Skip to main content
CVE-2026-21317 MEDIUM This Month

Adobe Audition versions 25.3 and earlier contain an out-of-bounds read vulnerability that exposes sensitive data from application memory when a user opens a crafted file. This local attack requires user interaction but carries no patch availability, leaving affected users vulnerable to information disclosure. The vulnerability affects confidentiality with medium severity (CVSS 5.5) and currently has no evidence of active exploitation.

Buffer Overflow Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21315 MEDIUM This Month

Memory disclosure in Adobe Audition 25.3 and earlier through an out-of-bounds read vulnerability allows attackers to access sensitive information from process memory when a user opens a specially crafted file. Exploitation requires user interaction and does not enable code execution or system availability impact. No patch is currently available for this vulnerability.

Buffer Overflow Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21314 MEDIUM This Month

Memory disclosure in Adobe Audition 25.3 and earlier stems from an out-of-bounds read flaw that could expose sensitive data from process memory. An attacker must trick a user into opening a specially crafted file to trigger the vulnerability, which requires no elevated privileges but offers no path to code execution or system availability impact.

Buffer Overflow Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21313 MEDIUM This Month

Out-of-bounds memory read in Adobe Audition 25.3 and earlier enables attackers to extract sensitive data from process memory when a user opens a specially crafted file. No patch is currently available for this vulnerability, which requires user interaction to trigger but poses a confirmed risk to confidentiality. Local attackers can exploit this to disclose information without requiring elevated privileges or additional user actions beyond opening the malicious file.

Buffer Overflow Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21261 MEDIUM PATCH This Month

Information disclosure in Microsoft Office Excel and related products results from an out-of-bounds read vulnerability that requires local access and user interaction to exploit. An attacker can leverage this flaw to read sensitive data from memory on an affected system. No patch is currently available for this vulnerability affecting Office Long Term Servicing Channel, 365 Apps, and Office Online Server.

Microsoft Office Long Term Servicing Channel 365 Apps Office Online Server Office +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21354 MEDIUM This Month

DNG SDK 1.7.1 (build 2410) and earlier contain an integer overflow vulnerability that causes application denial-of-service when processing malicious files. Local attackers can exploit this flaw by tricking users into opening a specially crafted file, resulting in application crashes or hangs. No patch is currently available.

Integer Overflow Denial Of Service Dng Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21358 MEDIUM This Month

InDesign versions 21.1, 20.5.1 and earlier contain a heap buffer overflow that enables local denial-of-service attacks when users open malicious files. An attacker can crash the application to disrupt workflow, though no patch is currently available. User interaction is required for exploitation.

Adobe Buffer Overflow Heap Overflow Denial Of Service Indesign
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21350 MEDIUM This Month

Adobe After Effects 25.6 and earlier suffers from a null pointer dereference that allows attackers to trigger application crashes by convincing users to open a specially crafted file. This local denial-of-service vulnerability requires user interaction but requires no special privileges, potentially disrupting creative workflows. No patch is currently available.

Null Pointer Dereference Denial Of Service After Effects
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21338 MEDIUM This Month

Substance 3D Designer 15.1.0 and earlier contains a null pointer dereference vulnerability that allows local attackers to crash the application by tricking users into opening malicious files. This denial-of-service attack requires user interaction but causes service disruption with no mitigation patch currently available.

Null Pointer Dereference Denial Of Service Substance 3d Designer
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21336 MEDIUM This Month

Denial-of-service in Adobe Substance 3D Designer version 15.1.0 and earlier stems from a null pointer dereference vulnerability that crashes the application when a user opens a malicious file. The attack requires no special privileges and relies solely on user interaction to trigger the crash. No patch is currently available for this vulnerability.

Null Pointer Dereference Denial Of Service Substance 3d Designer
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21316 MEDIUM This Month

Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.

Denial Of Service Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-32735 MEDIUM This Month

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. [CVSS 5.5 MEDIUM]

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-15313 MEDIUM This Month

Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS. [CVSS 5.5 MEDIUM]

Path Traversal Euss
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-70347 MEDIUM This Month

An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c. [CVSS 5.5 MEDIUM]

Denial Of Service
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-54192 MEDIUM This Month

An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c. [CVSS 5.5 MEDIUM]

Denial Of Service Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-12699 MEDIUM This Month

The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields (run number, incident, call sign, notes) are interpreted as HTML/JS when the app prints or renders that content. [CVSS 5.5 MEDIUM]

XSS iOS
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-26003 MEDIUM PATCH This Month

Unauthenticated access to the FastGPT plugin API endpoint (FastGPT/api/plugin/xxx) in versions 4.14.0 through 4.14.5 allows remote attackers to disrupt plugin functionality and cause loss of plugin installation state without authentication. The vulnerability affects the AI/ML platform's plugin system availability and integrity, though sensitive data such as cryptographic keys are not exposed. A patch is available in version 4.14.5-fix.

Denial Of Service AI / ML Fastgpt
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-2099 MEDIUM This Month

Authenticated attackers can inject malicious JavaScript into Flowring's AgentFlow platform that persists and executes in other users' browsers when they load affected pages, potentially compromising user sessions and data. This stored cross-site scripting vulnerability affects the AI/ML and Agentflow products and requires user interaction to trigger, though no patch is currently available.

XSS AI / ML Agentflow
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-25609 MEDIUM This Month

MongoDB's profile command fails to properly validate requests that modify the 'filter' parameter, incorrectly classifying write operations as read-only and bypassing authorization controls. An authenticated attacker could exploit this to modify database filters without proper access restrictions, potentially altering query behavior and data visibility. No patch is currently available.

Authentication Bypass MongoDB
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-14895 MEDIUM This Month

The PopupKit plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.0. This is due to the plugin not properly verifying that a user is authorized to access the /popup/logs REST API endpoint. [CVSS 5.4 MEDIUM]

WordPress Industrial PHP
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-32453 MEDIUM This Month

Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.0%
CVE-2025-32092 MEDIUM This Month

Graphics Software versions up to 25.30.1702.0 contains a vulnerability that allows attackers to an escalation of privilege (CVSS 6.7).

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.0%
CVE-2026-1722 MEDIUM This Month

Unauthenticated attackers can exploit an authorization bypass in the WCFM Marketplace plugin for WordPress (versions up to 3.7.0) to create arbitrary refund requests via the wcfm-refund-requests-form AJAX endpoint. This IDOR vulnerability allows unauthorized refund submissions for any order, potentially resulting in financial losses if automatic refund processing is enabled. No patch is currently available.

WordPress
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-24321 MEDIUM This Month

SAP Commerce Cloud contains unauthenticated API endpoints that expose sensitive information not intended for public access, enabling remote attackers to retrieve confidential data without authentication. The vulnerability has limited impact on confidentiality with no effect on system integrity or availability. No patch is currently available for affected Commerce Cloud deployments.

SAP Commerce Cloud
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1996 MEDIUM This Month

HP OfficeJet Pro printers running affected firmware versions are susceptible to denial of service attacks through malformed Internet Printing Protocol (IPP) requests that prevent proper TCP connection establishment. An unauthenticated remote attacker can trigger this condition to disrupt printer availability, though no patch is currently available to mitigate the vulnerability.

Denial Of Service M9l70a Firmware J6x77a Firmware T0g47a Firmware J6x76a Firmware +13
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-27535 MEDIUM This Month

Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before version NVM ver. [CVSS 5.3 MEDIUM]

Denial Of Service Intel Ethernet Controller
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-31944 MEDIUM This Month

Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. [CVSS 5.3 MEDIUM]

Denial Of Service Race Condition
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2024-52334 MEDIUM This Month

A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. [CVSS 5.3 MEDIUM]

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-25872 MEDIUM This Month

Unauthenticated path traversal in JUNG Smart Panel KNX firmware L1.12.22 and earlier allows remote attackers to read arbitrary files from the device's filesystem through the web interface. An attacker can leverage insufficient input validation to access sensitive system configuration and other confidential data without requiring authentication. No patch is currently available for this vulnerability.

Path Traversal
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1997 MEDIUM This Month

HP OfficeJet Pro printers (D9l18a, D9l20a, D9l21a, D9l63a firmware) are vulnerable to information disclosure through CORS misconfiguration when administrators enable the feature on the Embedded Web Server. An unauthenticated remote attacker can exploit this to access sensitive device resources from untrusted web origins. CORS remains disabled by default as a mitigation, but organizations that have explicitly enabled it should apply patches when available.

CSRF HP J3p68a Firmware J6x78a Firmware T0g56a Firmware +38
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-24312 MEDIUM This Month

SAP Business Workflow contains an authorization bypass that allows authenticated administrators to escalate privileges by misusing permissions from lower-sensitivity functions to perform unauthorized high-privilege operations. An attacker with admin credentials can exploit this flaw to compromise data integrity, though confidentiality and availability impacts are limited. No patch is currently available for this vulnerability.

SAP Privilege Escalation Sap Basis
NVD
CVSS 3.1
5.2
EPSS
0.0%
CVE-2026-0486 MEDIUM This Month

SAP Solution Tools Plug In fails to enforce authorization checks in remote-enabled ABAP function modules, allowing authenticated users to access and disclose sensitive system information. An attacker with valid credentials can query protected data without proper access controls, though system integrity and availability remain unaffected. No patch is currently available for this medium-severity vulnerability.

SAP Solution Tools Plug In
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-11537 MEDIUM PATCH This Month

A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. [CVSS 5.0 MEDIUM]

Information Disclosure Red Hat
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-24325 MEDIUM This Month

Stored XSS in SAP BusinessObjects Enterprise results from insufficient input encoding, allowing high-privileged administrators to inject malicious JavaScript that executes in other users' browsers. This vulnerability affects confidentiality and integrity with medium severity, though no patch is currently available. Exploitation requires administrative access and user interaction to trigger the malicious payload.

SAP XSS Businessobjects Enterprise
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-21517 MEDIUM PATCH This Month

Windows App for Mac is susceptible to privilege escalation through improper symbolic link resolution, enabling authenticated local attackers to bypass access controls and gain elevated privileges. The vulnerability stems from insufficient validation during file operations and requires low-level user privileges and specific system conditions to exploit. No patch is currently available.

Windows Windows App Microsoft
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-35992 MEDIUM This Month

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. [CVSS 4.7 MEDIUM]

Denial Of Service
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-22885 MEDIUM This Month

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. [CVSS 4.7 MEDIUM]

Privilege Escalation
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-1763 MEDIUM This Month

GE Vernova Enervista UR Setup version 8.6 and earlier on Windows contains a vulnerability allowing high-privileged local attackers to modify system integrity without user interaction. An attacker with administrative privileges could exploit this flaw to alter critical configuration or data, though no patch is currently available.

Windows
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2025-12757 MEDIUM This Month

An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to. [CVSS 4.6 MEDIUM]

Path Traversal Camera Station Pro
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2025-13064 MEDIUM This Month

A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with. [CVSS 4.5 MEDIUM]

Code Injection Camera Station Pro
NVD
CVSS 3.1
4.5
EPSS
0.0%
CVE-2026-23685 MEDIUM This Month

Denial of service in SAP NetWeaver's JMS service stems from unsafe deserialization of malicious objects, allowing authenticated administrators with local access to crash the application. The vulnerability requires high privileges and local access but carries no risk to confidentiality or integrity. No patch is currently available.

SAP Denial Of Service Deserialization Netweaver
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2025-32007 MEDIUM This Month

Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. [CVSS 4.4 MEDIUM]

Information Disclosure
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-23688 MEDIUM This Month

Insufficient authorization checks in SAP Fiori App Manage Service Entry Sheets allow authenticated users to escalate privileges and modify data they should not have access to. The vulnerability affects SAP S/4HANA Core installations and requires user authentication to exploit, limiting the immediate risk but potentially enabling insider threats or account compromise scenarios.

SAP Privilege Escalation S4core
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-23681 MEDIUM This Month

Authenticated users of SAP Solution Tools Plug-In can bypass authorization checks to invoke function modules and extract sensitive system configuration details without proper access controls. This information disclosure could enable attackers to gather intelligence for planning targeted follow-up attacks, though the vulnerability carries low confidentiality impact with no effect on system integrity or availability. Currently no patch is available.

SAP Solution Tools Plug In
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-24327 MEDIUM This Month

Insufficient authorization validation in SAP Strategic Enterprise Management's Balanced Scorecard component allows authenticated users to view restricted information they should not have access to. This authenticated-only vulnerability has low confidentiality impact and requires no user interaction, affecting organizations running affected SAP SEM instances. Currently no patch is available to remediate this authorization bypass.

SAP Strategic Enterprise Management
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-24326 MEDIUM This Month

Unauthorized database modifications in SAP S/4HANA Defense & Security occur due to missing authorization checks in Disconnected Operations, allowing authenticated users to invoke remote-enabled function modules and directly alter standard SAP database tables. The vulnerability has limited impact, affecting only data integrity without compromising confidentiality or system availability. No patch is currently available.

SAP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-15147 MEDIUM This Month

WooCommerce Memberships for Multivendor Marketplace versions up to 2.11.8 is affected by authorization bypass through user-controlled key (CVSS 4.3).

WordPress PHP
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-27572 MEDIUM This Month

Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. [CVSS 4.1 MEDIUM]

Information Disclosure
NVD VulDB
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-32467 MEDIUM This Month

Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. [CVSS 4.1 MEDIUM]

Information Disclosure
NVD VulDB
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-27940 MEDIUM This Month

Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. [CVSS 4.1 MEDIUM]

Information Disclosure
NVD VulDB
CVSS 3.1
4.1
EPSS
0.0%
Prev Page 5 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy