THREAT ALERT

EMERGENCY CVE-2026-1731 9.8 BeyondTrust Remote Support (RS) and older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability (CVE-2026-1731) that allows unauthenticated attackers to execute OS commands through specially crafted requests. With EPSS 66% and KEV listing with public PoC, this vulnerability is devastating because these products are specifically designed for privileged remote access — compromising them grants attackers access to the most sensitive systems in an organization. | EMERGENCY CVE-2020-37123 9.8 Remote code execution via OS command injection in Pinger 1.0 allows attackers to inject shell commands through the ping target parameter. EPSS 12.2% indicates significant exploitation likelihood. PoC available. | ACT NOW CVE-2026-25512 8.8 Authenticated attackers can execute arbitrary commands on Group-Office servers through unsanitized user input in the email attachment endpoint, where shell metacharacters are directly passed to system execution functions. The vulnerability affects Group-Office versions prior to 6.8.150, 25.0.82, and 26.0.5, and public exploit code exists. Organizations should apply available patches immediately as this is actively exploitable by authenticated users. | ACT NOW CVE-2025-15556 7.5 Notepad++ versions prior to 8.8.9 contain an update integrity verification vulnerability (CVE-2025-15556) when using the WinGUp updater. The update mechanism fails to cryptographically verify downloaded metadata and installers, allowing man-in-the-middle attackers to serve malicious executables during the update process. KEV-listed, this supply chain risk affects one of the most widely used text editors on Windows. | EMERGENCY CVE-2026-1340 9.8 Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that allows unauthenticated attackers to achieve remote code execution on the mobile device management server. Compromising the MDM server provides access to all managed mobile device configurations, policies, and potentially the ability to push malicious profiles to enrolled devices. | ACT NOW CVE-2026-1281 9.8 Ivanti Endpoint Manager Mobile (EPMM) contains a critical code injection vulnerability (CVE-2026-1281, CVSS 9.8) that allows unauthenticated remote attackers to execute arbitrary code. With EPSS 64.8% and KEV listing, this vulnerability in the mobile device management platform threatens the security of every managed mobile device in the organization, as EPMM has the ability to push configurations, certificates, and apps to enrolled devices. | EMERGENCY CVE-2025-40551 9.8 SolarWinds Web Help Desk contains an unauthenticated Java deserialization vulnerability (CVE-2025-40551, CVSS 9.8) that enables remote code execution. With EPSS 80.6% and KEV listing, this is the more severe of two concurrent WHD vulnerabilities, allowing attackers to execute arbitrary commands on the host server without any credentials. | ACT NOW CVE-2025-40536 8.1 SolarWinds Web Help Desk contains a security control bypass vulnerability (CVE-2025-40536) that allows unauthenticated attackers to access restricted functionality. With EPSS 69% and KEV listing, this CVSS 8.1 vulnerability is particularly concerning given SolarWinds' history of being targeted in supply chain attacks and the sensitive IT service data typically stored in help desk systems. | EMERGENCY CVE-2026-24858 9.8 Fortinet FortiAnalyzer and FortiManager contain a critical authentication bypass vulnerability (CVE-2026-24858, CVSS 9.8) that allows unauthenticated remote attackers to gain administrative access through an alternate authentication path. With EPSS 2.8% but KEV listing confirming active exploitation, this vulnerability threatens the security management infrastructure that organizations rely on to protect their networks. | ACT NOW CVE-2026-21509 7.8 Microsoft Office contains a security feature bypass (CVE-2026-21509, CVSS 7.8) where reliance on untrusted inputs in security decisions allows local attackers to bypass protections designed to prevent execution of malicious content. KEV-listed with EPSS 9.3%, this vulnerability enables attackers to circumvent Office security features like Protected View or macro restrictions through crafted documents. | EMERGENCY CVE-2026-24423 9.8 SmarterTools SmarterMail prior to build 9511 contains a second critical vulnerability (CVE-2026-24423) — an unauthenticated remote code execution flaw in the ConnectToHub API method. An attacker can redirect the SmarterMail server to connect to a malicious HTTP endpoint that serves OS commands for execution. KEV-listed with EPSS 29%, this is chainable with CVE-2026-23760 for complete server compromise. | EMERGENCY CVE-2026-23760 9.8 SmarterTools SmarterMail prior to build 9511 contains a critical authentication bypass in the password reset API (CVE-2026-23760) that allows unauthenticated attackers to reset system administrator passwords without verification. With EPSS 65% and KEV listing, this trivially exploitable vulnerability enables complete email server takeover, compromising all hosted mailboxes and organizational communications. | ACT NOW CVE-2026-20045 8.2 Cisco Unified Communications Manager and related products contain a code injection vulnerability (CVE-2026-20045) that allows unauthenticated remote attackers to execute arbitrary code. This KEV-listed vulnerability affects the core enterprise voice/video infrastructure including Unified CM, IM&P, Unity Connection, and Webex Calling Dedicated Instance, making it a high-priority threat for organizations dependent on Cisco collaboration tools. | ACT NOW CVE-2026-24061 9.8 GNU Inetutils telnetd through version 2.7 contains a critical authentication bypass that allows remote attackers to gain root access by setting the USER environment variable to '-f root' during TELNET negotiation. With EPSS 75% and KEV listing, this trivially exploitable vulnerability (CVE-2026-24061) has been widely weaponized. Public PoC is available and patches exist. | EMERGENCY CVE-2026-20963 9.8 Microsoft Office SharePoint contains a deserialization vulnerability (CVE-2026-20963) that allows authenticated users to execute arbitrary code over the network through crafted serialized objects. KEV-listed with public PoC, this CVSS 8.8 vulnerability enables any SharePoint user to escalate to server-level code execution, making it a critical threat for organizations relying on SharePoint for document management and collaboration. | ACT NOW CVE-2026-22200 7.5 Arbitrary file disclosure in osTicket 1.18.x before 1.18.3 and 1.17.x before 1.17.7 allows unauthenticated attackers to read sensitive server files by injecting malicious PHP filter expressions into ticket descriptions that are processed during PDF export. The vulnerability exploits insufficient sanitization in the mPDF library integration, enabling attackers to embed arbitrary file contents as images in generated PDFs when exporting tickets. Public exploit code exists and the issue affects default configurations where guest ticket creation is enabled. | EMERGENCY CVE-2026-21891 9.4 ZimaOS (fork of CasaOS) through 1.5.0 has an authentication bypass where passwords for system service accounts are not properly validated during login. Attackers can access the system using known service account names with any password. PoC available, EPSS 13.6%. |

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — February 07, 2026

83 CVEs tracked today. 6 Critical, 30 High, 45 Medium, 2 Low.

CVE-2026-25858 CRITICAL CVSS 9.3
macrozheng mall e-commerce platform v1.0.3 has an authentication vulnerability in password reset enabling unauthorized account takeover.

Information Disclosure
CVE-2026-25560 CRITICAL CVSS 9.8
WeKan (open-source kanban) prior to 8.19 has an LDAP filter injection vulnerability enabling authentication bypass through crafted LDAP login attempts.

Ldap Wekan
CVE-2020-37162 CRITICAL CVSS 9.8
Wedding Slideshow Studio 1.36 has a second buffer overflow in the registration key input enabling code execution.

Buffer Overflow Stack Overflow Wedding Slideshow Studio
CVE-2020-37161 CRITICAL CVSS 9.8
Wedding Slideshow Studio 1.36 has a buffer overflow allowing code execution through crafted project files.

RCE Buffer Overflow Wedding Slideshow Studio
CVE-2020-37159 CRITICAL CVSS 9.8
Parallaxis Cuckoo Clock 5.0 has a buffer overflow enabling code execution through crafted input.

RCE Buffer Overflow
CVE-2020-37095 CRITICAL CVSS 9.8
Cyberoam Authentication Client 2.1.2.7 has a buffer overflow allowing remote attackers to execute code through the network authentication service.

Dns Buffer Overflow
CVE-2026-25859 HIGH CVSS 8.8
Wekan before version 8.20 fails to properly validate user permissions on migration functions, allowing authenticated non-admin users to execute unauthorized migration operations. This vulnerability affects any Wekan deployment and could be exploited by low-privileged users to compromise data integrity or availability. A patch is available.

Authentication Bypass Wekan
CVE-2026-25857 HIGH CVSS 8.8
Unauthenticated command injection in Tenda G300-F router firmware version 16.01.14.2 and earlier allows authenticated attackers to execute arbitrary OS commands through the WAN diagnostic interface by injecting shell metacharacters into unvalidated curl parameters. An attacker with management interface access can exploit this to gain full system compromise with process-level privileges. Public exploit code exists and no patch is currently available.

Command Injection G300 F Firmware
CVE-2026-25564 HIGH CVSS 7.5
Wekan versions up to 8.19 is affected by authorization bypass through user-controlled key (CVSS 7.5).

Authentication Bypass Wekan
CVE-2026-25563 HIGH CVSS 7.5
Wekan versions up to 8.19 is affected by authorization bypass through user-controlled key (CVSS 7.5).

Authentication Bypass Wekan
CVE-2026-25561 HIGH CVSS 7.5
WeKan versions prior to 8.19 contain an authorization weakness in the attachment upload API. [CVSS 7.5 HIGH]

Authentication Bypass Wekan
CVE-2026-2115 HIGH CVSS 7.3
SQL injection in itsourcecode Society Management System 1.0 allows unauthenticated remote attackers to manipulate the expenses_id parameter in /admin/delete_expenses.php, enabling unauthorized database access and modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.

PHP SQLi Society Management System
CVE-2026-2114 HIGH CVSS 7.3
SQL injection in itsourcecode Society Management System 1.0 through the admin_id parameter in /admin/edit_admin.php allows unauthenticated remote attackers to manipulate the database. Public exploit code exists for this vulnerability, and no patch is currently available, putting all installations at immediate risk of data compromise.

PHP SQLi Society Management System
CVE-2026-2113 HIGH CVSS 7.3
Unsafe deserialization in yuan1994 tpadmin versions up to 1.3.12 allows remote attackers to execute arbitrary code via the WebUploader preview.php component without authentication. Public exploit code exists for this vulnerability, and affected installations running unsupported versions face immediate risk. The flaw enables complete system compromise with no patch available from the maintainer.

PHP Deserialization Tpadmin
CVE-2026-2090 HIGH CVSS 7.3
Online Class Record System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi Online Class Record System
CVE-2026-2089 HIGH CVSS 7.3
SourceCodester Online Class Record System 1.0 contains a SQL injection vulnerability in the subject controller that allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and could enable unauthorized data access, modification, or system compromise.

PHP SQLi Online Class Record System
CVE-2026-2088 HIGH CVSS 7.3
SQL injection in PHPGurukul Beauty Parlour Management System 1.1 via the delid parameter in /admin/accepted-appointment.php enables remote attackers to manipulate database queries without authentication. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected systems at active risk.

PHP SQLi Beauty Parlour Management System
CVE-2026-2087 HIGH CVSS 7.3
SQL injection in SourceCodester Online Class Record System 1.0 allows unauthenticated remote attackers to manipulate the user_email parameter in /admin/login.php, potentially enabling unauthorized data access and modification. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi Online Class Record System
CVE-2026-2086 HIGH CVSS 8.8
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows authenticated attackers to achieve full system compromise via a buffer overflow in the Management Interface firewall configuration function. Public exploit code exists for this vulnerability, and no patch is available from the vendor despite early disclosure notification. The attack requires valid credentials but can be executed over the network without user interaction.

Buffer Overflow 810g Firmware
CVE-2026-2085 HIGH CVSS 7.2
Command injection in D-Link DWR-M921 firmware versions up to 1.1.50 allows remote attackers with high privileges to execute arbitrary commands through the USSD Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An authenticated attacker can leverage the unsanitized ussdValue parameter to compromise the affected device.

D-Link Command Injection Dwr M921 Firmware
CVE-2026-2084 HIGH CVSS 7.2
D-Link DIR-823X firmware contains a command injection vulnerability in the /goform/set_language endpoint that allows remote attackers with high privileges to execute arbitrary OS commands via manipulation of the langSelection parameter. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation grants complete system compromise with confidentiality, integrity, and availability impact.

D-Link Command Injection Dir 823x Firmware
CVE-2026-2083 HIGH CVSS 7.3
SQL injection in the /delete_post.php endpoint of code-projects Social Networking Site 1.0 allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker could leverage this to read, modify, or delete sensitive data within the application's database.

PHP SQLi Social Networking Site
CVE-2026-2080 HIGH CVSS 7.2
Remote code execution in UTT HiPER 810 Firmware 1.7.4-141218 via command injection in the user administration function allows unauthenticated attackers to execute arbitrary commands over the network. The vulnerability exists in the passwd1 parameter of the /goform/formUser endpoint and has public exploit code available. No patch is currently available from the vendor, who has been unresponsive to disclosure attempts.

Command Injection 810 Firmware
CVE-2026-2073 HIGH CVSS 7.3
School Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi School Management System
CVE-2026-2071 HIGH CVSS 8.8
Unauthenticated attackers can exploit a buffer overflow in the UTT 520W Firmware's P2P configuration function via a crafted request to achieve remote code execution with high privileges. The vulnerability requires only network access and low complexity to exploit, with public exploit code already available. No patch has been released by the vendor despite early notification.

Buffer Overflow 520w Firmware
CVE-2020-37163 HIGH CVSS 8.2
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the '_located' parameter in the find_matches endpoint. [CVSS 8.2 HIGH]

SQLi
CVE-2020-37157 HIGH CVSS 7.5
DBPower C300 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive credentials through an unprotected configuration backup endpoint. [CVSS 7.5 HIGH]

Authentication Bypass
CVE-2020-37155 HIGH CVSS 7.5
Core FTP Lite 1.3 contains a buffer overflow vulnerability in the username input field that allows attackers to crash the application by supplying oversized input. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service
CVE-2020-37154 HIGH CVSS 7.1
eLection 2.0 contains an authenticated SQL injection vulnerability in the candidate management endpoint that allows attackers to manipulate database queries through the 'id' parameter. [CVSS 7.1 HIGH]

RCE SQLi
CVE-2020-37147 HIGH CVSS 7.1
ATutor 2.2.4 contains a SQL injection vulnerability in the admin user deletion page that allows authenticated attackers to manipulate database queries through the 'id' parameter. [CVSS 7.1 HIGH]

PHP SQLi
CVE-2020-37146 HIGH CVSS 7.5
ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. [CVSS 7.5 HIGH]

Authentication Bypass
CVE-2020-37141 HIGH CVSS 8.2
AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents. [CVSS 8.2 HIGH]

PHP SQLi
CVE-2020-37135 HIGH CVSS 7.5
AMSS++ 4.7 contains an authentication bypass vulnerability that allows attackers to access administrative accounts using hardcoded credentials. Attackers can log in with the default admin username and password '1234' to gain unauthorized administrative access to the system. [CVSS 7.5 HIGH]

Authentication Bypass
CVE-2020-37122 HIGH CVSS 7.5
SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the application crash. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service
CVE-2020-37109 HIGH CVSS 7.5
aSc TimeTables 2020.11.4 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Subject title field with a large buffer. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2020-37107 HIGH CVSS 7.5
Core FTP LE 2.2 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the account field with a large buffer. [CVSS 7.5 HIGH]

Denial Of Service
CVE-2026-25568 MEDIUM CVSS 4.3
Wekan versions before 8.19 fail to properly enforce the allowPrivateOnly configuration setting during board creation, allowing authenticated users to create public boards when only private boards should be permitted. This authorization bypass enables users to circumvent intended access control policies and expose board data beyond the intended scope. A patch is available for affected installations.

Authentication Bypass Wekan
CVE-2026-25567 MEDIUM CVSS 4.3
Wekan versions up to 8.19 is affected by authorization bypass through user-controlled key (CVSS 4.3).

Authentication Bypass Wekan
CVE-2026-25566 MEDIUM CVSS 5.4
WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. [CVSS 5.4 MEDIUM]

Authentication Bypass Wekan
CVE-2026-25565 MEDIUM CVSS 6.5
Wekan prior to version 8.19 improperly validates permissions on card update API endpoints, checking only read access instead of requiring write permissions. This allows read-only users to modify cards they should not be able to edit. A patch is available to address this authorization bypass.

Authentication Bypass Wekan
CVE-2026-25562 MEDIUM CVSS 4.3
Wekan versions before 8.19 fail to properly restrict attachment metadata visibility, allowing authenticated users to enumerate attachment information from boards and cards they should not have access to. This information disclosure vulnerability requires valid credentials and can expose sensitive metadata to unauthorized users across the platform. A patch is available.

Information Disclosure Wekan
CVE-2026-2111 MEDIUM CVSS 4.3
Path traversal in JeecgBoot's Retrieval-Augmented Generation Module (versions up to 3.9.0) allows authenticated remote attackers to access arbitrary files through manipulation of the filePath parameter in the /airag/knowledge/doc/edit endpoint. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

Path Traversal AI / ML Jeecg Boot
CVE-2026-2109 MEDIUM CVSS 5.4
Coco Annotator through version 0.11.1 contains an authorization bypass in the Delete Category Handler endpoint (/api/undo/) that allows authenticated attackers to manipulate category IDs and access or modify unauthorized data. The vulnerability requires valid credentials but can be exploited remotely with public exploit code available. No patch is currently available from the vendor.

Information Disclosure Coco Annotator
CVE-2026-2108 MEDIUM CVSS 5.3
Coco Annotator versions up to 0.11.1. is affected by improper resource shutdown or release (CVSS 5.3).

Denial Of Service Coco Annotator
CVE-2026-2107 MEDIUM CVSS 6.3
Improper authorization in the yeqifu Warehouse Log Info Handler allows authenticated remote attackers to access, modify, or delete log information through the loadAllLoginfo, deleteLoginfo, and batchDeleteLoginfo functions. Public exploit code exists for this vulnerability, and the developers have not yet released a patch despite early notification. Java-based deployments using affected versions are at risk of unauthorized log manipulation by authenticated users.

Java Warehouse
CVE-2026-2106 MEDIUM CVSS 6.3
Improper authorization in Yeqifu Warehouse's Notice Management component allows authenticated users to perform unauthorized operations on notice records through the addNotice, updateNotice, deleteNotice, and batchDeleteNotice functions. Public exploit code exists for this vulnerability, and the vendor has not yet responded to the disclosure. An attacker with valid credentials can remotely manipulate notice data, compromising the confidentiality, integrity, and availability of the application.

Java Warehouse
CVE-2026-2105 MEDIUM CVSS 6.3
Improper authorization in the Department Management component of yeqifu Warehouse allows authenticated users to manipulate department operations (add, update, delete) without proper access controls. Public exploit code exists for this vulnerability, which can be leveraged remotely by attackers with valid credentials. No patch is currently available from the vendor.

Java Warehouse
CVE-2026-2082 MEDIUM CVSS 4.7
D-Link DIR-823X routers contain an OS command injection vulnerability in the /goform/set_mac_clone endpoint that allows remote attackers with high privileges to execute arbitrary commands through manipulation of the mac parameter. Public exploit code exists for this vulnerability, which affects confidentiality, integrity, and availability. No patch is currently available.

D-Link Command Injection Dir 823x Firmware
CVE-2026-2081 MEDIUM CVSS 4.7
D-Link DIR-823X firmware contains an OS command injection vulnerability in the /goform/set_password endpoint that allows remote attackers with high privileges to execute arbitrary commands by manipulating the http_passwd parameter. Public exploit code exists for this vulnerability, and no patch is currently available. An authenticated attacker could leverage this to compromise the affected device with limited confidentiality, integrity, and availability impact.

D-Link Command Injection Dir 823x Firmware
CVE-2026-2079 MEDIUM CVSS 6.3
Improper authorization in the Menu Management component of Yeqifu Warehouse allows authenticated remote attackers to manipulate menu operations (add, update, delete) without proper access controls. Public exploit code exists for this vulnerability, and the maintainers have not yet released a patch despite early notification. The flaw affects Java-based deployments running the vulnerable commit and could enable unauthorized administrative actions.

Java Warehouse
CVE-2026-2078 MEDIUM CVSS 6.3
Improper authorization in the Permission Management component of yeqifu Warehouse allows authenticated remote attackers to manipulate permission-related functions (addPermission, updatePermission, deletePermission) and gain unauthorized access or modify system permissions. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects Java-based Warehouse deployments with a CVSS score of 6.3.

Java Warehouse
CVE-2026-2077 MEDIUM CVSS 6.3
Improper authorization in yeqifu Warehouse's Role Management Handler (addRole/updateRole/deleteRole functions) allows authenticated remote attackers to perform unauthorized privilege escalation and data manipulation. Public exploit code exists for this vulnerability, and the vendor has not released a patch or responded to disclosure. An attacker with valid credentials can bypass authorization controls to modify system roles and access restrictions.

Java Warehouse
CVE-2026-2076 MEDIUM CVSS 6.3
A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. [CVSS 6.3 MEDIUM]

Java Warehouse
CVE-2026-2075 MEDIUM CVSS 6.3
Improper access control in the Role-Permission Binding Handler of yeqifu Warehouse allows authenticated remote attackers to modify role permissions through the saveRolePermission function, potentially gaining unauthorized access to sensitive operations. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification of the issue.

Java Warehouse
CVE-2026-2074 MEDIUM CVSS 6.3
O2OA versions up to 9.0.0 contain an XML external entity (XXE) injection vulnerability in the /x_program_center/jaxrs/mpweixin/check HTTP POST handler that allows authenticated remote attackers to read sensitive files or conduct denial-of-service attacks. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. The attack requires valid credentials but can be executed over the network without user interaction.

XXE O2oa
CVE-2026-1675 MEDIUM CVSS 5.3
Advanced Country Blocker (WordPress plugin) versions up to 2.3.1 contains a security vulnerability (CVSS 5.3).

WordPress Authentication Bypass
CVE-2026-1643 MEDIUM CVSS 6.1
Reflected XSS in the WordPress MP-Ukagaka plugin through version 1.5.2 allows unauthenticated attackers to inject malicious scripts into web pages due to insufficient input sanitization and output escaping. An attacker can exploit this by tricking users into clicking a malicious link, causing arbitrary JavaScript to execute in their browsers. No patch is currently available for this vulnerability.

WordPress XSS
CVE-2026-1634 MEDIUM CVSS 6.1
The Subitem AL Slider plugin for WordPress through version 1.0.0 fails to properly sanitize the PHP_SELF parameter, allowing unauthenticated attackers to inject malicious scripts through a crafted link. An attacker can trick users into clicking a malicious URL to execute arbitrary JavaScript in their browser sessions. No patch is currently available for this reflected XSS vulnerability.

WordPress XSS
CVE-2026-1613 MEDIUM CVSS 6.4
Stored XSS in the Wonka Slide WordPress plugin (versions up to 1.3.3) allows authenticated users with contributor-level permissions to inject malicious scripts through the `list_class` shortcode attribute due to inadequate input sanitization. When other users visit affected pages, the injected scripts execute in their browsers, potentially compromising site security and user data. No patch is currently available.

WordPress XSS
CVE-2026-1611 MEDIUM CVSS 6.4
Stored XSS in WordPress Wikiloops Track Player plugin (versions up to 1.0.1) allows authenticated contributors and above to inject malicious scripts through the wikiloops shortcode due to inadequate input sanitization and output escaping. Injected scripts execute in the browsers of users viewing affected pages, potentially compromising user sessions or stealing sensitive data. No patch is currently available for this vulnerability.

WordPress XSS
CVE-2026-1608 MEDIUM CVSS 6.4
Stored cross-site scripting in the WordPress Video Onclick plugin through version 0.4.7 allows authenticated contributors and above to inject malicious scripts into pages via the youtube shortcode due to inadequate input sanitization. When users access affected pages, the injected scripts execute in their browsers, potentially compromising user sessions or stealing sensitive information. No patch is currently available.

WordPress XSS
CVE-2026-1573 MEDIUM CVSS 6.4
Stored XSS in the OMIGO WordPress plugin through version 3.3 allows authenticated contributors and above to inject malicious scripts via the omigo_donate_button shortcode due to inadequate input sanitization, executing arbitrary code when users view affected pages. The vulnerability requires low privileges but impacts all users accessing compromised content, with no available patch as of now.

WordPress Golang XSS
CVE-2026-1570 MEDIUM CVSS 6.4
Simple Bible Verse via Shortcode (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.4).

WordPress XSS
CVE-2026-1082 MEDIUM CVSS 4.3
The TITLE ANIMATOR plugin for WordPress lacks CSRF protection on its settings page, allowing unauthenticated attackers to modify plugin configuration through forged requests if a site administrator clicks a malicious link. This vulnerability affects all versions up to 1.0 and requires social engineering to exploit but poses a direct integrity risk to plugin functionality and site configuration.

WordPress PHP CSRF
CVE-2026-0555 MEDIUM CVSS 6.4
The Premmerce WordPress plugin through version 1.3.20 contains a stored cross-site scripting vulnerability in the wizard AJAX endpoint due to inadequate input sanitization and output escaping on the state parameter. Authenticated users with subscriber-level permissions can inject malicious scripts that execute in the admin wizard interface when accessed by other users. No patch is currently available for this medium-severity vulnerability affecting plugin installations.

WordPress XSS
CVE-2025-31990 MEDIUM CVSS 6.8
Rate limiting for certain API calls is not being enforced, making HCL Velocity vulnerable to Denial of Service (DoS) attacks. An attacker could flood the system with a large number of requests, overwhelming its resources and causing it to become unresponsive to legitimate users. [CVSS 6.8 MEDIUM]

Denial Of Service
CVE-2025-15491 MEDIUM CVSS 5.5
The Post Slides WordPress plugin through 1.0.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as with contributor or higher roles to perform LFI attacks [CVSS 5.5 MEDIUM]

WordPress Lfi PHP
CVE-2025-15477 MEDIUM CVSS 6.5
The Bucketlister plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode `category` and `id` attributes in all versions up to, and including, 0.1.5 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. [CVSS 6.5 MEDIUM]

WordPress SQLi PHP
CVE-2025-15476 MEDIUM CVSS 4.3
The The Bucketlister plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bucketlister_do_admin_ajax() function in all versions up to, and including, 0.1.5. [CVSS 4.3 MEDIUM]

WordPress PHP
CVE-2025-15267 MEDIUM CVSS 6.4
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_accordion_item shortcode in all versions up to, and including, 5.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
CVE-2025-13463 MEDIUM CVSS 6.4
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Grid component in all versions up to, and including, 5.5.3 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
CVE-2025-12803 MEDIUM CVSS 6.4
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'bt_bb_tabs' shortcode in all versions up to, and including, 5.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
CVE-2025-12159 MEDIUM CVSS 6.4
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_raw_content shortcode in all versions up to, and including, 5.4.8 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
CVE-2020-37171 MEDIUM CVSS 6.2
TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. [CVSS 6.2 MEDIUM]

Denial Of Service Tapinradio
CVE-2020-37170 MEDIUM CVSS 6.2
TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. [CVSS 6.2 MEDIUM]

Denial Of Service Tapinradio
CVE-2020-37166 MEDIUM CVSS 6.2
AbsoluteTelnet 11.12 contains a denial of service vulnerability in the SSH2 username input field that allows local attackers to crash the application. Attackers can overwrite the username field with a 1000-byte buffer, causing the application to become unresponsive and terminate. [CVSS 6.2 MEDIUM]

Denial Of Service Absolutetelnet
CVE-2020-37165 MEDIUM CVSS 6.2
AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character payload and paste it into the license name field to trigger an application crash. [CVSS 6.2 MEDIUM]

Denial Of Service Absolutetelnet
CVE-2020-37164 MEDIUM CVSS 6.2
AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character payload and paste it into the license entry field to trigger an application crash. [CVSS 6.2 MEDIUM]

Denial Of Service Absolutetelnet
CVE-2020-37160 MEDIUM CVSS 6.2
SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. [CVSS 6.2 MEDIUM]

Windows Privilege Escalation
CVE-2020-37106 MEDIUM CVSS 5.3
Business Live Chat Software 1.0 contains a cross-site request forgery vulnerability that allows attackers to change user account roles without authentication. [CVSS 5.3 MEDIUM]

CSRF
CVE-2020-37079 MEDIUM CVSS 4.3
Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. [CVSS 4.3 MEDIUM]

CSRF Wing Ftp Server
CVE-2026-2110 LOW CVSS 3.7
A security flaw has been discovered in Tasin1025 SwiftBuy up to 0f5011372e8d1d7edfd642d57d721c9fadc54ec7. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing a manipulation results in improper restriction of excessive authentication attempts. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit has been released to the public and may be used for attacks. This pro...

PHP
CVE-2025-15564 LOW CVSS 3.3
A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. [CVSS 3.3 LOW]

Denial Of Service

Today's Vulnerabilities Vulnerabilities