Skip to main content
CVE-2026-24447 MEDIUM This Month

Malformed data processed by the affected product can be embedded in exported CSV files, which execute arbitrary code when opened by users due to improper input validation. Movable Type 7 and 8.4 series (both EOL) along with current versions are vulnerable to this code injection attack through user-initiated file downloads. An authenticated attacker can craft malicious input to compromise any user who downloads and opens the resulting CSV file.

Code Injection
NVD
CVSS 3.0
6.5
EPSS
0.0%
CVE-2026-23704 MEDIUM This Month

Movable Type allows non-administrative users to upload arbitrary files that execute malicious scripts in an administrator's browser when accessed, enabling cross-site scripting attacks with medium impact on confidentiality, integrity, and availability. This vulnerability affects both current and end-of-life versions (7.x and 8.4 series) with no patch currently available. An attacker with basic user privileges can compromise administrator sessions through stored script execution.

File Upload
NVD
CVSS 3.0
6.5
EPSS
0.0%
CVE-2026-0742 MEDIUM This Month

Stored cross-site scripting in the Smart Appointment & Booking WordPress plugin through version 1.0.7 allows authenticated subscribers and higher-privileged users to inject malicious scripts into pages via the saab_save_form_data AJAX action due to inadequate input sanitization. Attackers can exploit this vulnerability to execute arbitrary JavaScript that persists and runs for any user viewing the compromised pages. No patch is currently available for this medium-severity flaw.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1895 MEDIUM PATCH This Month

Wekan versions up to 8.20. contains a vulnerability that allows attackers to improper access controls (CVSS 6.3).

Information Disclosure Wekan
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-43181 MEDIUM This Month

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. [CVSS 6.3 MEDIUM]

IBM Concert
NVD
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-25532 MEDIUM PATCH This Month

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. [CVSS 6.3 MEDIUM]

IoT Integer Overflow Esp Idf
NVD GitHub
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-25508 MEDIUM PATCH This Month

Out-of-bounds read in ESP-IDF versions 5.1.6 through 5.5.2 allows remote attackers to trigger memory corruption via malformed BLE prepare-write requests during device provisioning mode. An unauthenticated BLE client can exploit improper length tracking in the protocomm_ble transport to cause the provisioning handler to read beyond allocated buffer boundaries. This results in potential information disclosure and denial of service for affected IoT devices.

IoT Memory Corruption Esp Idf
NVD GitHub
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-25507 MEDIUM PATCH This Month

Espressif IoT Development Framework versions 5.1.6-5.5.2 contain a use-after-free vulnerability in the BLE provisioning layer that allows remote attackers to trigger memory corruption when provisioning is stopped with keep_ble_on enabled. A connected BLE client can exploit freed GATT metadata through read/write callbacks to cause denial of service or potential code execution. Patches are available for all affected versions.

IoT Use After Free Esp Idf
NVD GitHub
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-1894 MEDIUM PATCH This Month

Improper authorization in WeKan's REST API (versions up to 8.20) allows authenticated users to manipulate checklist item parameters and gain unauthorized access to resources across different boards and checklists. An attacker with valid credentials can exploit this vulnerability to read or modify data they should not have access to. The vulnerability has been patched in version 8.21 and users should upgrade immediately.

Information Disclosure Wekan
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-25543 MEDIUM PATCH This Month

Htmlsanitizer versions up to 9.0.892 is affected by improper encoding or escaping of output (CVSS 6.1).

.NET XSS Htmlsanitizer
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-0946 MEDIUM PATCH This Month

Cross-site scripting in the AT Internet SmartTag Drupal module versions before 1.0.1 enables attackers to inject malicious scripts through improper input validation on web pages. An attacker can exploit this vulnerability remotely without authentication to steal session cookies, perform actions on behalf of users, or deface content, though user interaction is required for successful exploitation. No patch is currently available for affected Drupal installations.

Drupal XSS At Internet Smarttag
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-20123 MEDIUM This Month

Open redirect in Cisco Prime Infrastructure and Evolved Programmable Network Manager allows unauthenticated remote attackers to redirect users to malicious websites through insufficient input validation in the web management interface. An attacker can intercept and modify HTTP requests to craft malicious URLs that deceive users into visiting attacker-controlled pages. No patch is currently available for this vulnerability.

Cisco Prime Infrastructure Evolved Programmable Network Manager Open Redirect
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-1813 LOW POC Monitor

Unrestricted file upload in Bolo Solo up to version 2.6.4 allows authenticated remote attackers to upload arbitrary files via the FreeMarker Template Handler component. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification. An attacker with valid credentials can achieve limited confidentiality, integrity, and availability impacts.

Java Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-70545 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X router running firmware v1.1.9_206L. [CVSS 6.1 MEDIUM]

XSS Ppc 2k05x Firmware
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-20978 MEDIUM This Month

Android versions up to 13.0 contains a vulnerability that allows attackers to bypass the persistence configuration of the application (CVSS 6.1).

Authentication Bypass Android
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-1884 LOW POC Monitor

ZenTao versions up to 21.7.6-85642 contain a server-side request forgery vulnerability in the Webhook Module's fetchHook function that allows remote attackers to initiate requests from the affected server. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

PHP SSRF
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-20982 MEDIUM This Month

Android ShortcutService path traversal vulnerability prior to the February 2026 SMR Release 1 enables privileged local attackers to create files with system-level privileges. The vulnerability requires high-level authentication and does not affect confidentiality significantly, but could allow attackers to modify system files or degrade availability. No patch is currently available.

Path Traversal Android
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2026-22548 MEDIUM This Month

BIG-IP Advanced WAF and ASM experience denial of service when processing specific requests under certain conditions, causing the bd process to terminate and disrupting security policy enforcement. An unauthenticated remote attacker can trigger this crash without user interaction, though exploitation requires specific timing and environmental factors. No patch is currently available for affected versions.

Race Condition Big Ip Application Security Manager Big Ip Advanced Web Application Firewall
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-25518 MEDIUM PATCH This Month

Denial-of-service in cert-manager versions 1.18.0-1.18.4 and 1.19.0-1.19.2 allows network-adjacent attackers to crash the controller by poisoning DNS cache entries during ACME DNS-01 validation through unencrypted DNS traffic interception. An attacker positioned to intercept DNS queries from the cert-manager pod can inject malicious DNS responses that trigger a panic in the controller, disrupting certificate management operations in affected Kubernetes clusters. A patch is available for immediate deployment.

Kubernetes DNS Cert Manager Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-1642 MEDIUM PATCH This Month

NGINX proxy configurations forwarding traffic to upstream TLS servers can be exploited by network-positioned attackers to inject unencrypted data into proxied responses, potentially compromising data integrity. This vulnerability affects NGINX OSS, NGINX Plus, and related products when specific upstream server conditions are present. No patch is currently available for this medium-severity issue.

Nginx Nginx Ingress Controller Nginx Open Source Nginx Instance Manager Nginx Gateway Fabric +3
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-23093 MEDIUM PATCH This Month

CVE-2026-23093 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-23063 MEDIUM PATCH This Month

Linux kernel UACCE subsystem is vulnerable to a null pointer dereference that causes a denial of service when queue release and device removal operations execute concurrently during system shutdown. A local attacker with standard user privileges can trigger this condition by forcing accelerator queue cleanup while the device is being removed, crashing the kernel. No patch is currently available.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23108 MEDIUM PATCH This Month

The Linux kernel USB CAN driver (usb_8dev) fails to properly manage URB memory when USB transfers complete, allowing a local attacker with user privileges to trigger a memory leak and cause a denial of service through resource exhaustion. The vulnerability occurs because completed URBs are unanchored by the USB framework before the callback function executes, preventing proper cleanup during driver shutdown. No patch is currently available for this issue.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23103 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrs_lock be per port Make the addrs_lock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23097 MEDIUM PATCH This Month

A deadlock vulnerability in the Linux kernel's hugetlb file folio migration code allows a local privileged user to cause a denial of service by triggering conflicting lock acquisitions between folio locks and memory mapping semaphores. The vulnerability occurs when migrate_pages() and hugetlbfs_fallocate() operations compete for locks in opposite orders, freezing affected processes. No patch is currently available for this medium-severity issue.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23096 MEDIUM PATCH This Month

The Linux kernel's uacce subsystem can hang during device cleanup when cdev_device_add fails, as subsequent calls to cdev_device_del attempt to release already-freed memory. Local users with sufficient privileges can trigger a denial of service by causing the device initialization to fail, resulting in a system hang. A patch is not currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23095 MEDIUM PATCH This Month

A memory leak in the Linux kernel's GUE (Generic UDP Encapsulation) implementation occurs when processing packets with inner IP protocol 0, allowing a local attacker to cause a denial of service by exhausting kernel memory. The vulnerability exists because gue_udp_recv() fails to properly handle protocol 0 during packet resubmission, resulting in unreferenced skb objects that are never freed. No patch is currently available for this medium-severity issue affecting the Linux kernel.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23091 MEDIUM PATCH This Month

The Linux kernel's Intel Trace Hub driver fails to properly release device references during output device operations, leading to resource exhaustion on systems with local access. A local authenticated user can trigger this memory leak through repeated open/close cycles or error conditions, potentially causing denial of service. No patch is currently available for this vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23090 MEDIUM PATCH This Month

The Linux kernel's Slimbus core driver fails to properly release device references when processing report-present messages, leading to a memory leak that can exhaust system resources. A local attacker with user privileges can trigger this leak by causing repeated Slimbus device registration events, potentially causing a denial of service through memory exhaustion. No patch is currently available for this vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23087 MEDIUM PATCH This Month

The Linux kernel's Xen SCSI backend driver fails to properly deallocate memory for vscsiblk_info structures during device removal and error handling, allowing local users with appropriate privileges to trigger denial of service through memory exhaustion. The vulnerability exists because scsiback_remove() does not free memory allocated in scsiback_probe(), resulting in persistent memory leaks when removing the device or during probe failures. No patch is currently available for this issue.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23085 MEDIUM PATCH This Month

The GICv3 interrupt controller driver in the Linux kernel on 32-bit systems with CONFIG_ARM_LPAE can truncate physical memory addresses above the 4GB limit when storing them in 32-bit variables, potentially causing system crashes or memory corruption. A local attacker with kernel-level privileges could trigger this condition through memory allocation patterns that force addresses into higher physical memory ranges. This vulnerability affects Linux systems using ARM Large Physical Address Extension with 32-bit address space configurations.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23084 MEDIUM PATCH This Month

A null pointer dereference vulnerability in the Linux kernel's be2net driver allows local users with low privileges to cause a denial of service by triggering a crash through improper parameter handling in the be_cmd_get_mac_from_list() function. The vulnerability occurs when the driver passes both a false pmac_id_valid flag and a NULL pointer to this function, causing the kernel to dereference the invalid pointer. No patch is currently available for this issue.

Linux Null Pointer Dereference Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23080 MEDIUM PATCH This Month

Memory leak in Linux kernel CAN USB driver (mcba_usb) allows local attackers with user privileges to exhaust system memory by triggering improper URB cleanup in the USB bulk read callback function. The vulnerability occurs because USB framework unanchors URBs before the completion callback executes, preventing proper deallocation when the device is closed. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23075 MEDIUM PATCH This Month

The Linux kernel esd_usb driver leaks memory in its USB bulk transfer callback function because unanchored URBs are not properly freed during device closure, allowing a local attacker with device access to exhaust kernel memory and cause a denial of service. The vulnerability affects systems using esd_usb CAN interface devices and can be triggered repeatedly through device open/close cycles.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23064 MEDIUM PATCH This Month

A null pointer dereference in the Linux kernel's net/sched act_ife module allows local users with low privileges to cause a denial of service through a kernel crash when the ife_encode() function fails to validate return values. The vulnerability affects the traffic control scheduling subsystem and requires local access to trigger.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23061 MEDIUM PATCH This Month

The Linux kernel's Kvaser USB CAN driver fails to properly release USB request block (URB) memory in its completion callback, allowing a local attacker with user privileges to cause a denial of service through memory exhaustion. The vulnerability occurs because URBs are unanchored by the USB framework before the completion function executes, preventing proper cleanup during device removal. No patch is currently available for this medium-severity issue.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23060 MEDIUM PATCH This Month

The Linux kernel's authencesn crypto module fails to validate minimum AAD (Associated Authenticated Data) length, allowing local attackers with unprivileged access to trigger a NULL pointer dereference and kernel panic by submitting specially crafted authentication requests with oversized AAD parameters. This denial-of-service vulnerability affects systems running vulnerable Linux kernel versions and requires local access to exploit. No patch is currently available.

Linux Null Pointer Dereference Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23109 MEDIUM PATCH This Month

A denial of service vulnerability in the Linux kernel's writeback mechanism allows local users with standard privileges to cause indefinite hangs in wait_sb_inodes() when interacting with faulty FUSE servers that fail to respond to write requests. The vulnerability stems from improper handling of mappings without data integrity semantics, which should be skipped during synchronization operations but are instead waited upon indefinitely. An attacker controlling a malfunctioning FUSE server can exploit this to freeze system operations that depend on filesystem synchronization.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23104 MEDIUM PATCH This Month

A use-after-free vulnerability in the Linux kernel's ice driver causes a denial of service when devlink reload is followed by driver removal, as freed HWMON sensor memory is accessed by sysfs attribute handlers. Local users with sufficient privileges can trigger recurring kernel page faults approximately every 10 minutes when system monitoring tools attempt to read the orphaned hwmon attributes. This affects Linux systems with ice network drivers and causes system instability through repeated call traces.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23086 MEDIUM PATCH This Month

Local denial of service in Linux kernel vsock virtio transport allows a local attacker with unprivileged user privileges to exhaust host memory by advertising a large peer buffer size and reading data slowly, forcing the kernel to queue excessive sk_buff allocations. The vulnerability affects both guest-to-host and host-to-guest communication paths due to shared code between virtio transports. No patch is currently available.

Linux Ubuntu Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23082 MEDIUM PATCH This Month

The Linux kernel's CAN gs_usb driver contains a denial of service vulnerability where failure to submit a USB request results in an anchored URB that is never released, causing the device close function to hang indefinitely. A local attacker with USB device access can trigger this condition by causing usb_submit_urb() to fail, blocking system operations. No patch is currently available for this medium-severity flaw.

Linux Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23081 MEDIUM PATCH This Month

The Intel XWay PHY driver in the Linux kernel fails to properly release device tree node references, causing memory leaks that can degrade system stability over time. Local users with sufficient privileges can trigger this refcount leakage through repeated device tree operations, potentially leading to denial of service conditions as memory resources become exhausted.

Linux Information Disclosure Intel Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23079 MEDIUM PATCH This Month

Memory resource leaks in the Linux kernel's GPIO character device interface allow local users with basic privileges to exhaust system memory through repeated errors in the lineinfo_changed_notify() function. An attacker can trigger this condition without user interaction, potentially causing denial of service through memory exhaustion. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23070 MEDIUM PATCH This Month

The Linux kernel's OcteonTX2 firmware driver fails to validate firmware data structures before access, causing kernel panics on systems without a MAC block. A local privileged attacker can trigger a denial of service by accessing the uninitialized firmware data region. No patch is currently available for this medium-severity vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23069 MEDIUM PATCH This Month

An integer underflow in the Linux kernel's vsock/virtio credit calculation allows a local attacker with unprivileged access to cause a denial of service by exhausting system resources when the peer shrinks its advertised buffer while data is in flight. The vulnerability enables more data to be queued than the peer can handle, potentially leading to system instability. No patch is currently available for this medium-severity issue.

Linux Integer Overflow Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23067 MEDIUM PATCH This Month

The Linux kernel's ARM IOMMU page table unmapping function returns a signedness-corrupted value when encountering unmapped memory, causing IOVA address overflow that triggers a kernel panic. Local attackers with sufficient privileges can exploit this to cause a denial of service by attempting to unmap invalid IOMMU pages. A patch is not yet available for this medium-severity vulnerability.

Linux Buffer Overflow Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23100 MEDIUM PATCH This Month

The Linux kernel's hugetlb_pmd_shared() function fails to properly detect PMD table sharing, resulting in a denial of service condition affecting systems with local user access. An attacker with local privileges can exploit this to cause system instability or performance degradation through resource exhaustion. No patch is currently available.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23094 MEDIUM PATCH This Month

The Linux kernel uacce driver improperly validates callback function implementations before creating isolation policy sysfs files, allowing local users with sufficient privileges to trigger a system crash by accessing unimplemented callback functions. This denial of service vulnerability affects systems where device isolation is configured but callback functions are incompletely implemented. No patch is currently available.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23088 MEDIUM PATCH This Month

Linux kernel null pointer dereference in the tracing subsystem causes a denial of service when synthetic events reference stacktrace fields from other synthetic events. Local users with tracing permissions can trigger a kernel crash by creating chained synthetic events that pass stacktrace data between them. No patch is currently available for this vulnerability.

Linux Debian Denial Of Service Null Pointer Dereference Linux Kernel +2
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23062 MEDIUM PATCH This Month

The hp-bioscfg driver in the Linux kernel contains a null pointer dereference vulnerability triggered by an off-by-one error and missing NULL checks in the GET_INSTANCE_ID macro when accessing BIOS configuration sysfs attributes. Local users with unprivileged access can trigger a kernel panic by reading certain attribute files, causing denial of service during BIOS configuration operations. No patch is currently available for this vulnerability.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy