Skip to main content
CVE-2026-2223 MEDIUM POC This Month

SQL injection in code-projects Online Reviewer System 1.0 via the ID parameter in the assessment module allows unauthenticated remote attackers to execute arbitrary SQL queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-25889 MEDIUM POC PATCH This Month

Filebrowser versions prior to 2.57.1 allow authenticated users to reset passwords without verifying the current password due to case-sensitive validation logic that can be bypassed using mixed-case field names in API requests. An attacker with a valid JWT token obtained through XSS, session hijacking, or similar means could exploit this to perform account takeover. Public exploit code exists for this vulnerability, and a patch is available.

XSS Filebrowser Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-66630 CRITICAL PATCH Act Now

Go Fiber web framework before 2.52.11 has a weak PRNG vulnerability (on Go < 1.24) that makes session tokens predictable, enabling session hijacking.

Golang CSRF Fiber Red Hat Suse
NVD GitHub
CVSS 3.1
9.4
EPSS
0.0%
CVE-2026-25057 CRITICAL PATCH Act Now

MarkUs grading platform prior to 2.9.1 has a path traversal enabling students to access other students' submissions or grading data.

Path Traversal Markus
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-2234 CRITICAL Act Now

HGiga C&Cm@il email system has a missing authentication vulnerability allowing unauthenticated remote access to email server functions.

Authentication Bypass
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-25876 CRITICAL Act Now

PlaciPy has another missing authorization vulnerability — fourth of seven critical security flaws.

Authentication Bypass Placipy
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25810 CRITICAL Act Now

PlaciPy has a missing authorization vulnerability — third of seven critical security flaws.

Authentication Bypass Placipy
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25811 CRITICAL Act Now

PlaciPy has an incorrect authorization vulnerability — fifth of seven critical flaws.

Authentication Bypass Placipy
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25923 CRITICAL Act Now

my little forum PHP forum software has an unrestricted file upload allowing authenticated users to upload dangerous file types.

PHP Deserialization File Upload My Little Forum
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-24679 CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a heap buffer overflow in the URBDRC USB redirection client enabling RCE through malicious RDP servers.

Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-24677 CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a use-after-free in ecam_encoder_compress allowing malicious RDP servers to crash or execute code on clients.

Use After Free Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25939 CRITICAL PATCH Act Now

FUXA SCADA has an eleventh critical vulnerability — missing authorization from versions 1.2.8 onward.

SCADA Fuxa
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25848 CRITICAL Act Now

JetBrains Hub before 2025.3.119807 has an authentication bypass allowing administrative actions without proper credentials.

Authentication Bypass Hub
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25761 HIGH This Week

Command injection in GitHub Super-linter versions 6.0.0 through 8.3.0 allows attackers to execute arbitrary commands in workflow runner contexts by submitting pull requests with maliciously crafted filenames containing shell command substitution syntax. An attacker exploiting this vulnerability can access sensitive workflow credentials, including GITHUB_TOKEN, depending on permission configurations. The vulnerability affects Super-linter when used as a GitHub Action and has no available patch at this time.

Github Command Injection Super Linter
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25812 HIGH This Week

Placipy 1.0.0 fails to implement CSRF protections while permitting credentialed cross-origin requests, allowing unauthenticated attackers to perform unauthorized actions on behalf of logged-in users through malicious websites. An attacker can exploit this vulnerability to modify placement records, access sensitive educational data, or compromise institutional operations without user knowledge. No patch is currently available.

CSRF Placipy
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-1486 HIGH PATCH This Week

Keycloak's JWT authorization grant flow fails to verify that an Identity Provider is enabled before accepting tokens signed by its key, allowing attackers with a disabled IdP's signing credentials to obtain valid access tokens. This authentication bypass affects organizations that have disabled IdPs due to compromise or offboarding but retain the associated signing keys. An attacker can exploit this to gain unauthorized access to systems relying on Keycloak for authentication.

Denial Of Service
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25497 HIGH PATCH This Week

Craft CMS versions 4.0.0-RC1 to 4.17.0 and 5.0 to 5.9.0 contain a privilege escalation vulnerability in the GraphQL API that allows authenticated users with write access to one asset volume to modify or transfer assets across any other volume, including restricted ones they should not access. The vulnerability stems from insufficient authorization validation in the saveAsset mutation, which verifies permissions against the intended volume but fails to confirm the target asset actually belongs to that volume. An attacker with limited asset write permissions can exploit this to gain unauthorized access to and manipulate sensitive assets in protected volumes.

Privilege Escalation Craft Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-10465 HIGH This Week

Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

File Upload
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25496 MEDIUM POC PATCH This Month

Stored XSS in Craft CMS Number field settings (versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21) allows authenticated users with high privileges to inject malicious scripts via the Prefix or Suffix fields, which execute when the field is viewed on user profiles. Public exploit code exists for this vulnerability. Updates to versions 4.16.18 and 5.8.22 are available to remediate the issue.

XSS Craft Cms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25491 MEDIUM POC PATCH This Month

Stored cross-site scripting in Craft CMS versions 5.0.0-RC1 through 5.8.21 allows authenticated users with high privileges to inject malicious scripts through Entry Type names that are not sanitized when displayed in the Entry Types list. An attacker exploiting this vulnerability can execute arbitrary JavaScript in the browsers of other users viewing the affected list, potentially compromising session data or performing unauthorized actions. Public exploit code exists for this vulnerability, though a patch is available in version 5.8.22 and later.

XSS Craft Cms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-24678 HIGH PATCH This Week

Denial-of-service in FreeRDP's camera redirection (rdpecam) client channel allows a malicious or compromised RDP server to crash connected clients running versions prior to 3.22.0. The capture thread continues sending sample responses through a channel callback that was already freed when the device channel closed, producing a use-after-free in ecam_channel_write. EPSS is low (0.02%), it is not on CISA KEV, and no public exploit identified at time of analysis, but an upstream fix and multiple distro advisories exist.

Use After Free Freerdp Denial Of Service Memory Corruption
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-25230 MEDIUM POC This Month

FileRise versions before 3.3.0 contain an HTML injection vulnerability that allows authenticated users to manipulate the DOM and inject malicious form or link elements to redirect users or trigger unauthorized actions. Public exploit code exists for this medium-severity flaw, and no patch is currently available. The vulnerability requires user interaction and valid credentials to exploit, limiting its immediate impact but creating risk for organizations running affected FileRise instances.

XSS Filerise
NVD GitHub
CVSS 3.1
4.6
EPSS
0.0%
CVE-2025-7799 HIGH This Week

Zirve Information Technologies Inc. E-Taxpayer Accounting Website is affected by cross-site scripting (xss) (CVSS 8.6).

XSS
NVD VulDB
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-1615 HIGH PATCH This Week

Remote code execution in the jsonpath npm package (versions <1.2.0) allows unauthenticated attackers to execute arbitrary JavaScript code by injecting malicious JSON Path expressions. The vulnerability stems from unsafe evaluation through the static-eval module, which processes user-supplied JSON Path input without proper sanitization. All query methods (.query, .nodes, .paths, .value, .parent, .apply) are affected. While EPSS scoring indicates relatively low widespread exploitation probability (0.09%, 26th percentile), multiple vendor patches from Red Hat and SUSE confirm the severity, and publicly available exploit code exists (CVSS E:P). This represents critical risk for Node.js applications processing untrusted JSON Path expressions, with potential for both server-side RCE and browser-based XSS depending on execution context.

Node.js RCE XSS Code Injection
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.1%
CVE-2025-59023 HIGH This Week

Crafted delegations or IP fragments can poison cached delegations in Recursor. [CVSS 8.2 HIGH]

Information Disclosure Recursor
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-25847 HIGH This Week

In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible [CVSS 8.2 HIGH]

XSS Pycharm
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-1529 HIGH PATCH This Week

Keycloak's invitation token validation fails to cryptographically verify JWT payload modifications, allowing authenticated attackers to alter organization IDs and email addresses to register into unauthorized organizations. This enables unauthorized access to organizations without proper authentication, affecting any Keycloak deployment using the invitation feature. No patch is currently available.

Authentication Bypass Jwt Attack
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-25931 HIGH This Week

Arbitrary code execution in vscode-spell-checker prior to v4.5.4 allows attackers to execute malicious Node.js code by placing a crafted .cspell.config.js file in an untrusted workspace, since the extension fails to validate VS Code's workspace-trust state before loading configuration files. An attacker can exploit this by tricking users into opening a malicious workspace, resulting in code execution with the privileges of the extension host process.

Node.js
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0870 HIGH This Week

GIGABYTE MacroHub improperly executes external applications with elevated privileges, enabling authenticated local users to achieve arbitrary code execution with SYSTEM-level access. This local privilege escalation affects MacroHub users on Windows systems and could allow attackers to fully compromise affected machines. No patch is currently available.

Privilege Escalation
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-15319 HIGH This Week

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools. [CVSS 7.8 HIGH]

Privilege Escalation Patch Endpoint Tools
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25958 HIGH PATCH This Week

Privilege escalation in Cube.js versions 0.27.19 through 1.5.12 allows authenticated attackers to craft specially designed API requests that bypass access controls and gain elevated privileges within the application. This vulnerability affects Cube.js semantic layer deployments and requires only a valid API token to exploit, making it a risk to multi-tenant or role-based access control implementations. No patch is currently available for this HIGH severity issue.

Privilege Escalation Cube.Js
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-66608 HIGH This Week

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate URLs. [CVSS 7.5 HIGH]

Information Disclosure Fast Tools
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-22905 HIGH This Week

Insufficient URI validation in CGI endpoints permits unauthenticated attackers to bypass authentication controls through path traversal techniques, enabling direct access to protected administrative functions and configuration files. An attacker can exploit this remotely without credentials to retrieve sensitive data and potentially modify system settings. No patch is currently available for this vulnerability.

Authentication Bypass Path Traversal
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-2236 HIGH This Week

Unauthenticated attackers can exploit SQL injection in C&Cm@il by HGiga to execute arbitrary database queries and extract sensitive information without authentication or user interaction. The vulnerability has a high severity rating with a CVSS score of 7.5 and impacts database confidentiality. No patch is currently available for this issue.

SQLi
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25813 HIGH This Week

Placipy versions up to 1.0.0 is affected by insertion of sensitive information into log file (CVSS 7.5).

Information Disclosure Placipy
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24683 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the input event handling mechanism where unsynchronized access to cached channel callbacks can be freed or reinitialized by concurrent channel closure operations. An attacker with network access can trigger a denial of service condition by exploiting this race condition. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24682 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a buffer management error in audio format parsing that causes out-of-bounds memory access when processing malformed audio data. An attacker can exploit this vulnerability over the network without authentication to trigger a denial of service condition. A patch is available in FreeRDP 3.22.0 and later.

Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24681 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the URBDRC channel handler where asynchronous bulk transfer completions reference freed memory after channel closure, enabling denial of service attacks. An unauthenticated remote attacker can trigger this condition through malformed RDP protocol messages to crash the FreeRDP service. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24680 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in pointer handling where sdl_Pointer_New and sdl_Pointer_Free both attempt to free the same memory, causing a denial of service condition. An attacker with network access can trigger this memory corruption to crash RDP client instances without authentication. The vulnerability affects all users of vulnerable FreeRDP versions and is resolved in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24676 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in audio format renegotiation that allows unauthenticated attackers to cause denial of service by triggering a crash through audio processing. The vulnerability occurs when the AUDIN format list is freed during renegotiation while the capture thread continues accessing the freed memory, affecting any system running vulnerable FreeRDP instances. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24675 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the libusb device interface selection code where error handling prematurely frees configuration data that subsequent code attempts to access, causing denial of service. This vulnerability affects systems using FreeRDP for remote desktop protocol operations and can be triggered remotely without authentication or user interaction. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24491 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 are vulnerable to a use-after-free condition where the video_timer component sends notifications after the control channel closes, dereferencing freed memory and causing denial of service. An unauthenticated remote attacker can trigger this crash by manipulating RDP session timing, making the vulnerability exploitable with no user interaction required. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-23948 HIGH PATCH This Week

FreeRDP proxy versions prior to 3.22.0 are vulnerable to denial of service when processing specially crafted RDP server responses that trigger a null pointer dereference in the logon information handler. An unauthenticated attacker controlling a malicious RDP server can crash the FreeRDP proxy by sending a LogonInfoV2 PDU with empty domain or username fields. This vulnerability has been patched in version 3.22.0 and later.

Null Pointer Dereference Denial Of Service Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-66597 HIGH This Week

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak cryptographic algorithms, potentially allowing an attacker to decrypt communications with the web server. [CVSS 7.5 HIGH]

Information Disclosure Fast Tools
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24684 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the audio playback subsystem where the RDPSND async thread processes queued audio packets after the channel has been closed and its internal state freed, causing a denial of service. The vulnerability affects systems running vulnerable FreeRDP versions and can be exploited remotely without authentication or user interaction. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-66598 HIGH This Week

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports old SSL/TLS versions, potentially allowing an attacker to decrypt communications with the web server. [CVSS 7.5 HIGH]

Information Disclosure Fast Tools
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-14831 MEDIUM PATCH CISA This Month

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs). [CVSS 5.3 MEDIUM]

Denial Of Service
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-10463 HIGH This Week

Birtech Information Technologies Industry and Trade Ltd. Co. Senseway is affected by improper authentication (CVSS 7.3).

Authentication Bypass
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-25951 HIGH PATCH This Week

Remote code execution in FUXA prior to 1.2.11 allows authenticated administrators to bypass path traversal protections using nested directory sequences, enabling arbitrary file writes to the server filesystem. An attacker with admin privileges can inject malicious scripts into runtime directories that execute when the server reloads, achieving complete system compromise. Update to version 1.2.11 or later to remediate.

SCADA RCE Path Traversal Fuxa
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-7708 MEDIUM This Month

Insertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd. Co. [CVSS 6.8 MEDIUM]

Information Disclosure
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy