Skip to main content
CVE-2026-1296 MEDIUM POC This Month

Frontend Post Submission Manager Lite (WordPress plugin) versions up to 1.2.7 is affected by url redirection to untrusted site (open redirect) (CVSS 6.1).

WordPress Open Redirect
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-27176 MEDIUM POC This Month

Reflected XSS in MajorDoMo's command.php allows remote attackers to inject arbitrary JavaScript through an unsanitized qry parameter, affecting users who click malicious links. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP XSS Majordomo
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-1435 CRITICAL Act Now

Improper session invalidation in Graylog Web Interface 2.2.3 allows attackers to maintain access through expired sessions, potentially enabling persistent unauthorized access to log management systems.

Authentication Bypass Graylog
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-24745 MEDIUM POC PATCH This Month

Stored XSS via SVG file upload in InvoicePlane 1.7.0 Login Logo functionality allows authenticated administrators to inject persistent malicious scripts, potentially compromising application integrity and enabling unauthorized data modification. Public exploit code exists for this vulnerability, which requires high-level privileges but can lead to persistent backdoors and full application compromise. InvoicePlane 1.7.1 addresses this issue.

Golang XSS Invoiceplane
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-24744 MEDIUM POC PATCH This Month

Stored XSS in InvoicePlane 1.7.0's invoice editing function fails to sanitize the invoice_number parameter, allowing authenticated administrators to inject malicious scripts that persist in the application. Public exploit code exists for this vulnerability, enabling attackers with admin access to modify data, create backdoors, and compromise application integrity. Version 1.7.1 addresses this issue.

XSS Invoiceplane
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-24743 MEDIUM POC PATCH This Month

Stored XSS in InvoicePlane 1.7.0 via malicious SVG file upload in the Invoice Logo function allows authenticated administrators to inject persistent malicious scripts and compromise application integrity. Public exploit code exists for this vulnerability. Version 1.7.1 contains the patch.

Golang XSS Invoiceplane
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-24746 MEDIUM POC PATCH This Month

Stored XSS in InvoicePlane 1.7.0's Edit Quotes function allows authenticated administrators to inject malicious scripts via the unvalidated quote_number parameter, enabling persistent code execution and data manipulation. Public exploit code exists for this vulnerability, which could lead to unauthorized modification of invoices, creation of backdoors, and complete compromise of application integrity. Version 1.7.1 addresses this flaw.

XSS Invoiceplane
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-2669 MEDIUM POC This Month

Visual Integrated Command And Dispatch Platform versions up to 20260206. contains a security vulnerability (CVSS 6.5).

Information Disclosure Visual Integrated Command And Dispatch Platform
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-2668 MEDIUM POC This Month

Visual Integrated Command And Dispatch Platform versions up to 20260206. contains a security vulnerability (CVSS 7.3).

Information Disclosure Visual Integrated Command And Dispatch Platform
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2019-25400 MEDIUM POC This Month

IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the fwhosts.cgi script that allow attackers to inject malicious scripts through multiple parameters including HOSTNAME, IP, SUBNET, NETREMARK, HOSTREMARK, newhost, grp_name, remark, SRV_NAME, SRV_PORT, SRVGRP_NAME, SRVGRP_REMARK, and updatesrvgrp. [CVSS 5.4 MEDIUM]

XSS Ipfire
NVD Exploit-DB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-25500 MEDIUM POC PATCH This Month

Rack's Directory module fails to sanitize filenames when generating HTML directory listings, allowing attackers to craft files with javascript: scheme names that execute arbitrary code when clicked. Authenticated users or those with access to directories containing maliciously named files can trigger stored XSS attacks affecting other users viewing the directory index. Public exploit code exists for versions prior to 2.2.22, 3.1.20, and 3.2.5.

Ruby Rack Red Hat Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2667 MEDIUM POC This Month

Visual Integrated Command And Dispatch Platform versions up to 20260206. contains a security vulnerability (CVSS 5.3).

Information Disclosure Visual Integrated Command And Dispatch Platform
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-0573 CRITICAL Act Now

URL redirection vulnerability in GitHub Enterprise Server allows attacker-controlled redirects through crafted URLs, potentially enabling credential theft via phishing.

Github RCE Enterprise Server
NVD GitHub
CVSS 3.1
9.0
EPSS
0.1%
CVE-2026-1426 HIGH This Week

PHP Object Injection in the Advanced AJAX Product Filters plugin for WordPress (versions up to 3.1.9.6) allows authenticated authors and above to deserialize malicious objects through the Live Composer compatibility layer. While the plugin itself lacks a gadget chain for exploitation, the vulnerability can enable arbitrary file deletion, data theft, or remote code execution if a POP chain exists in installed themes or plugins. No patch is currently available, and exploitation requires valid WordPress user credentials.

WordPress PHP Deserialization
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2648 HIGH PATCH This Week

Google Chrome's PDFium library contains a heap buffer overflow vulnerability that enables remote attackers to execute arbitrary code or corrupt memory by opening specially crafted PDF files, affecting all users without requiring authentication or special user interaction. The vulnerability impacts Chrome versions prior to 145.0.7632.109 with a high CVSS score of 8.8, though no patch is currently available. An attacker can exploit this to achieve complete compromise of the affected system including confidentiality, integrity, and availability of data.

Buffer Overflow Chrome Google Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-23230 HIGH PATCH CISA This Week

Linux kernel SMB client denial of service vulnerability caused by concurrent bitfield updates in the cached_fid structure that can corrupt flag states through read-modify-write races. A local attacker with standard privileges can trigger this race condition to cause availability disruptions by forcing inconsistent flag states in cached file handle management. No patch is currently available for this medium-severity issue.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2649 HIGH PATCH This Week

Heap corruption in Google Chrome's V8 engine prior to version 145.0.7632.109 can be triggered through integer overflow vulnerabilities when processing malicious HTML pages. An unauthenticated attacker can exploit this by tricking users into visiting a crafted webpage, potentially achieving arbitrary code execution with high impact to confidentiality, integrity, and availability. No patch is currently available for this vulnerability.

Google Integer Overflow Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2650 HIGH PATCH This Week

Google Chrome versions before 145.0.7632.109 contain a heap buffer overflow in the Media component that can be triggered by a remote attacker through a specially crafted HTML page, potentially leading to heap corruption and arbitrary code execution. The vulnerability requires user interaction to exploit and affects all Chrome users who encounter a malicious webpage. No patch is currently available for this high-severity issue.

Google Buffer Overflow Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23226 HIGH PATCH This Week

The Linux kernel ksmbd subsystem contains a use-after-free vulnerability in multi-channel session handling due to missing synchronization on the ksmbd_chann_list xarray, allowing a local attacker with user privileges to cause memory corruption and potentially execute arbitrary code. The vulnerability affects the channel lookup and deletion operations between multiple concurrent sessions. A patch is available to add proper locking mechanisms to protect xarray access.

Linux Use After Free Memory Corruption Information Disclosure Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25596 MEDIUM POC PATCH This Month

InvoicePlane 1.7.0 contains a stored XSS vulnerability in the Product Unit Name field that allows authenticated administrators to inject malicious scripts executed when other admins view affected invoices. Public exploit code exists for this vulnerability, though exploitation requires high-privilege administrator access and user interaction. Version 1.7.1 resolves the issue.

XSS Invoiceplane
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25595 MEDIUM POC PATCH This Month

InvoicePlane 1.7.0 contains a stored XSS vulnerability in the Invoice Number field that allows authenticated administrators to inject malicious JavaScript executing in other administrators' browsers when viewing invoices or the dashboard. Public exploit code exists for this vulnerability, which has a CVSS score of 4.8 and can result in data theft or unauthorized actions within the application. A patch is available in version 1.7.1.

XSS Invoiceplane
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25594 MEDIUM POC PATCH This Month

InvoicePlane 1.7.0 contains a stored XSS vulnerability in the Family Name field that executes malicious scripts in administrators' browsers when they access the product form. An authenticated administrator can inject payloads via the family dropdown to compromise other admin sessions. Public exploit code exists for this vulnerability, though a patch is available in version 1.7.1.

XSS Invoiceplane
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-1277 MEDIUM POC This Month

URL Shortify (WordPress plugin) versions up to 1.12.1 is affected by url redirection to untrusted site (open redirect) (CVSS 4.7).

WordPress Open Redirect
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-1714 HIGH This Week

Unauthenticated attackers can abuse the ShopLentor plugin for WordPress (versions up to 3.3.2) to send arbitrary emails through affected websites due to insufficient input validation in an AJAX endpoint, allowing them to conduct spam and phishing campaigns with full control over recipient addresses, subject lines, and message content. The vulnerability requires no user interaction and affects all installations of the vulnerable plugin. No patch is currently available.

WordPress
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2026-27182 HIGH This Week

Saturn Remote Mouse Server on local networks is vulnerable to unauthenticated command injection through specially crafted UDP JSON packets sent to port 27000, enabling attackers to execute arbitrary code with service account privileges. Affected systems lack input validation on command parameters, allowing network-adjacent threat actors to achieve remote code execution without authentication. No patch is currently available for this high-severity vulnerability.

RCE Command Injection
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2026-26281 MEDIUM POC PATCH This Month

Stored XSS in InvoicePlane's Sumex invoice view enables authenticated users with invoice management privileges to inject malicious JavaScript that executes in other users' browsers, potentially compromising sessions and enabling data theft. Public exploit code exists for this vulnerability. Version 1.7.1 and later contain the fix.

XSS Invoiceplane
NVD GitHub
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-24708 HIGH This Week

OpenStack Nova compute nodes using the Flat image backend can have their host data destroyed when an authenticated user crafts a malicious QCOW header on a disk image and triggers a resize operation, causing qemu-img to execute without format restrictions. Affected versions include Nova before 30.2.2, 31.x before 31.2.1, and 32.x before 32.1.1, with no patch currently available. This vulnerability requires low privileges and user interaction but impacts the integrity and availability of the host system across trust boundaries.

Information Disclosure
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-33245 HIGH PATCH This Week

NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 8.0 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
8.0
EPSS
0.3%
CVE-2026-27099 HIGH PATCH This Week

Jenkins versions 2.483-2.550 and LTS 2.492.1-2.541.1 contain a stored XSS vulnerability in the agent offline cause description field that fails to properly sanitize user input. Attackers with Agent/Configure or Agent/Disconnect permissions can inject malicious scripts that execute in the browsers of other users viewing the affected agent configuration. No patch is currently available for this vulnerability.

Jenkins XSS Red Hat
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-33243 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33252 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33241 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33251 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-33250 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-33253 HIGH PATCH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-60038 HIGH This Week

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. [CVSS 7.8 HIGH]

RCE Deserialization Rexroth Indraworks
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-60037 HIGH This Week

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. [CVSS 7.8 HIGH]

RCE Deserialization Rexroth Indraworks
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-60036 HIGH This Week

A vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. [CVSS 7.8 HIGH]

RCE Deserialization Rexroth Ua.Testclient Rexroth Indraworks
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-60035 HIGH This Week

A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. [CVSS 7.8 HIGH]

RCE Deserialization Rexroth Indraworks
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-33246 HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. [CVSS 7.8 HIGH]

Privilege Escalation Command Injection Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23222 HIGH PATCH CISA This Week

Memory allocation errors in the Linux kernel's OMAP crypto driver cause scatterlist objects to be undersized by 4x, enabling local authenticated attackers to trigger denial of service conditions through memory corruption. An attacker with local access and user-level privileges can exploit this miscalculation to crash the system or cause unpredictable kernel behavior. No patch is currently available for this vulnerability.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23221 HIGH PATCH This Week

The Linux kernel's fsl-mc bus driver contains a use-after-free vulnerability in the driver_override_show() function that reads device configuration without proper locking, allowing a local privileged user to trigger memory corruption by concurrently modifying the same data. This vulnerability affects Linux systems running vulnerable kernel versions and could enable local denial of service or potential privilege escalation through heap memory manipulation. No patch is currently available for this issue.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23216 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's iSCSI target implementation allows local attackers with low privileges to cause memory corruption and potential denial of service by exploiting a race condition in the connection usage counting mechanism. The flaw occurs when a spinlock is released after calling complete(), allowing a waiting thread to free the connection structure before the current thread finishes its unlock operation. No patch is currently available for this vulnerability.

Linux Use After Free Memory Corruption Information Disclosure Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0875 HIGH This Week

Out-of-bounds write in Autodesk shared components allows local attackers to execute arbitrary code, corrupt data, or crash the application by crafting a malicious MODEL file. The vulnerability requires user interaction to parse the malicious file and affects multiple Autodesk products with no patch currently available.

Denial Of Service Shared Components
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0874 HIGH This Week

Out-of-bounds write in Autodesk products' CATPART file parser enables local attackers to achieve arbitrary code execution, crash the application, or corrupt data when a user opens a malicious file. The vulnerability requires user interaction and affects shared components across multiple Autodesk products. No patch is currently available.

Denial Of Service Shared Components
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-61982 HIGH This Week

An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A specially crafted OpenFOAM simulation file can lead to arbitrary code execution. [CVSS 7.8 HIGH]

RCE Code Injection
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23225 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code.

Linux Information Disclosure Red Hat Suse
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23224 HIGH PATCH This Week

The Linux kernel erofs file system contains a use-after-free vulnerability in direct I/O file-backed mount operations that allows local attackers with user privileges to cause memory corruption and potentially achieve code execution or denial of service. The vulnerability occurs when accessing files through the directio option, where freed memory is subsequently accessed during I/O operations. A patch is not currently available, making this a critical concern for systems running affected Linux kernel versions.

Linux Information Disclosure Memory Corruption Use After Free Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23223 HIGH PATCH This Week

Use-after-free vulnerability in Linux kernel XFS subsystem allows local attackers with unprivileged access to cause memory corruption and potential privilege escalation through improper pointer dereferencing in the btree block owner checking function. The flaw stems from attempting to access freed memory due to incorrect temporal ordering of operations when determining cursor aliases. This vulnerability affects all Linux systems using XFS and currently lacks a patch.

Linux Information Disclosure Memory Corruption Use After Free Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71234 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add The driver does not set hw->sta_data_size, which causes mac80211 to allocate insufficient space for driver private station data in __sta_info_alloc().

Linux Memory Corruption Buffer Overflow Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy