Skip to main content
CVE-2026-23227 HIGH PATCH This Week

Use-after-free in Linux kernel's Exynos Virtual Display (drm/exynos vidi) driver allows local authenticated users to potentially execute arbitrary code, escalate privileges, or cause denial of service. The vulnerability stems from missing lock protection during concurrent memory allocation/deallocation operations in the vidi_context structure. EPSS score of 0.02% indicates low observed exploitation probability. Vendor patches available across multiple kernel stable branches.

Linux Use After Free Information Disclosure Samsung Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33240 HIGH This Week

NVIDIA Megatron Bridge contains a vulnerability in a data shuffling tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Code Injection Information Disclosure Megatron Bridge Nvidia RCE
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33239 HIGH This Week

NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Code Injection Information Disclosure Megatron Bridge Nvidia RCE
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33249 HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. [CVSS 7.8 HIGH]

Privilege Escalation Code Injection Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33236 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Privilege Escalation Code Injection Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23599 HIGH This Week

HPE Aruba Networking ClearPass OnGuard Software for Linux contains a local privilege escalation vulnerability that allows authenticated users to execute arbitrary code with root privileges. The flaw requires local access and no user interaction, making it exploitable by any local account on an affected system. No patch is currently available to remediate this issue.

Linux
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-1272 HIGH PATCH This Week

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. [CVSS 7.7 HIGH]

Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-2507 HIGH This Week

When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. [CVSS 7.5 HIGH]

Denial Of Service
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-2495 HIGH This Week

Unauthenticated attackers can exploit SQL injection in the WPNakama WordPress plugin (versions up to 0.6.5) through the 'order' parameter in the REST API /wp-json/WPNakama/v1/boards endpoint due to insufficient input escaping. This allows unauthorized extraction of sensitive database information from any WordPress installation running the vulnerable plugin. No patch is currently available.

WordPress SQLi
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-2576 HIGH This Week

Unauthenticated attackers can exploit time-based SQL injection in the Business Directory Plugin for WordPress (versions up to 6.4.2) through an unescaped 'payment' parameter to extract sensitive database information. The vulnerability stems from insufficient input validation and improper query preparation, allowing attackers to append arbitrary SQL commands to existing queries without authentication. No patch is currently available.

WordPress SQLi
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-2670 HIGH This Week

Unauthenticated remote attackers can achieve OS command injection through the delete_file parameter in Advantech WISE-6610's OpenVPN management interface (/cgi-bin/luci/admin/openvpn_apply), enabling arbitrary command execution with high privileges. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. The attack requires high-level privileges but involves minimal complexity and poses significant risks to confidentiality, integrity, and availability.

Openvpn Command Injection
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.2%
CVE-2026-1931 HIGH This Week

Stored cross-site scripting in the Rent Fetch WordPress plugin through version 0.32.4 allows unauthenticated attackers to inject malicious scripts via inadequately sanitized keyword parameters. When site visitors access pages containing the injected payload, the scripts execute in their browsers, potentially enabling session hijacking, credential theft, or malware distribution. No patch is currently available for this vulnerability.

WordPress XSS
NVD GitHub
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-2296 HIGH This Week

Arbitrary PHP code execution in Product Addons for WooCommerce plugin (versions up to 3.1.0) through unsafe use of eval() on unsanitized conditional logic operators allows Shop Manager-level and higher-privileged WordPress users to execute malicious code on affected servers. The vulnerability stems from insufficient input validation in the evalConditions() function where user-supplied operator parameters are passed directly to PHP's eval() without sanitization. No patch is currently available.

WordPress PHP Code Injection
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-2019 HIGH This Week

Cart All In One For WooCommerce (WordPress plugin) versions up to 1.1.21. contains a security vulnerability (CVSS 7.2).

WordPress PHP Code Injection
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-1937 HIGH This Week

Unauthorized data modification in YayMail WooCommerce Email Customizer WordPress plugin allows unauthenticated attackers to modify email templates, potentially enabling phishing attacks against customers.

WordPress Privilege Escalation Authentication Bypass
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-22048 HIGH This Week

Configuration deletion and resource denial in StorageGRID versions before 11.9.0.12 and 12.0.0.4 stems from an SSRF flaw in Microsoft Entra ID SSO integration, allowing authenticated attackers to manipulate backend requests. Successful exploitation enables deletion of configuration data or denial of access to storage resources despite requiring valid credentials to initiate the attack.

Azure SSRF
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-1999 HIGH This Week

GitHub Enterprise Server allows authenticated webhook administrators to bypass network restrictions through Server-Side Request Forgery, enabling access to internal services, job queues, and sensitive endpoints on loopback addresses. This affects all versions prior to 3.20 and requires valid credentials with webhook configuration privileges. No patch is currently available, and exploitation could lead to unauthorized data access or disruption of background job processing.

SSRF Enterprise Server
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2025-71231 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned.

Linux Information Disclosure Buffer Overflow Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-2426 MEDIUM This Month

Arbitrary file deletion in WP-DownloadManager plugin versions up to 1.69 allows high-privileged WordPress administrators to bypass path validation and remove critical system files through directory traversal in the file deletion parameter. Deletion of essential files like wp-config.php can result in remote code execution or complete site compromise. No patch is currently available.

WordPress PHP RCE Path Traversal
NVD GitHub
CVSS 3.1
6.5
EPSS
2.6%
CVE-2026-27171 LOW POC Monitor

zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. [CVSS 2.9 LOW]

Information Disclosure Zlib
NVD GitHub
CVSS 3.1
2.9
EPSS
0.0%
CVE-2026-20144 MEDIUM This Month

Splunk Enterprise and Splunk Cloud Platform deployments expose SAML authentication configurations in plaintext logs accessible to users with Search Head Cluster administrative roles and _internal index access, allowing credential and authentication extension disclosure. Affected versions include Splunk Enterprise below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, as well as Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120. No patch is currently available for this medium-severity vulnerability.

Information Disclosure Splunk Splunk Cloud Platform
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-20142 MEDIUM This Month

Splunk Enterprise versions before 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11 expose RSA access keys in plain text within the Authentication.conf file to users with access to the _internal index on Search Head Cluster deployments. A privileged user with appropriate role permissions could read these sensitive credentials, compromising authentication security. No patch is currently available for this medium-severity vulnerability.

Information Disclosure Splunk
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-20138 MEDIUM This Month

Splunk Search Head Cluster deployments below versions 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11 expose Duo Two-Factor Authentication secrets (integrationKey, secretKey, appSecretKey) in plain text to users with access to the _internal index and appropriate roles. An authenticated attacker with these privileges could retrieve sensitive credentials and compromise Duo authentication controls for the Splunk environment. No patch is currently available for this vulnerability.

Information Disclosure Splunk
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-1355 MEDIUM This Month

GitHub Enterprise Server versions before 3.20 contain an authorization bypass in the repository migration upload endpoint that permits authenticated attackers to inject malicious content into other users' migration exports. An attacker can overwrite a victim's migration archive and cause them to download compromised repository data during restoration or automated imports. No patch is currently available, affecting all versions prior to 3.20.

Github Enterprise Server
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-1436 MEDIUM This Month

Graylog 2.2.3 contains an insecure direct object reference (IDOR) vulnerability in its user API endpoint that allows authenticated users to enumerate and access other users' profiles by manipulating user IDs in requests. An attacker with valid credentials can extract sensitive information including usernames, email addresses, internal identifiers, and last activity timestamps from arbitrary user accounts. No patch is currently available for this vulnerability.

Authentication Bypass Graylog
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1942 MEDIUM This Month

Unauthorized post modification in Blog2Social plugin for WordPress versions up to 8.7.4 allows authenticated subscribers and higher-privileged users to alter arbitrary post and page content due to missing post-level permission checks in the curation draft AJAX handler. An attacker can exploit this by providing a target post ID to overwrite titles and content across the site without proper authorization.

WordPress
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1317 MEDIUM This Month

SQL injection in the WP Import - Ultimate CSV Importer plugin for WordPress (versions up to 7.37) allows authenticated subscribers and higher-privileged users to inject malicious SQL commands through specially crafted filenames during file uploads. When the Single Import/Export feature is enabled on PHP versions below 8.0, attackers can extract sensitive database information by exploiting insufficient input validation. The vulnerability requires valid WordPress credentials but poses a medium risk due to its direct access to database contents.

WordPress PHP SQLi
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1639 MEDIUM This Month

SQL injection in the Taskbuilder WordPress plugin through unescaped 'order' and 'sort_by' parameters allows authenticated users with subscriber-level privileges to extract sensitive database information via time-based blind SQL injection attacks. The vulnerability affects all versions up to 5.0.2 and has no available patch. Attackers can craft malicious queries to systematically retrieve confidential data from the WordPress database.

WordPress SQLi
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-14799 MEDIUM This Month

The Brevo - Email, SMS, Web Push, Chat, and more. plugin for WordPress is vulnerable to authorization bypass due to type juggling in all versions up to, and including, 3.3.0. This is due to the use of loose comparison (==) instead of strict comparison (===) when validating the installation ID in the `/wp-json/mailin/v1/mailin_disconnect` REST API endpoint. This makes it possible for unauthenticated attackers to disconnect the Brevo integration, delete the API key, remove all subscription form...

WordPress PHP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1344 MEDIUM This Month

Enforce Recovery Key Portal is affected by incorrect permission assignment for critical resource (CVSS 6.5).

Privilege Escalation Enforce Recovery Key Portal
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-0665 MEDIUM PATCH This Month

QEMU's KVM Xen guest support contains an off-by-one error in the physdev hypercall interface that allows authenticated guest users to trigger out-of-bounds heap memory access within the hypervisor process. This vulnerability can lead to denial of service through memory corruption, potentially affecting virtualized environments running QEMU with Xen guest support enabled. No patch is currently available.

Memory Corruption Denial Of Service Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1941 MEDIUM This Month

Stored cross-site scripting in WP Event Aggregator plugin through version 1.8.7 allows authenticated contributors and above to inject malicious scripts via the wp_events shortcode due to inadequate input sanitization. When site visitors access pages containing the injected payload, the scripts execute in their browsers, potentially compromising user sessions and data. No patch is currently available, leaving affected WordPress installations vulnerable.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1807 MEDIUM This Month

InteractiveCalculator for WordPress (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.4).

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-12122 MEDIUM This Month

The Popup Box - Easily Create WordPress Popups plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 3.2.12 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-11737 MEDIUM This Month

VK All in One Expansion Unit (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.4).

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6460 MEDIUM This Month

Display During Conditional Shortcode (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.4).

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13959 MEDIUM This Month

The Filestack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'filepicker' shortcode in all versions up to, and including, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-11185 MEDIUM This Month

The Complianz - GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cmplz-accept-link shortcode in all versions up to, and including, 7.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1200 MEDIUM This Month

Memory corruption in the rgaufman/live555 fork's `increaseBufferTo` function can be triggered by remote attackers with low privileges, causing segmentation faults and potential system instability. The vulnerability requires network access but no user interaction, affecting systems running vulnerable versions of the affected library. No patch is currently available for this issue.

Memory Corruption Red Hat Suse
NVD GitHub
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-8308 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Key Software Solutions Inc. [CVSS 6.3 MEDIUM]

XSS
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-1666 MEDIUM This Month

The Download Manager plugin for WordPress through version 3.3.46 contains a reflected XSS vulnerability in the 'redirect_to' parameter that allows unauthenticated attackers to inject malicious scripts. An attacker can exploit this by crafting a malicious link that, when clicked by a victim, executes arbitrary JavaScript in their browser session. No patch is currently available for this vulnerability.

WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-2672 LOW POC Monitor

Path traversal in Tsinghua Unigroup Electronic Archives System 3.2.210802 allows authenticated remote attackers to read arbitrary files through manipulation of the path parameter in the /Search/Subject/downLoad function. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires valid credentials but no user interaction, making it a practical risk for organizations using this system.

Path Traversal Electronic Archives System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-1404 MEDIUM This Month

The Ultimate Member WordPress plugin through version 2.11.1 contains a reflected XSS vulnerability in filter parameters that lack proper input sanitization and output escaping. Unauthenticated attackers can inject malicious scripts into pages by crafting malicious links and convincing users to click them. Successful exploitation results in arbitrary JavaScript execution in the context of the affected user's browser session.

WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-1437 MEDIUM This Month

Reflected XSS in Graylog 2.2.3's web interface allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting malicious URLs that bypass HTML output sanitization, particularly through the user edit endpoint. An attacker can exploit this to perform session hijacking or manipulate user context with no user interaction required beyond visiting a crafted link. No patch is currently available for this vulnerability.

XSS Graylog
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-2654 LOW POC Monitor

Server-side request forgery in Hugging Face smolagents 1.24.0 allows authenticated attackers to manipulate the LocalPythonExecutor's requests.get/requests.post functions, enabling remote exploitation without user interaction. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

SSRF Smolagents
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-1441 MEDIUM This Month

Graylog Web Interface 2.2.3 contains a reflected XSS vulnerability in the /system/index_sets/ endpoint where unsanitized URL parameters are echoed into HTML responses, enabling attackers to execute arbitrary JavaScript in users' browsers. An attacker can craft a malicious URL to steal session cookies, hijack user sessions, or perform unauthorized actions within the victim's Graylog interface. No patch is currently available for this vulnerability.

XSS Graylog
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-1440 MEDIUM This Month

Reflected XSS in Graylog Web Interface version 2.2.3 fails to properly sanitize user-supplied input in the /system/pipelines/ endpoint, enabling attackers to inject malicious JavaScript through specially crafted URLs. An attacker can execute arbitrary scripts in a victim's browser and potentially hijack user sessions when the victim visits a malicious link. No patch is currently available for this vulnerability.

XSS Graylog
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-1439 MEDIUM This Month

Graylog Web Interface 2.2.3 contains a reflected XSS vulnerability in the /alerts/ endpoint where unencoded URL parameters are reflected in HTML responses, enabling attackers to execute arbitrary JavaScript in a victim's browser through malicious links. Successful exploitation allows session hijacking and limited account manipulation when users click crafted URLs. No patch is currently available for this vulnerability.

XSS Graylog
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-1438 MEDIUM This Month

Graylog Web Interface 2.2.3 contains a reflected XSS vulnerability in the /system/nodes/ endpoint where unescaped URL parameters are reflected in HTML responses, enabling attackers to execute arbitrary JavaScript in a victim's browser. An attacker can craft a malicious URL to steal session credentials or manipulate user actions within the affected Graylog instance when a user clicks the link. No patch is currently available for this vulnerability.

XSS Graylog
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-2682 LOW POC Monitor

SQL injection in Tsinghua Unigroup Electronic Archives System versions up to 3.2.210802 allows authenticated remote attackers to manipulate the comid parameter via the /mine/PublicReport/prinReport.html endpoint, potentially leading to unauthorized data access or modification. Public exploit code is available for this vulnerability, and the vendor has not provided a patch despite early notification.

SQLi Electronic Archives System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy