Skip to main content
CVE-2025-68686 MEDIUM This Month

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions may allow a remote unauthenticated attacker to bypass the patch developed for the symbolic link persistency mechanism observed in some post-exploit cases, via crafted HTTP requests. [CVSS 5.9 MEDIUM]

Fortinet Fortigate Fortios
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-24319 MEDIUM This Month

SAP Business One stores sensitive data unencrypted in memory dump files, allowing high-privileged local users with user interaction to extract credentials and other confidential information. An attacker with access to these dumps could leverage the exposed data to perform unauthorized operations and modify company data within the B1 environment. No patch is currently available for this medium-severity vulnerability.

SAP Business One
NVD
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-21529 MEDIUM PATCH This Month

Azure HDInsight contains a cross-site scripting (XSS) vulnerability in web page generation that allows authenticated attackers to conduct spoofing attacks over the network. An attacker with valid credentials and user interaction can exploit this weakness to manipulate web content and deceive users. No patch is currently available for this issue.

Azure XSS Azure Hdinsight
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2025-12063 MEDIUM This Month

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions. [CVSS 5.7 MEDIUM]

Authentication Bypass Camera Station Pro
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-21258 MEDIUM PATCH This Month

Information disclosure in Microsoft Excel allows local attackers with user interaction to read sensitive data through improper input validation in Office 365 Apps and Long Term Servicing Channel. An attacker must socially engineer a user into opening a specially crafted file to trigger the vulnerability. No patch is currently available for this medium-severity issue.

Microsoft Office 365 Apps Office Long Term Servicing Channel Excel +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-15314 MEDIUM This Month

Tanium addressed an arbitrary file deletion vulnerability in end-user-cx. [CVSS 5.5 MEDIUM]

Path Traversal End User Cx
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21222 MEDIUM PATCH This Month

Windows Kernel inadvertently logs sensitive information accessible to authenticated local users, enabling information disclosure attacks. This medium-severity vulnerability affects Windows 10 22H2, Windows 11 23H2, and 24H2, as well as Linux systems, allowing authorized attackers with local access to retrieve confidential data. No patch is currently available for this issue.

Linux Windows Windows 10 22h2 Windows 11 24h2 Windows 11 23h2 +10
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21348 MEDIUM This Month

Memory disclosure in Substance 3D Modeler 1.22.5 and earlier through an out-of-bounds read allows attackers to expose sensitive information when victims open specially crafted files. The vulnerability requires user interaction but no special privileges, making it accessible to local attackers with access to craft malicious documents. Currently no patch is available, and exploitation could reveal confidential data stored in process memory.

Buffer Overflow Information Disclosure Substance 3d Modeler
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21355 MEDIUM This Month

Out-of-bounds memory read in DNG SDK 1.7.1 (2410) and earlier enables attackers to extract sensitive information from process memory when a user opens a specially crafted file. The vulnerability requires local user interaction but poses a direct confidentiality risk to applications processing untrusted DNG image files. No patch is currently available for affected versions.

Buffer Overflow Information Disclosure Dng Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21340 MEDIUM This Month

Out-of-bounds memory read in Substance 3D Designer 15.1.0 and earlier allows attackers to extract sensitive data from process memory when a victim opens a specially crafted file. The vulnerability requires user interaction but can bypass existing protections to leak confidential information. No patch is currently available for this local attack vector.

Buffer Overflow Information Disclosure Substance 3d Designer
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21339 MEDIUM This Month

Out-of-bounds memory reads in Substance 3D Designer 15.1.0 and earlier allow attackers to extract sensitive data from process memory when a victim opens a specially crafted file. This local vulnerability requires user interaction and affects systems running the vulnerable Designer versions. No patch is currently available for this issue.

Buffer Overflow Information Disclosure Substance 3d Designer
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21337 MEDIUM This Month

Memory disclosure in Substance 3D Designer 15.1.0 and earlier stems from an out-of-bounds read flaw that exposes sensitive data from application memory. An attacker can exploit this vulnerability by crafting a malicious file and tricking a user into opening it, requiring no special privileges. Currently, no patch is available for affected users.

Buffer Overflow Information Disclosure Substance 3d Designer
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21332 MEDIUM This Month

Out-of-bounds memory read in Adobe InDesign versions 21.1, 20.5.1 and earlier enables disclosure of sensitive information residing in application memory. Exploitation requires a victim to open a specially crafted malicious file, making this a user-interaction dependent attack vector. No patch is currently available for affected users.

Adobe Indesign
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21319 MEDIUM This Month

Out-of-bounds memory read in Adobe After Effects 25.6 and earlier allows attackers to disclose sensitive information from process memory by tricking users into opening specially crafted files. This local vulnerability requires user interaction but carries no patch availability, leaving affected systems exposed until an update is released.

Buffer Overflow Information Disclosure After Effects
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21317 MEDIUM This Month

Adobe Audition versions 25.3 and earlier contain an out-of-bounds read vulnerability that exposes sensitive data from application memory when a user opens a crafted file. This local attack requires user interaction but carries no patch availability, leaving affected users vulnerable to information disclosure. The vulnerability affects confidentiality with medium severity (CVSS 5.5) and currently has no evidence of active exploitation.

Buffer Overflow Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21315 MEDIUM This Month

Memory disclosure in Adobe Audition 25.3 and earlier through an out-of-bounds read vulnerability allows attackers to access sensitive information from process memory when a user opens a specially crafted file. Exploitation requires user interaction and does not enable code execution or system availability impact. No patch is currently available for this vulnerability.

Buffer Overflow Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21314 MEDIUM This Month

Memory disclosure in Adobe Audition 25.3 and earlier stems from an out-of-bounds read flaw that could expose sensitive data from process memory. An attacker must trick a user into opening a specially crafted file to trigger the vulnerability, which requires no elevated privileges but offers no path to code execution or system availability impact.

Buffer Overflow Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21313 MEDIUM This Month

Out-of-bounds memory read in Adobe Audition 25.3 and earlier enables attackers to extract sensitive data from process memory when a user opens a specially crafted file. No patch is currently available for this vulnerability, which requires user interaction to trigger but poses a confirmed risk to confidentiality. Local attackers can exploit this to disclose information without requiring elevated privileges or additional user actions beyond opening the malicious file.

Buffer Overflow Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21261 MEDIUM PATCH This Month

Information disclosure in Microsoft Office Excel and related products results from an out-of-bounds read vulnerability that requires local access and user interaction to exploit. An attacker can leverage this flaw to read sensitive data from memory on an affected system. No patch is currently available for this vulnerability affecting Office Long Term Servicing Channel, 365 Apps, and Office Online Server.

Microsoft Office Long Term Servicing Channel 365 Apps Office Online Server Office +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21354 MEDIUM This Month

DNG SDK 1.7.1 (build 2410) and earlier contain an integer overflow vulnerability that causes application denial-of-service when processing malicious files. Local attackers can exploit this flaw by tricking users into opening a specially crafted file, resulting in application crashes or hangs. No patch is currently available.

Integer Overflow Denial Of Service Dng Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21358 MEDIUM This Month

InDesign versions 21.1, 20.5.1 and earlier contain a heap buffer overflow that enables local denial-of-service attacks when users open malicious files. An attacker can crash the application to disrupt workflow, though no patch is currently available. User interaction is required for exploitation.

Adobe Buffer Overflow Heap Overflow Denial Of Service Indesign
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21350 MEDIUM This Month

Adobe After Effects 25.6 and earlier suffers from a null pointer dereference that allows attackers to trigger application crashes by convincing users to open a specially crafted file. This local denial-of-service vulnerability requires user interaction but requires no special privileges, potentially disrupting creative workflows. No patch is currently available.

Null Pointer Dereference Denial Of Service After Effects
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21338 MEDIUM This Month

Substance 3D Designer 15.1.0 and earlier contains a null pointer dereference vulnerability that allows local attackers to crash the application by tricking users into opening malicious files. This denial-of-service attack requires user interaction but causes service disruption with no mitigation patch currently available.

Null Pointer Dereference Denial Of Service Substance 3d Designer
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21336 MEDIUM This Month

Denial-of-service in Adobe Substance 3D Designer version 15.1.0 and earlier stems from a null pointer dereference vulnerability that crashes the application when a user opens a malicious file. The attack requires no special privileges and relies solely on user interaction to trigger the crash. No patch is currently available for this vulnerability.

Null Pointer Dereference Denial Of Service Substance 3d Designer
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21316 MEDIUM This Month

Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.

Denial Of Service Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-32735 MEDIUM This Month

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. [CVSS 5.5 MEDIUM]

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-15313 MEDIUM This Month

Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS. [CVSS 5.5 MEDIUM]

Path Traversal Euss
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-70347 MEDIUM This Month

An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c. [CVSS 5.5 MEDIUM]

Denial Of Service
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-54192 MEDIUM This Month

An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c. [CVSS 5.5 MEDIUM]

Denial Of Service Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-12699 MEDIUM This Month

The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields (run number, incident, call sign, notes) are interpreted as HTML/JS when the app prints or renders that content. [CVSS 5.5 MEDIUM]

XSS iOS
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-26003 MEDIUM PATCH This Month

Unauthenticated access to the FastGPT plugin API endpoint (FastGPT/api/plugin/xxx) in versions 4.14.0 through 4.14.5 allows remote attackers to disrupt plugin functionality and cause loss of plugin installation state without authentication. The vulnerability affects the AI/ML platform's plugin system availability and integrity, though sensitive data such as cryptographic keys are not exposed. A patch is available in version 4.14.5-fix.

Denial Of Service AI / ML Fastgpt
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-2099 MEDIUM This Month

Authenticated attackers can inject malicious JavaScript into Flowring's AgentFlow platform that persists and executes in other users' browsers when they load affected pages, potentially compromising user sessions and data. This stored cross-site scripting vulnerability affects the AI/ML and Agentflow products and requires user interaction to trigger, though no patch is currently available.

XSS AI / ML Agentflow
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-25609 MEDIUM This Month

MongoDB's profile command fails to properly validate requests that modify the 'filter' parameter, incorrectly classifying write operations as read-only and bypassing authorization controls. An authenticated attacker could exploit this to modify database filters without proper access restrictions, potentially altering query behavior and data visibility. No patch is currently available.

Authentication Bypass MongoDB
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-14895 MEDIUM This Month

The PopupKit plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.0. This is due to the plugin not properly verifying that a user is authorized to access the /popup/logs REST API endpoint. [CVSS 5.4 MEDIUM]

WordPress Industrial PHP
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-32453 MEDIUM This Month

Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.0%
CVE-2025-32092 MEDIUM This Month

Graphics Software versions up to 25.30.1702.0 contains a vulnerability that allows attackers to an escalation of privilege (CVSS 6.7).

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.0%
CVE-2026-1722 MEDIUM This Month

Unauthenticated attackers can exploit an authorization bypass in the WCFM Marketplace plugin for WordPress (versions up to 3.7.0) to create arbitrary refund requests via the wcfm-refund-requests-form AJAX endpoint. This IDOR vulnerability allows unauthorized refund submissions for any order, potentially resulting in financial losses if automatic refund processing is enabled. No patch is currently available.

WordPress
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-24321 MEDIUM This Month

SAP Commerce Cloud contains unauthenticated API endpoints that expose sensitive information not intended for public access, enabling remote attackers to retrieve confidential data without authentication. The vulnerability has limited impact on confidentiality with no effect on system integrity or availability. No patch is currently available for affected Commerce Cloud deployments.

SAP Commerce Cloud
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1996 MEDIUM This Month

HP OfficeJet Pro printers running affected firmware versions are susceptible to denial of service attacks through malformed Internet Printing Protocol (IPP) requests that prevent proper TCP connection establishment. An unauthenticated remote attacker can trigger this condition to disrupt printer availability, though no patch is currently available to mitigate the vulnerability.

Denial Of Service M9l70a Firmware J6x77a Firmware T0g47a Firmware J6x76a Firmware +13
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-27535 MEDIUM This Month

Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before version NVM ver. [CVSS 5.3 MEDIUM]

Denial Of Service Intel Ethernet Controller
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-31944 MEDIUM This Month

Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. [CVSS 5.3 MEDIUM]

Denial Of Service Race Condition
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2024-52334 MEDIUM This Month

A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. [CVSS 5.3 MEDIUM]

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-25872 MEDIUM This Month

Unauthenticated path traversal in JUNG Smart Panel KNX firmware L1.12.22 and earlier allows remote attackers to read arbitrary files from the device's filesystem through the web interface. An attacker can leverage insufficient input validation to access sensitive system configuration and other confidential data without requiring authentication. No patch is currently available for this vulnerability.

Path Traversal
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1997 MEDIUM This Month

HP OfficeJet Pro printers (D9l18a, D9l20a, D9l21a, D9l63a firmware) are vulnerable to information disclosure through CORS misconfiguration when administrators enable the feature on the Embedded Web Server. An unauthenticated remote attacker can exploit this to access sensitive device resources from untrusted web origins. CORS remains disabled by default as a mitigation, but organizations that have explicitly enabled it should apply patches when available.

CSRF HP J3p68a Firmware J6x78a Firmware T0g56a Firmware +38
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-24312 MEDIUM This Month

SAP Business Workflow contains an authorization bypass that allows authenticated administrators to escalate privileges by misusing permissions from lower-sensitivity functions to perform unauthorized high-privilege operations. An attacker with admin credentials can exploit this flaw to compromise data integrity, though confidentiality and availability impacts are limited. No patch is currently available for this vulnerability.

SAP Privilege Escalation Sap Basis
NVD
CVSS 3.1
5.2
EPSS
0.0%
CVE-2026-0486 MEDIUM This Month

SAP Solution Tools Plug In fails to enforce authorization checks in remote-enabled ABAP function modules, allowing authenticated users to access and disclose sensitive system information. An attacker with valid credentials can query protected data without proper access controls, though system integrity and availability remain unaffected. No patch is currently available for this medium-severity vulnerability.

SAP Solution Tools Plug In
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-11537 MEDIUM PATCH This Month

A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. [CVSS 5.0 MEDIUM]

Information Disclosure Red Hat
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-24325 MEDIUM This Month

Stored XSS in SAP BusinessObjects Enterprise results from insufficient input encoding, allowing high-privileged administrators to inject malicious JavaScript that executes in other users' browsers. This vulnerability affects confidentiality and integrity with medium severity, though no patch is currently available. Exploitation requires administrative access and user interaction to trigger the malicious payload.

SAP XSS Businessobjects Enterprise
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-21517 MEDIUM PATCH This Month

Windows App for Mac is susceptible to privilege escalation through improper symbolic link resolution, enabling authenticated local attackers to bypass access controls and gain elevated privileges. The vulnerability stems from insufficient validation during file operations and requires low-level user privileges and specific system conditions to exploit. No patch is currently available.

Windows Windows App Microsoft
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-35992 MEDIUM This Month

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. [CVSS 4.7 MEDIUM]

Denial Of Service
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy