fortis for WooCommerce plugin (versions up to 1.2.0), allowing them to fraudulently mark orders as paid without receiving payment. The vulnerability stems from an inverted nonce validation check in the payment notification handler that fails to properly authenticate requests. This affects all WordPress sites running the vulnerable plugin and has no available patch.

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-25523 MEDIUM PATCH This Month

Magento-lts versions prior to 20.16.1 expose the admin panel URL through improper handling of the X-Original-Url header in certain server configurations, allowing unauthenticated attackers to discover the administrative interface location without prior knowledge. This information disclosure weakness could facilitate follow-up attacks targeting the admin panel. The vulnerability affects Magento Community Edition long-term support installations and has been patched in version 20.16.1.

Magento
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-15508 MEDIUM This Month

Magic Import Document Extractor (WordPress plugin) versions up to 1.0.4 is affected by information exposure (CVSS 5.3).

WordPress Information Disclosure PHP
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1892 MEDIUM PATCH This Month

Improper authorization in WeKan's REST API setBoardOrgs function (versions up to 8.20) allows authenticated attackers to manipulate cardId, checklistId, and boardId parameters to gain unauthorized access to sensitive board information. The vulnerability requires local network access and high attack complexity, limiting its practical exploitation. A patch is available in version 8.21 and should be applied to all affected deployments.

Information Disclosure Wekan
NVD GitHub VulDB
CVSS 3.1
5.0
EPSS
0.1%
CVE-2026-22549 MEDIUM This Month

F5 BIG-IP Container Ingress Services contains an improper privilege management flaw that allows high-privileged users to read sensitive cluster secrets beyond their intended authorization scope. An authenticated attacker with elevated permissions could exploit this vulnerability to gain unauthorized access to confidential Kubernetes cluster data. No patch is currently available for this medium-severity issue.

Privilege Escalation Big Ip Container Ingress Services
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-15487 MEDIUM This Month

The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. [CVSS 4.9 MEDIUM]

WordPress Path Traversal PHP
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2026-1370 MEDIUM This Month

SQL injection in the SIBS WooCommerce payment gateway plugin for WordPress (versions up to 2.2.0) allows authenticated administrators to extract sensitive database information through the unescaped 'referencedId' parameter. An attacker with administrator-level access can inject arbitrary SQL queries due to insufficient input sanitization and query preparation. No patch is currently available for this vulnerability.

WordPress SQLi
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-0816 MEDIUM This Month

The All push notification for WP plugin through version 1.5.3 contains a time-based SQL injection flaw in the 'delete_id' parameter that allows authenticated administrators to execute arbitrary SQL queries and extract sensitive database information. The vulnerability stems from insufficient input escaping and improper query preparation, requiring high-privilege access to exploit. No patch is currently available.

WordPress SQLi
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-1553 MEDIUM PATCH This Month

Improper authorization controls in Drupal Canvas versions before 1.0.4 enable attackers to bypass access restrictions and enumerate or access restricted resources through direct browsing. The vulnerability requires specific conditions to exploit (high attack complexity) but affects all unauthenticated users with network access. Currently, no patch is publicly available and exploitation activity has not been confirmed.

Drupal Drupal Canvas
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-20111 MEDIUM This Month

Stored XSS in Cisco Prime Infrastructure's web management interface allows authenticated administrators to inject malicious scripts that execute in other users' browsers, potentially leading to session hijacking or sensitive data theft. The vulnerability stems from insufficient input validation on specific data fields and requires valid admin credentials to exploit. No patch is currently available.

Cisco XSS Prime Infrastructure Authentication Bypass
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-0947 MEDIUM PATCH This Month

At Internet Piano Analytics versions up to 1.0.1 is affected by cross-site scripting (xss) (CVSS 4.8).

Drupal Industrial XSS At Internet Piano Analytics
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-23110 MEDIUM PATCH This Month

A race condition in the Linux kernel's SCSI error handling mechanism can prevent the error handler from being properly awakened when concurrent command completions occur, causing I/O operations to hang indefinitely. A local attacker with low privileges can trigger this condition through timing-sensitive operations to cause a denial of service. No patch is currently available for this vulnerability.

Linux Race Condition Information Disclosure
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-23071 MEDIUM PATCH This Month

The Linux kernel's regmap hwspinlock implementation contains a race condition where concurrent threads accessing a shared spinlock flags variable can corrupt IRQ state, potentially leading to denial of service through system hangs or crashes. A local attacker with sufficient privileges can exploit this condition to cause the kernel to become unresponsive. The vulnerability affects Linux systems and currently has no available patch.

Linux Race Condition Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-0743 MEDIUM This Month

Stored XSS in WordPress WP Content Permission plugin through the 'ohmem-message' parameter allows authenticated administrators to inject malicious scripts that execute for all users viewing affected pages. The vulnerability exists in versions up to 1.2 due to inadequate input sanitization and output escaping. Exploitation requires administrator-level privileges and no patch is currently available.

WordPress XSS
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-0681 MEDIUM This Month

Extended Random Number Generator (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 4.4).

WordPress XSS
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-23624 MEDIUM This Month

GLPI versions 0.71 through 10.0.22 and 11.0.4 are vulnerable to session hijacking when SSO-based remote authentication is enabled, allowing a local attacker to impersonate another user by stealing an active session on the same machine. An authenticated attacker with local access can exploit this by leveraging SSO variables to gain unauthorized access to victim sessions without requiring elevated privileges. No patch is currently available for this vulnerability.

Information Disclosure Glpi
NVD GitHub
CVSS 3.1
4.3
EPSS
0.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy