Skip to main content
CVE-2026-23072 MEDIUM PATCH This Month

A memory leak in the Linux kernel's l2tp_udp_encap_recv() function fails to properly release l2tp_session and l2tp_tunnel structures when protocol version validation fails, allowing a local attacker to exhaust kernel memory and trigger a denial of service. The vulnerability affects all Linux systems running the vulnerable kernel versions, and exploitation requires local access with unprivileged user privileges. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23065 MEDIUM PATCH This Month

A memory leak in the Linux kernel's AMD platform driver allows local authenticated users to exhaust system memory through repeated failures in the WBRF (Wifi Band RFI Mitigation) record function, potentially leading to denial of service. The vulnerability exists in the wbrf_record() function where a temporary buffer allocated via kcalloc() is not properly freed when the acpi_evaluate_dsm() call fails. An attacker with local access and sufficient privileges could trigger this condition multiple times to consume available memory and degrade system performance.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25122 MEDIUM PATCH This Month

Resource exhaustion in Apko versions 0.14.8 through 1.0.x allows local attackers to cause denial of service by supplying a malicious APK archive with excessive gzip-compressed data that forces unbounded decompression work. The expandapk.Split function fails to impose limits on gzip inflation, enabling attackers to exhaust CPU resources and trigger process timeouts when parsing attacker-controlled APK streams. This issue is resolved in version 1.1.0.

Denial Of Service Apko Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20986 MEDIUM This Month

Samsung Members versions prior to 15.5.05.4 contain a path traversal vulnerability that enables local attackers to overwrite arbitrary data within the application. This vulnerability requires local access and valid user credentials but does not provide read access to sensitive information. No patch is currently available to address this issue.

Samsung Path Traversal Members
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20977 MEDIUM This Month

Android versions up to 14.0 contains a vulnerability that allows attackers to interrupt its functioning (CVSS 5.5).

Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25145 MEDIUM PATCH This Month

Melange versions 0.14.0 through 0.40.2 allow local attackers with configuration file control to read arbitrary files from the host system through path traversal in license file path validation, potentially exfiltrating sensitive data embedded in generated SBOMs. This vulnerability affects build pipeline scenarios where configuration is user-controlled, such as pull request-driven CI or build-as-a-service environments. A patch is available in version 0.40.3.

Golang Path Traversal Melange Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25054 MEDIUM PATCH This Month

Stored cross-site scripting in n8n's markdown rendering component allows authenticated users to inject malicious scripts into workflows and sticky notes that execute with session privileges when viewed by other users. An attacker with workflow modification permissions can exploit this to hijack sessions and compromise accounts of users who interact with affected workflows. Versions 1.123.9 and 2.2.1 contain fixes for this vulnerability.

XSS AI / ML N8n
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-25051 MEDIUM PATCH This Month

Improper Content Security Policy enforcement in n8n workflow automation allows authenticated users to inject persistent XSS payloads into webhook responses that execute with same-origin privileges when other users access the affected workflows. An attacker with workflow creation/modification permissions could exploit this to hijack sessions and compromise user accounts. The vulnerability affects n8n versions prior to 1.123.2.

XSS AI / ML N8n
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-22875 MEDIUM This Month

Stored XSS in Movable Type's Export Sites feature allows authenticated attackers to inject malicious scripts that execute in the browsers of logged-in users. The vulnerability affects Movable Type 7 and 8.4 series (both EOL) and requires an attacker to first store the crafted payload through the application. No patch is currently available for this medium-severity flaw.

XSS
NVD
CVSS 3.0
5.4
EPSS
0.0%
CVE-2026-21393 MEDIUM This Month

Stored XSS in Movable Type's Edit Comment feature allows authenticated attackers to inject malicious scripts that execute in logged-in users' browsers, affecting both current and end-of-life versions including the 7 and 8.4 series. An attacker with login credentials can craft and store malicious input that triggers arbitrary script execution when other users view or interact with comments. No patch is currently available for this medium-severity vulnerability.

XSS
NVD
CVSS 3.0
5.4
EPSS
0.0%
CVE-2025-14461 MEDIUM This Month

The Xendit Payment plugin for WordPress is vulnerable to unauthorized order status manipulation in all versions up to, and including, 6.0.2. This is due to the plugin exposing a publicly accessible WooCommerce API callback endpoint (`wc_xendit_callback`) that processes payment callbacks without any authentication or cryptographic verification that the requests originate from Xendit's payment gateway. This makes it possible for unauthenticated attackers to mark any WooCommerce order as paid by...

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-15482 MEDIUM This Month

Chapa Payment Gateway Plugin for WooCommerce (WordPress plugin) versions up to 1.0.3 is affected by information exposure (CVSS 5.3).

WordPress Information Disclosure PHP
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-39724 MEDIUM This Month

IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 (on CP4D 4.8), 7.7 (on CP4D 5.0), and 7.8 (on CP4D 5.1) do not properly limit the allocation of system resources. An authenticated user with internal knowledge of the environment could exploit this weakness to cause a denial of service. [CVSS 5.3 MEDIUM]

IBM Denial Of Service
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-0944 MEDIUM PATCH This Month

Group Invite versions up to 2.3.9 is affected by improper check for unusual or exceptional conditions (CVSS 5.3).

Drupal Group Invite
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-38010 MEDIUM This Month

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system. [CVSS 5.3 MEDIUM]

IBM Cloud Pak System Os Image For Red Hat Linux Systems
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-38281 MEDIUM This Month

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. [CVSS 5.3 MEDIUM]

IBM Os Image For Red Hat Linux Systems Cloud Pak System
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-38017 MEDIUM This Month

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. [CVSS 5.3 MEDIUM]

IBM XSS Cloud Pak System Os Image For Red Hat Linux Systems
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-15507 MEDIUM This Month

The Magic Import Document Extractor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_sync_usage() function in all versions up to, and including, 1.0.4. [CVSS 5.3 MEDIUM]

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-0679 MEDIUM This Month

Unauthenticated attackers can manipulate WooCommerce order statuses through an authorization bypass in the Fortis for WooCommerce plugin (versions up to 1.2.0), allowing them to fraudulently mark orders as paid without receiving payment. The vulnerability stems from an inverted nonce validation check in the payment notification handler that fails to properly authenticate requests. This affects all WordPress sites running the vulnerable plugin and has no available patch.

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-25523 MEDIUM PATCH This Month

Magento-lts versions prior to 20.16.1 expose the admin panel URL through improper handling of the X-Original-Url header in certain server configurations, allowing unauthenticated attackers to discover the administrative interface location without prior knowledge. This information disclosure weakness could facilitate follow-up attacks targeting the admin panel. The vulnerability affects Magento Community Edition long-term support installations and has been patched in version 20.16.1.

Magento
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-15508 MEDIUM This Month

Magic Import Document Extractor (WordPress plugin) versions up to 1.0.4 is affected by information exposure (CVSS 5.3).

WordPress Information Disclosure PHP
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1892 MEDIUM PATCH This Month

Improper authorization in WeKan's REST API setBoardOrgs function (versions up to 8.20) allows authenticated attackers to manipulate cardId, checklistId, and boardId parameters to gain unauthorized access to sensitive board information. The vulnerability requires local network access and high attack complexity, limiting its practical exploitation. A patch is available in version 8.21 and should be applied to all affected deployments.

Information Disclosure Wekan
NVD GitHub VulDB
CVSS 3.1
5.0
EPSS
0.1%
CVE-2026-22549 MEDIUM This Month

F5 BIG-IP Container Ingress Services contains an improper privilege management flaw that allows high-privileged users to read sensitive cluster secrets beyond their intended authorization scope. An authenticated attacker with elevated permissions could exploit this vulnerability to gain unauthorized access to confidential Kubernetes cluster data. No patch is currently available for this medium-severity issue.

Privilege Escalation Big Ip Container Ingress Services
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-15487 MEDIUM This Month

The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. [CVSS 4.9 MEDIUM]

WordPress Path Traversal PHP
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2026-1370 MEDIUM This Month

SQL injection in the SIBS WooCommerce payment gateway plugin for WordPress (versions up to 2.2.0) allows authenticated administrators to extract sensitive database information through the unescaped 'referencedId' parameter. An attacker with administrator-level access can inject arbitrary SQL queries due to insufficient input sanitization and query preparation. No patch is currently available for this vulnerability.

WordPress SQLi
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-0816 MEDIUM This Month

The All push notification for WP plugin through version 1.5.3 contains a time-based SQL injection flaw in the 'delete_id' parameter that allows authenticated administrators to execute arbitrary SQL queries and extract sensitive database information. The vulnerability stems from insufficient input escaping and improper query preparation, requiring high-privilege access to exploit. No patch is currently available.

WordPress SQLi
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-1553 MEDIUM PATCH This Month

Improper authorization controls in Drupal Canvas versions before 1.0.4 enable attackers to bypass access restrictions and enumerate or access restricted resources through direct browsing. The vulnerability requires specific conditions to exploit (high attack complexity) but affects all unauthenticated users with network access. Currently, no patch is publicly available and exploitation activity has not been confirmed.

Drupal Drupal Canvas
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-20111 MEDIUM This Month

Stored XSS in Cisco Prime Infrastructure's web management interface allows authenticated administrators to inject malicious scripts that execute in other users' browsers, potentially leading to session hijacking or sensitive data theft. The vulnerability stems from insufficient input validation on specific data fields and requires valid admin credentials to exploit. No patch is currently available.

Cisco XSS Prime Infrastructure Authentication Bypass
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-0947 MEDIUM PATCH This Month

At Internet Piano Analytics versions up to 1.0.1 is affected by cross-site scripting (xss) (CVSS 4.8).

Drupal Industrial XSS At Internet Piano Analytics
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-23110 MEDIUM PATCH This Month

A race condition in the Linux kernel's SCSI error handling mechanism can prevent the error handler from being properly awakened when concurrent command completions occur, causing I/O operations to hang indefinitely. A local attacker with low privileges can trigger this condition through timing-sensitive operations to cause a denial of service. No patch is currently available for this vulnerability.

Linux Race Condition Information Disclosure
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-23071 MEDIUM PATCH This Month

The Linux kernel's regmap hwspinlock implementation contains a race condition where concurrent threads accessing a shared spinlock flags variable can corrupt IRQ state, potentially leading to denial of service through system hangs or crashes. A local attacker with sufficient privileges can exploit this condition to cause the kernel to become unresponsive. The vulnerability affects Linux systems and currently has no available patch.

Linux Race Condition Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-0743 MEDIUM This Month

Stored XSS in WordPress WP Content Permission plugin through the 'ohmem-message' parameter allows authenticated administrators to inject malicious scripts that execute for all users viewing affected pages. The vulnerability exists in versions up to 1.2 due to inadequate input sanitization and output escaping. Exploitation requires administrator-level privileges and no patch is currently available.

WordPress XSS
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-0681 MEDIUM This Month

Extended Random Number Generator (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 4.4).

WordPress XSS
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-23624 MEDIUM This Month

GLPI versions 0.71 through 10.0.22 and 11.0.4 are vulnerable to session hijacking when SSO-based remote authentication is enabled, allowing a local attacker to impersonate another user by stealing an active session on the same machine. An authenticated attacker with local access can exploit this by leveraging SSO variables to gain unauthorized access to victim sessions without requiring elevated privileges. No patch is currently available for this vulnerability.

Information Disclosure Glpi
NVD GitHub
CVSS 3.1
4.3
EPSS
0.1%
CVE-2026-20985 MEDIUM This Month

Members versions up to 5.6.00.11 contains a vulnerability that allows attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privile (CVSS 4.3).

Samsung Members
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2024-40685 MEDIUM This Month

Log Analysis versions 1.3.5.0 versions up to 1.3.8.3 is affected by cross-site request forgery (csrf) (CVSS 4.3).

IBM Industrial CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-1554 MEDIUM PATCH This Month

Central Authentication System Server versions up to 2.0.3 contains a security vulnerability (CVSS 4.2).

Drupal Privilege Escalation Central Authentication System Server
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-22247 MEDIUM This Month

GLPI versions 11.0.0 through 11.0.4 allow authenticated administrators to conduct Server-Side Request Forgery (SSRF) attacks via the Webhook functionality, potentially enabling reconnaissance of internal network resources. An attacker with administrative privileges could leverage this capability to probe internal services or bypass network access controls. A patch is available in version 11.0.5 and later.

SSRF Glpi
NVD GitHub
CVSS 3.1
4.1
EPSS
0.0%
CVE-2026-20056 MEDIUM This Month

Cisco Secure Web Appliance's DVS Engine improperly handles certain archive files, allowing unauthenticated remote attackers to bypass the anti-malware scanner and deliver malicious archives to end users. An attacker can exploit this by sending crafted archive files through affected devices to circumvent malware detection. While downloaded malware requires manual extraction and execution by the user, this vulnerability enables distribution of malicious content that would normally be blocked.

Cisco
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-22873 LOW PATCH Monitor

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. [CVSS 3.8 LOW]

Path Traversal Go
NVD
CVSS 3.1
3.8
EPSS
0.0%
CVE-2025-2134 LOW Monitor

Jazz Reporting Service versions up to 7.0.3 contains a vulnerability that allows attackers to an authenticated user on the network to affect the system's performance using co (CVSS 3.5).

IBM
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-27550 LOW Monitor

Jazz Reporting Service versions up to 7.0.3 contains a vulnerability that allows attackers to an authenticated user on the host network to obtain sensitive information about (CVSS 3.5).

IBM
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-1823 LOW Monitor

Jazz Reporting Service versions up to 7.0.3 is affected by allocation of resources without limits or throttling (CVSS 3.5).

IBM Denial Of Service
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2026-20730 LOW Monitor

A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated [CVSS 3.3 LOW]

Windows
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20732 LOW Monitor

Big-Ip Access Policy Manager is affected by user interface (ui) misrepresentation of critical information (CVSS 3.1).

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Advanced Web Application Firewall Big Ip Analytics +17
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2026-1791 LOW Monitor

Hillstone Networks Operation and Maintenance Security Gateway on Linux is affected by unrestricted upload of file with dangerous type (CVSS 2.7).

Linux
NVD
CVSS 3.1
2.7
EPSS
0.1%
CVE-2026-25517 LOW PATCH Monitor

Wagtail is an open source content management system built on Django. [CVSS 2.7 LOW]

Django
NVD GitHub
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-1835 LOW Monitor

lcg0124 BootDo is susceptible to cross-site request forgery (CSRF) attacks due to insufficient request validation, allowing remote attackers to perform unauthorized actions on behalf of authenticated users. Public exploit code exists for this vulnerability, though no patch is currently available. The rolling release model used by this product complicates version tracking for affected and patched instances.

CSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-41085 This Week

Stored Cross-Site Scripting (XSS) vulnerability type in Apidog in the version 2.7.15, where SVG image uploads are not properly sanitized.

XSS
NVD
EPSS
0.1%
CVE-2026-0873 This Week

On a Cryptobox platform where administrator segregation based on entities is used, some vulnerabilities in Ercom Cryptobox administration console allows an authenticated entity administrator with knowledge to elevate his account to global administrator.

XSS
NVD
EPSS
0.1%
Prev Page 4 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy