Skip to main content
CVE-2026-2441 HIGH POC KEV PATCH THREAT Act Now

Google Chrome's CSS engine contains a use-after-free vulnerability (CVE-2026-2441, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox through crafted HTML pages. KEV-listed with public PoC, this vulnerability enables drive-by exploitation when users visit malicious or compromised websites.

Google Use After Free Chrome Red Hat Suse
NVD GitHub VulDB Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
Threat
4.8
CVE-2026-25108 HIGH KEV THREAT Act Now

FileZen contains an OS command injection vulnerability (CVE-2026-25108, CVSS 8.8) that allows authenticated users to execute arbitrary commands when the Antivirus Check Option is enabled. KEV-listed with EPSS 18.6%, this vulnerability in the Japanese file-sharing appliance has been actively exploited in campaigns targeting organizations in Japan and Asia-Pacific.

Command Injection Filezen
NVD
CVSS 3.1
8.8
EPSS
18.6%
CVE-2026-26190 CRITICAL POC PATCH GHSA Act Now

Unauthenticated API access in Milvus vector database before 2.5.27/2.6.10. TCP port 9091 exposed by default without authentication. EPSS 0.32% with PoC and patch available.

Authentication Bypass AI / ML Milvus Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-26273 CRITICAL POC PATCH Act Now

Critical authentication bypass in Known social publishing platform 1.6.2 and earlier. Broken authentication allows unauthorized access. PoC and patch available.

Information Disclosure Known
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%
CVE-2025-70866 HIGH POC This Week

LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. An authenticated user with low-level privileges (User role) can directly access the admin backend by logging in through /admin/login. [CVSS 8.8 HIGH]

Authentication Bypass Lavalite
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-26264 HIGH POC PATCH This Week

Unauthenticated remote attackers can crash BACnet Stack prior to versions 1.5.0rc4 and 1.4.3rc2 by sending a malformed WriteProperty request that triggers an integer underflow during APDU decoding, resulting in an out-of-bounds memory read. Public exploit code exists for this vulnerability. The issue affects embedded systems running vulnerable versions of the BACnet protocol stack library.

Denial Of Service Bacnet Stack
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-25991 HIGH POC PATCH This Week

Tandoor Recipes prior to 2.5.1 contains a blind server-side request forgery vulnerability in the Cookmate recipe import feature that allows authenticated users to bypass URL validation after HTTP redirects, enabling attacks against internal networks and cloud metadata services. An attacker with standard user privileges can leverage this flaw to scan internal ports, access sensitive metadata, or discover the server's real IP address. Public exploit code exists for this vulnerability.

SSRF Recipes
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-70123 HIGH POC This Week

An improper input validation and protocol compliance vulnerability in free5GC v4.0.1 allows remote attackers to cause a denial of service. The UPF incorrectly accepts a malformed PFCP Association Setup Request, violating 3GPP TS 29.244. [CVSS 7.5 HIGH]

Denial Of Service Free5gc
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-70121 HIGH POC This Week

An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. [CVSS 7.5 HIGH]

Denial Of Service Free5gc
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-70122 HIGH POC This Week

A heap buffer overflow vulnerability in the UPF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted PFCP Session Modification Request. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service Free5gc
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21878 HIGH POC PATCH This Week

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. [CVSS 7.5 HIGH]

Path Traversal Bacnet Stack
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-70093 HIGH POC This Week

An issue in OpenSourcePOS v3.4.1 allows attackers to execute arbitrary code via returning a crafted AJAX response. [CVSS 7.4 HIGH]

Command Injection RCE Open Source Point Of Sale
NVD GitHub
CVSS 3.1
7.4
EPSS
0.1%
CVE-2025-70095 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. [CVSS 6.5 MEDIUM]

XSS Open Source Point Of Sale
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-70091 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in the Customers function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Phone Number parameter. [CVSS 6.5 MEDIUM]

XSS Open Source Point Of Sale
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-70094 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter. [CVSS 6.5 MEDIUM]

XSS Open Source Point Of Sale
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-69770 CRITICAL Act Now

Zip slip to RCE in MojoPortal CMS v2.9.0.1 via /DesignTools/SkinList.aspx. Malicious ZIP archives write files outside extraction directory, enabling code execution. CVSS 10.0.

Path Traversal
NVD GitHub
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-26333 CRITICAL Act Now

Unauthenticated .NET Remoting endpoint in Calero VeraSMART before 2022 R1. TCP port 8001 exposes default Object URIs enabling deserialization attacks. EPSS 0.17%.

IIS .NET RCE Verasmart
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-26335 CRITICAL POC Act Now

Static ASP.NET machineKey in Calero VeraSMART before 2022 R1. Hardcoded key enables ViewState deserialization attacks and cookie forgery.

IIS .NET RCE Deserialization Verasmart
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69633 CRITICAL Act Now

SQL injection in Advanced Popup Creator PrestaShop module 1.1.26-1.2.6. Fixed in 1.2.7.

PHP SQLi
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-23112 CRITICAL PATCH CISA Act Now

Linux kernel NVMe-oF TCP transport lacks proper bounds checking in PDU processing, allowing a local attacker with low privileges to trigger a kernel panic by crafting malicious PDU parameters that exceed scatter-gather list boundaries. The vulnerability enables denial of service through GPF/KASAN errors when invalid memory offsets are dereferenced during data copy operations. No patch is currently available for affected systems.

Linux Memory Corruption Buffer Overflow
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-23111 HIGH PATCH CISA Act Now

A use-after-free vulnerability in the Linux kernel's netfilter nf_tables module allows local attackers with unprivileged access to cause memory corruption and denial of service through an inverted logic check in catchall map element activation during failed transactions. The flaw occurs in nft_map_catchall_activate() which incorrectly processes already-active elements instead of inactive ones, potentially leading to privilege escalation or system crash. No patch is currently available.

Linux Use After Free Privilege Escalation Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26221 CRITICAL Act Now

Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service (Hyland.Core.Workflow.NTService.exe).

RCE Deserialization
NVD
CVSS 4.0
9.3
EPSS
1.3%
CVE-2026-21870 MEDIUM POC PATCH This Month

The BACnet Protocol Stack library versions 1.4.2 and earlier contain an off-by-one buffer overflow in the ubasic interpreter's string tokenizer that crashes the application when processing oversized string literals. Public exploit code exists for this vulnerability, which affects any system running vulnerable versions of the BACnet Stack or Stack Overflow products. An attacker with local access and user interaction can trigger a denial of service condition through a specially crafted input string.

Buffer Overflow Stack Overflow Denial Of Service Bacnet Stack
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25964 MEDIUM POC PATCH This Month

Path traversal in Tandoor Recipes prior to 2.5.1 allows authenticated users with import permissions to read arbitrary files from the server by manipulating file paths during recipe import operations. An attacker could access sensitive system files like /etc/passwd or application configuration files, potentially leading to full system compromise. Public exploit code exists for this vulnerability.

Path Traversal Recipes
NVD GitHub
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-1618 HIGH This Week

Flexcity versions before 1.0.36 contain an authentication bypass vulnerability that allows authenticated users to escalate their privileges through an alternate access path. An attacker with valid credentials can exploit this flaw to gain unauthorized elevated access to the system. No patch is currently available.

Privilege Escalation Authentication Bypass Flexcity
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-14349 HIGH This Week

Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36. [CVSS 8.8 HIGH]

Privilege Escalation Authentication Bypass Flexcity
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-15157 HIGH This Week

The Starfish Review Generation & Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'srm_restore_options_defaults' function in all versions up to, and including, 3.1.19. [CVSS 8.8 HIGH]

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-1619 HIGH This Week

Flexcity versions up to 1.0.36. is affected by authorization bypass through user-controlled key (CVSS 8.3).

Authentication Bypass Flexcity
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-25531 MEDIUM POC PATCH This Month

Kanboard versions prior to 1.2.50 allow authenticated users to duplicate tasks into projects they lack access permissions for due to insufficient validation in the TaskCreationController endpoint. This privilege escalation vulnerability enables users to move sensitive tasks across project boundaries they should not be able to access. Public exploit code exists for this incomplete fix of a prior authorization bypass vulnerability.

Authentication Bypass Kanboard
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-1924 HIGH This Week

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed. [CVSS 8.2 HIGH]

Denial Of Service Vnet Ip Interface Package
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-26187 HIGH PATCH This Week

Authenticated users in lakeFS prior to version 1.77.0 can exploit path traversal vulnerabilities in the local block adapter to read and write files outside their intended storage boundaries by bypassing insufficient prefix validation checks. An attacker with valid credentials can manipulate object identifiers and path sequences to access sibling directories and storage namespaces they should not have access to. A patch is available in version 1.77.0 and later.

Path Traversal Lakefs Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-24853 HIGH This Week

Caido versions prior to 0.55.0 can be bypassed using a crafted X-Forwarded-Host header to circumvent domain whitelist restrictions, allowing unauthenticated remote attackers to reach non-whitelisted domains through port 8080. This vulnerability affects all users of the web security auditing toolkit and could enable attackers to exfiltrate data or attack internal systems. No patch is currently available for affected versions.

Authentication Bypass Caido
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-26268 HIGH This Week

Cursor versions before 2.5 allow sandbox escape through improper .git configuration file protections, enabling malicious prompts or agents to write git hooks that execute arbitrary code when git commands are triggered. An attacker can achieve remote code execution without user interaction since git automatically executes these hooks, potentially compromising systems where Cursor is used for AI-assisted development. A patch is available in version 2.5.

RCE AI / ML Cursor
NVD GitHub
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-26208 HIGH This Week

ADB Explorer on Windows versions prior to Beta 0.9.26020 allows local attackers to achieve remote code execution by crafting a malicious App.txt settings file that exploits insecure JSON deserialization with enabled type name handling. An attacker can inject a gadget chain payload into the configuration file that executes arbitrary code when the application launches and processes settings. No patch is currently available for affected versions.

Windows RCE Deserialization
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2026-26334 HIGH This Week

Local privilege escalation in Calero VeraSMART versions before 2026 R1 stems from hardcoded AES encryption keys embedded in Veramark.Framework.dll that protect service account credentials stored in app.settings. An attacker with local system access can extract these static keys, decrypt the stored passwords, and use the recovered credentials to authenticate as the service account, potentially gaining elevated privileges depending on that account's permissions. No patch is currently available for this vulnerability.

Windows Privilege Escalation Verasmart
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-9293 HIGH This Week

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication.

Information Disclosure Aginet Deco Festa Kasa +10
NVD
CVSS 4.0
7.7
EPSS
0.0%
CVE-2025-70956 HIGH This Week

A State Pollution vulnerability was discovered in the TON Virtual Machine (TVM) before v2025.04. The issue exists in the RUNVM instruction logic (VmState::run_child_vm), which is responsible for initializing child virtual machines. [CVSS 7.5 HIGH]

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-70957 HIGH This Week

A Denial of Service (DoS) vulnerability was discovered in the TON Lite Server before v2024.09. [CVSS 7.5 HIGH]

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-70954 HIGH This Week

A Null Pointer Dereference vulnerability exists in the TON Virtual Machine (TVM) within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. [CVSS 7.5 HIGH]

Null Pointer Dereference Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-70955 HIGH This Week

A Stack Overflow vulnerability was discovered in the TON Virtual Machine (TVM) before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. [CVSS 7.5 HIGH]

Stack Overflow Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-40905 HIGH This Week

WWW::OAuth 1.000 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. [CVSS 7.3 HIGH]

Information Disclosure Www
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-33042 HIGH PATCH This Week

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. [CVSS 7.3 HIGH]

Apache Java Code Injection Avro Red Hat
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-1841 HIGH This Week

Stored XSS in the PixelYourSite WordPress plugin through versions 11.2.0 allows unauthenticated attackers to inject malicious scripts via the 'pysTrafficSource' and 'pys_landing_page' parameters due to inadequate input sanitization and output escaping. When users visit pages containing injected payloads, the scripts execute in their browsers, potentially compromising sessions and stealing sensitive data. No patch is currently available, leaving all affected installations vulnerable.

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-1844 HIGH This Week

Stored XSS in WordPress PixelYourSite PRO plugin versions up to 12.4.0.2 allows unauthenticated attackers to inject malicious scripts through the 'pysTrafficSource' and 'pys_landing_page' parameters due to insufficient input validation and output encoding. When site visitors access pages containing injected payloads, the malicious scripts execute in their browsers, potentially enabling session hijacking, credential theft, or malware distribution. No patch is currently available for this vulnerability.

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-48023 MEDIUM This Month

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. [CVSS 6.5 MEDIUM]

Denial Of Service Vnet Ip Interface Package
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-48022 MEDIUM This Month

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. [CVSS 6.5 MEDIUM]

Information Disclosure Vnet Ip Interface Package
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-48021 MEDIUM This Month

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. [CVSS 6.5 MEDIUM]

Integer Overflow Vnet Ip Interface Package
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-48020 MEDIUM This Month

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. [CVSS 6.5 MEDIUM]

Denial Of Service Vnet Ip Interface Package
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-48019 MEDIUM This Month

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. [CVSS 6.5 MEDIUM]

Denial Of Service Vnet Ip Interface Package
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-66676 MEDIUM This Month

An issue in IObit Unlocker v1.3.0.11 allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 6.2 MEDIUM]

Denial Of Service Iobit Unlocker
NVD GitHub VulDB
CVSS 3.1
6.2
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy