381 CVEs tracked today. 23 Critical, 77 High, 254 Medium, 9 Low.
-
CVE-2025-71243
CRITICAL
CVSS 9.8
The Saisies plugin for SPIP CMS versions 5.4.0 through 5.11.0 contains a critical remote code execution vulnerability. Attackers can exploit the vulnerability to execute arbitrary code on the SPIP server, compromising the content management system and its database.
RCE
Saisies
-
CVE-2026-27476
CRITICAL
CVSS 9.8
Command injection in RustFly 2.0.0 via hex-encoded UDP instructions on port 5005. The remote UI control mechanism accepts and executes commands without validation.
Command Injection
-
CVE-2026-26339
CRITICAL
CVSS 9.8
RCE via argument injection in Hyland Alfresco Transformation Service. Unauthenticated attackers can execute commands through document transformation.
RCE
Alfresco Transform Core
Alfresco Transform Service
-
CVE-2026-26338
CRITICAL
CVSS 9.8
SSRF in Hyland Alfresco Transformation Service via document processing.
SSRF
Alfresco Transform Core
Alfresco Transform Service
-
CVE-2026-26030
CRITICAL
CVSS 9.9
Remote code execution in Microsoft Semantic Kernel Python SDK before 1.39.4. Code injection in the AI orchestration framework. Patch available.
Microsoft
Linux
Python
RCE
AI / ML
-
CVE-2026-25242
CRITICAL
CVSS 9.8
Unauthenticated file upload in Gogs self-hosted Git service 0.13.4 and below. Default configuration exposes file upload endpoints. PoC and patch available.
CSRF
Gogs
Suse
-
CVE-2026-24834
CRITICAL
CVSS 9.3
Incorrect permissions in Kata Containers allow container escape via file permission manipulation. PoC and patch available.
Privilege Escalation
RCE
Kata Containers
Redhat
Suse
-
CVE-2026-23549
CRITICAL
CVSS 9.8
PHP Object Injection in WpEvently (mage-eventpress) WordPress plugin.
Deserialization
-
CVE-2026-23542
CRITICAL
CVSS 9.8
PHP Object Injection in Grand Restaurant WordPress theme.
Deserialization
-
CVE-2026-2686
CRITICAL
CVSS 9.8
Command injection in SECCN Dingcheng G10 3.1.0.181203 router via session_login.cgi. PoC available.
Command Injection
-
CVE-2026-1994
CRITICAL
CVSS 9.8
Privilege escalation via account takeover in s2Member WordPress plugin <= 260127. Broken authentication allows taking over any user account.
WordPress
Privilege Escalation
-
CVE-2026-1405
CRITICAL
CVSS 9.8
Arbitrary file upload in Slider Future WordPress plugin.
WordPress
RCE
-
CVE-2026-0926
CRITICAL
CVSS 9.8
Local File Inclusion in Prodigy Commerce WordPress plugin <= 3.2.9.
WordPress
PHP
Lfi
Information Disclosure
RCE
-
CVE-2025-67305
CRITICAL
CVSS 9.8
Hardcoded SSH keys in Ruckus Network Director OVA < 4.5.0.56 for postgres user. Same across all appliances.
PostgreSQL
Privilege Escalation
-
CVE-2025-67304
CRITICAL
CVSS 9.8
Hardcoded PostgreSQL credentials in Ruckus Network Director OVA < 4.5.0.54.
PostgreSQL
Authentication Bypass
-
CVE-2025-55853
CRITICAL
CVSS 9.1
SSRF in SoftVision webPDF before 10.0.2 via PDF converter function.
SSRF
-
CVE-2025-15559
CRITICAL
CVSS 9.8
Unauthenticated OS command injection in NesterSoft WorkTime via report generation API. Allows executing arbitrary commands.
Command Injection
Worktime
-
CVE-2025-13851
CRITICAL
CVSS 9.8
Privilege escalation via registration in Buyent Classified WordPress plugin.
WordPress
Privilege Escalation
PHP
-
CVE-2025-13590
CRITICAL
CVSS 9.1
Arbitrary file upload by admin users in VMware product via REST API. Allows uploading to user-controlled locations within the deployment.
RCE
Api Manager
Universal Gateway
Traffic Manager
Api Control Plane
-
CVE-2025-13563
CRITICAL
CVSS 9.8
Privilege escalation in Lizza LMS Pro WordPress plugin <= 1.0.3.
WordPress
Privilege Escalation
PHP
-
CVE-2025-12882
CRITICAL
CVSS 9.8
Privilege escalation in Clasifico Listing WordPress plugin <= 2.0.
WordPress
Privilege Escalation
PHP
-
CVE-2025-9953
CRITICAL
CVSS 9.8
Authorization bypass via user-controlled SQL primary key in Databank Accreditation Software.
SQLi
-
CVE-2025-8350
CRITICAL
CVSS 9.8
Execution After Redirect + missing auth in BiEticaret CMS.
Authentication Bypass
-
CVE-2026-27475
HIGH
CVSS 8.1
Arbitrary code execution in SPIP before 4.4.9 through insecure deserialization of untrusted serialized objects in the table_valeur filter and DATA iterator. An attacker with prior access or leveraging a separate vulnerability to inject malicious serialized data can trigger arbitrary object instantiation and achieve remote code execution. No patch is currently available, and the vulnerability persists despite SPIP's standard security protections.
Deserialization
Spip
-
CVE-2026-27343
HIGH
CVSS 7.5
PHP Local File Inclusion in Airtifact versions up to 1.2.91 permits authenticated attackers to read arbitrary files on the server through improper validation of include/require statements. With low privileges required and no user interaction necessary, an attacker can leverage this vulnerability to access sensitive configuration files or application source code. No patch is currently available for this vulnerability.
PHP
Lfi
-
CVE-2026-27114
HIGH
CVSS 7.5
Nanazip versions up to 6.0.1630.0 is affected by loop with unreachable exit condition (infinite loop) (CVSS 7.5).
Denial Of Service
Nanazip
-
CVE-2026-27052
HIGH
CVSS 7.5
villatheme Sales Countdown Timer for WooCommerce and WordPress sctv-sales-countdown-timer is affected by php remote file inclusion (CVSS 7.5).
WordPress
PHP
Lfi
Information Disclosure
-
CVE-2026-27013
HIGH
CVSS 7.6
Stored XSS in Fabric.js prior to version 7.2.0 allows attackers to inject arbitrary SVG elements and event handlers when user-supplied JSON is loaded and exported via toSVG(), affecting applications that process collaborative designs, imports, or CMS plugins. Public exploit code exists for this vulnerability. Applications rendering the SVG output in browsers are vulnerable to arbitrary JavaScript execution.
RCE
XSS
Fabric.Js
-
CVE-2026-26362
HIGH
CVSS 8.1
Dell Unisphere for PowerMax 10.2 contains a relative path traversal flaw that allows authenticated remote attackers to modify critical system files without user interaction. The vulnerability affects systems with low-privileged user accounts and carries high integrity and availability impact, though no patch is currently available. With an EPSS score of 0.1%, exploitation likelihood remains low despite the HIGH severity rating.
Path Traversal
Unisphere For Powermax
-
CVE-2026-26360
HIGH
CVSS 8.1
Dell Unisphere for PowerMax versions 10.2 suffer from a path traversal vulnerability (CWE-73) that allows authenticated remote attackers to delete arbitrary files on affected systems. An attacker with low-level privileges can exploit this flaw without user interaction to achieve denial of service or system compromise. No patch is currently available for this high-severity issue (CVSS 8.1).
Information Disclosure
Dell
Unisphere For Powermax
-
CVE-2026-26359
HIGH
CVSS 8.8
Dell Unisphere for PowerMax 10.2 contains a path traversal vulnerability that allows authenticated remote attackers to overwrite arbitrary files on the system. This HIGH severity flaw (CVSS 8.8) requires only low privileges and network access to exploit, potentially enabling complete system compromise. No patch is currently available for this vulnerability.
Information Disclosure
Dell
Unisphere For Powermax
-
CVE-2026-26358
HIGH
CVSS 8.8
Dell Unisphere for PowerMax 10.2 lacks proper authorization checks, allowing authenticated remote attackers to bypass access controls and gain unauthorized administrative capabilities. This missing authorization vulnerability (CWE-862) affects users who have any valid account credentials on affected systems. No patch is currently available, making this a critical risk for organizations operating vulnerable PowerMax installations.
Authentication Bypass
Dell
Unisphere For Powermax
-
CVE-2026-26337
HIGH
CVSS 8.2
Alfresco Transform Service contains a vulnerability that allows attackers to achieve both arbitrary file read and server-side request forgery through the abs (CVSS 8.2).
SSRF
Path Traversal
Alfresco Transform Core
Alfresco Transform Service
-
CVE-2026-26336
HIGH
CVSS 7.5
Unauthenticated attackers can bypass access controls in Alfresco Content Services to retrieve sensitive files from protected directories such as WEB-INF through the /share/page/resource/ endpoint. This vulnerability exposes critical configuration data and credentials without requiring authentication or user interaction. No patch is currently available for this remotely exploitable issue affecting Alfresco deployments.
Authentication Bypass
Information Disclosure
Alfresco Content Services
-
CVE-2026-26325
HIGH
CVSS 7.2
OpenClaw versions before 2026.2.14 allow attackers with execution privileges to bypass command allowlist controls on node host deployments by exploiting a mismatch between validated and executed commands, potentially enabling execution of unapproved system commands. The vulnerability only affects configurations using node host execution paths with allowlist-based security policies and approval prompting. A patch is available in version 2026.2.14 which enforces consistency validation.
Authentication Bypass
AI / ML
Openclaw
-
CVE-2026-26324
HIGH
CVSS 7.5
OpenClaw prior to version 2026.2.14 fails to properly validate IPv6-formatted addresses in its SSRF protection, allowing attackers to bypass restrictions and access loopback and private network resources that should be blocked. An unauthenticated remote attacker can exploit this by crafting requests using IPv4-mapped IPv6 literals to reach restricted endpoints. The vulnerability has been patched in version 2026.2.14.
SSRF
AI / ML
Openclaw
-
CVE-2026-26323
HIGH
CVSS 8.8
Arbitrary command execution in OpenClaw versions 2026.1.8 through 2026.2.13 allows attackers to execute shell commands when developers or CI systems run the update-clawtributors.ts maintenance script on repositories containing malicious commit metadata. The vulnerability stems from unsanitized interpolation of git author emails into shell commands via execSync, exploitable only by those with access to the development environment or source repository. Version 2026.2.14 patches the issue.
Node.js
Github
Command Injection
AI / ML
Openclaw
-
CVE-2026-26322
HIGH
CVSS 7.6
OpenClaw versions prior to 2026.2.14 fail to validate the gatewayUrl parameter in the Gateway tool, allowing authenticated users or operators to redirect WebSocket connections to arbitrary targets and potentially access internal resources. This vulnerability requires authentication and the ability to invoke specific tool calls, limiting exposure to trusted users and automated systems rather than anonymous attackers. An attacker with these privileges could establish unauthorized outbound connections from the OpenClaw host, compromising confidentiality and potentially enabling further network-based attacks.
SSRF
AI / ML
Openclaw
-
CVE-2026-26321
HIGH
CVSS 7.5
OpenClaw's Feishu extension prior to version 2026.2.14 improperly handles `mediaUrl` parameters by treating attacker-controlled values as local filesystem paths, enabling unauthorized file read access. An attacker who can influence tool calls through direct manipulation or prompt injection could exfiltrate sensitive files like `/etc/passwd`. This high-severity path traversal vulnerability (CWE-22) is resolved in version 2026.2.14 and later, which implements proper access controls and routes media loading through hardened helpers.
Path Traversal
AI / ML
Openclaw
-
CVE-2026-26319
HIGH
CVSS 7.5
OpenClaw's Telnyx voice-call webhook handler fails to validate webhook signatures when the public key is not configured, allowing unauthenticated attackers to forge arbitrary Telnyx events. This affects only deployments with the Voice Call plugin installed, enabled, and publicly accessible, enabling attackers to inject malicious voice-call events into the system. A patch is available.
Authentication Bypass
AI / ML
Openclaw
-
CVE-2026-26318
HIGH
CVSS 8.8
Command injection in systeminformation versions before 5.31.0 allows local attackers with user privileges to execute arbitrary system commands through unsanitized output parsing in the versions() function. Public exploit code exists for this vulnerability, which provides complete system compromise capabilities including information disclosure, modification, and denial of service. Upgrade to version 5.31.0 or later to remediate.
Node.js
Command Injection
Systeminformation
Redhat
Suse
-
CVE-2026-26317
HIGH
CVSS 7.1
OpenClaw versions prior to 2026.2.14 lack proper Cross-Origin Request Forgery (CSRF) protections on localhost mutation endpoints, allowing malicious websites to trigger unauthorized actions against a victim's local AI assistant instance such as opening tabs, modifying storage, or controlling browser functions. The vulnerability affects the browser control plane through cross-origin requests initiated from the victim's browser context, despite the service's loopback binding. Version 2026.2.14 and later mitigate this by validating Origin/Referer headers and rejecting mutating requests from cross-site origins.
CSRF
AI / ML
Openclaw
-
CVE-2026-26316
HIGH
CVSS 7.5
OpenClaw is a personal AI assistant. [CVSS 7.5 HIGH]
Authentication Bypass
AI / ML
Openclaw
-
CVE-2026-26315
HIGH
CVSS 7.5
Go Ethereum (Geth) versions prior to 1.16.9 contain a cryptographic implementation flaw in ECIES that allows remote attackers to extract portions of the p2p node key without authentication. This exposure could compromise the confidentiality of node communications and potentially enable impersonation or network-level attacks against affected Ethereum nodes. Administrators should upgrade to version 1.16.9 or later and rotate their node keys by deleting the nodekey file.
Golang
Go Ethereum
Suse
-
CVE-2026-26314
HIGH
CVSS 7.5
Geth versions prior to 1.16.9 can be remotely crashed by sending a specially crafted message over the network, allowing unauthenticated attackers to cause denial of service against Ethereum nodes. This vulnerability in Go Ethereum's message handling requires no user interaction and affects the availability of affected nodes. Patched versions 1.16.9 and 1.17.0 are available to remediate this issue.
Golang
Denial Of Service
Go Ethereum
Suse
-
CVE-2026-26313
HIGH
CVSS 7.5
Go Ethereum versions up to 1.17.0 is affected by allocation of resources without limits or throttling (CVSS 7.5).
Golang
Go Ethereum
Suse
-
CVE-2026-26286
HIGH
CVSS 8.5
SillyTavern versions before 1.16.0 contain a server-side request forgery (SSRF) vulnerability in the asset download endpoint that allows authenticated users to make arbitrary HTTP requests from the server and access internal services, cloud metadata, and private network resources. Public exploit code exists for this vulnerability, which can be mitigated by upgrading to version 1.16.0 or configuring domain whitelisting in the config.yaml file.
SSRF
AI / ML
Sillytavern
-
CVE-2026-26280
HIGH
CVSS 8.4
Arbitrary command execution in systeminformation versions before 5.30.8 allows local attackers to execute OS commands through an unsanitized network interface parameter in the wifiNetworks() function's retry logic. Applications passing user-controlled input to this function are vulnerable to privilege escalation attacks running with Node.js process permissions. Public exploit code exists for this vulnerability; a patch is available.
Node.js
Command Injection
Systeminformation
Redhat
Suse
-
CVE-2026-26278
HIGH
CVSS 7.5
Fast XML Parser versions 4.1.3 through 5.3.5 are vulnerable to XML entity expansion attacks that allow remote attackers to cause denial of service by forcing unbounded entity expansion with minimal payload sizes. Public exploit code exists for this vulnerability, enabling attackers to freeze or severely degrade application performance. Upgrade to version 5.3.6 or disable entity processing using the `processEntities: false` option to mitigate the risk.
XXE
Denial Of Service
Fast Xml Parser
Redhat
Suse
-
CVE-2026-26275
HIGH
CVSS 7.5
httpsig-hyper versions prior to 0.0.23 fail to properly validate HTTP message digest headers due to improper use of Rust's matches! macro, allowing attackers to forge or modify message bodies without detection. This vulnerability affects applications using the library for HTTP signature verification, enabling attackers to bypass integrity checks on signed requests. A patch is available in version 0.0.23 and later.
Information Disclosure
Httpsig Hyper
-
CVE-2026-26267
HIGH
CVSS 7.5
Function name collision in Rs Soroban SDK versions prior to 22.0.10, 23.5.2, and 25.1.1 causes the #[contractimpl] macro to invoke incorrect functions when both trait and inherent implementations share identical function names, allowing attackers to exploit logic flaws through public exploit code. Smart contract developers using affected versions risk silent execution of unintended code paths that could compromise contract integrity and security guarantees. Patches are available for all vulnerable versions.
Authentication Bypass
Rs Soroban Sdk
-
CVE-2026-26202
HIGH
CVSS 7.5
Penpot before version 2.13.2 contains a path traversal vulnerability in the font creation endpoint that allows authenticated users with team edit permissions to read arbitrary files from the server filesystem. By supplying local file paths such as `/etc/passwd` as font data, attackers can retrieve sensitive files including system configuration, application secrets, and credentials. Public exploit code exists for this vulnerability, which could enable further server compromise depending on the Penpot process permissions.
Path Traversal
Information Disclosure
Penpot
-
CVE-2026-26201
HIGH
CVSS 7.5
emp3r0r C2 framework versions prior to 3.21.2 crash due to unsynchronized concurrent map access in Go goroutines, allowing attackers with network access to trigger denial of service against the C2 infrastructure. Public exploit code exists for this vulnerability. The issue is resolved in version 3.21.2 and later.
Linux
Golang
Denial Of Service
Emp3r0r
Suse
-
CVE-2026-26200
HIGH
CVSS 7.8
Heap buffer overflow in HDF5 versions prior to 1.14.4-2 allows attackers to trigger denial-of-service or potentially achieve code execution by crafting malicious h5 files. The vulnerability affects any system parsing untrusted HDF5 data files and has public exploit code available. A patch is not yet available, leaving affected deployments at risk.
RCE
Buffer Overflow
Heap Overflow
Hdf5
Redhat
-
CVE-2026-26193
HIGH
CVSS 7.3
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. [CVSS 7.3 HIGH]
XSS
AI / ML
Open Webui
-
CVE-2026-26192
HIGH
CVSS 7.3
Stored XSS in Open WebUI prior to version 0.7.0 allows authenticated users to inject malicious HTML payloads into chat document metadata, which execute in the browser when citations are previewed or viewed in shared chats. Public exploit code exists for this vulnerability, and an attacker with login access can compromise any user who interacts with their weaponized chat documents. Upgrade to version 0.7.0 or later to remediate.
XSS
AI / ML
Open Webui
-
CVE-2026-26016
HIGH
CVSS 8.1
Missing authorization validation in Pterodactyl Wings prior to version 1.12.1 allows authenticated nodes to access and manipulate servers across different nodes without proper ownership verification. An attacker with a valid node secret token can retrieve sensitive installation scripts, alter server installation states, and modify transfer statuses for servers they should not have access to. The vulnerability requires network access and valid node credentials but carries high impact due to potential exposure of secrets and cross-node server manipulation.
Information Disclosure
Panel
-
CVE-2026-25998
HIGH
CVSS 7.5
strongMan's credential encryption uses a static initialization vector with AES-CTR mode, causing all database fields to be encrypted with identical key streams. An attacker with database access can leverage publicly stored certificates to derive the key stream and decrypt stored private keys and EAP secrets. No patch is currently available for this high-severity vulnerability affecting strongSwan management deployments.
Information Disclosure
Strongman
-
CVE-2026-25940
HIGH
CVSS 8.1
jsPDF versions prior to 4.2.0 allow attackers to inject arbitrary PDF objects including malicious JavaScript through unsanitized input to the Acroform module, which executes when users interact with form elements. An attacker who can control input passed to vulnerable API members can achieve code execution on the victim's system. The vulnerability is fixed in jsPDF 4.2.0 and can be mitigated by sanitizing all user input before passing it to affected Acroform properties and methods.
XSS
Jspdf
Redhat
-
CVE-2026-25926
HIGH
CVSS 7.3
Notepad++ versions before 8.9.2 allow local code execution through an unsafe search path vulnerability that permits attackers to hijack the Windows Explorer executable if they control the process working directory. A user with local access running the affected application could be tricked into executing a malicious explorer.exe, leading to arbitrary code execution with application privileges. Public exploit code exists for this vulnerability and no patch is currently available.
Windows
-
CVE-2026-25755
HIGH
CVSS 8.1
Arbitrary PDF object injection in jsPDF before 4.2.0 allows unauthenticated attackers to execute malicious actions or manipulate document structure through unvalidated input to the addJS method, affecting any user opening a crafted PDF. Public exploit code exists for this vulnerability. The issue is resolved in jsPDF 4.2.0, with a temporary mitigation of escaping parentheses in user-supplied JavaScript before passing it to addJS.
RCE
Code Injection
Jspdf
Redhat
-
CVE-2026-25535
HIGH
CVSS 7.5
Denial of service in jsPDF prior to version 4.2.0 allows remote attackers to trigger out-of-memory conditions by supplying specially crafted GIF files with oversized dimension headers to the addImage or html methods. Public exploit code exists for this vulnerability, affecting applications that process untrusted image data. Upgrade to jsPDF 4.2.0 or sanitize image inputs before processing.
Denial Of Service
Jspdf
Redhat
-
CVE-2026-25474
HIGH
CVSS 7.5
OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSecret` is not configured, allowing attackers with network access to the webhook endpoint to forge Telegram messages and trigger unintended bot actions. Public exploit code exists for this vulnerability. Affected deployments must upgrade to version 2026.2.1 or later, or ensure the webhook endpoint is not reachable by untrusted networks.
Authentication Bypass
AI / ML
Openclaw
-
CVE-2026-25418
HIGH
CVSS 7.6
SQL injection in Bit Form through version 2.21.10 enables authenticated attackers with high privileges to execute arbitrary database queries, potentially exposing sensitive data. The vulnerability requires administrative credentials but has no available patch, leaving affected installations at risk until an update is released.
SQLi
-
CVE-2026-25378
HIGH
CVSS 7.6
Blind SQL injection in Nelio AB Testing plugin version 8.2.4 and earlier enables authenticated attackers with high privileges to execute arbitrary SQL queries against the database. An attacker with administrative access could exploit this vulnerability to extract sensitive data or manipulate database contents, though availability impact is limited. No patch is currently available.
SQLi
-
CVE-2026-25326
HIGH
CVSS 7.5
cmsmasters CMSMasters Content Composer cmsmasters-content-composer is affected by php remote file inclusion (CVSS 7.5).
PHP
Lfi
-
CVE-2026-25316
HIGH
CVSS 7.2
CartFlows through version 2.1.19 contains an unsafe deserialization vulnerability that enables object injection attacks against WordPress installations using the plugin. An authenticated attacker with high privileges can exploit this flaw to achieve arbitrary code execution with full system access. No patch is currently available for this vulnerability.
Deserialization
-
CVE-2026-25232
HIGH
CVSS 8.8
Gogs is an open source self-hosted Git service. [CVSS 8.8 HIGH]
Ssh
Privilege Escalation
Gogs
Suse
-
CVE-2026-23805
HIGH
CVSS 7.6
SQL injection in Yoren Chang Media Search Enhanced through version 0.9.1 enables unauthenticated remote attackers to execute arbitrary SQL queries and extract sensitive data from the underlying database. With high privileges required for exploitation, an authenticated attacker with administrative access can manipulate SQL commands to compromise data confidentiality while causing minor service disruption. No patch is currently available.
SQLi
-
CVE-2026-23547
HIGH
CVSS 7.1
cmsmasters CMSMasters Content Composer cmsmasters-content-composer is affected by missing authorization (CVSS 7.1).
Authentication Bypass
-
CVE-2026-23544
HIGH
CVSS 8.8
Unsafe deserialization in Codetipi Valenti through version 5.6.3.5 enables authenticated attackers to inject arbitrary objects and achieve remote code execution. An attacker with valid credentials can exploit this vulnerability to execute malicious commands with the privileges of the affected application. No patch is currently available.
Deserialization
-
CVE-2026-22333
HIGH
CVSS 7.2
YITHEMES YITH WooCommerce Compare yith-woocommerce-compare is affected by deserialization of untrusted data (CVSS 7.2).
WordPress
Deserialization
-
CVE-2026-22267
HIGH
CVSS 8.1
Dell PowerProtect Data Manager versions prior to 19.22 contain an incorrect privilege assignment flaw that allows remote attackers with low-level credentials to escalate their privileges on affected systems. The vulnerability requires network access and valid authentication but no user interaction, making it exploitable by insiders or attackers who have obtained legitimate credentials. No patch is currently available.
Information Disclosure
Dell
Powerprotect Data Manager
-
CVE-2026-21535
HIGH
CVSS 8.2
Microsoft Teams contains an access control vulnerability that enables unauthenticated remote attackers to extract sensitive information without user interaction. The flaw affects Teams deployments and carries a high severity rating, though no patch is currently available. Exploitation requires only network access with no additional prerequisites, making this a significant risk for organizations using the platform.
Microsoft
Teams
-
CVE-2026-2691
HIGH
CVSS 7.3
SQL injection in itsourcecode Event Management System 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /admin/manage_register.php, potentially leading to unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for unpatched deployments.
PHP
SQLi
Event Management System
-
CVE-2026-2690
HIGH
CVSS 7.3
SQL injection in itsourcecode Event Management System 1.0's admin login endpoint allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling attackers to potentially extract sensitive data or compromise system integrity. No patch is currently available for affected PHP installations.
PHP
SQLi
Event Management System
-
CVE-2026-2689
HIGH
CVSS 7.3
SQL injection in itsourcecode Event Management System 1.0's booking management interface allows unauthenticated remote attackers to manipulate database queries via the ID parameter in /admin/manage_booking.php. Public exploit code exists for this vulnerability, enabling potential unauthorized data access and modification. No patch is currently available to address this high-severity flaw affecting PHP-based deployments.
PHP
SQLi
Event Management System
-
CVE-2026-2684
HIGH
CVSS 7.3
Electronic Archives System versions up to 3.2.210802 is affected by improper access control (CVSS 7.3).
File Upload
Authentication Bypass
Electronic Archives System
-
CVE-2026-2232
HIGH
CVSS 7.5
Product Table and List Builder for WooCommerce Lite (WordPress plugin) is affected by sql injection (CVSS 7.5).
WordPress
SQLi
-
CVE-2026-1581
HIGH
CVSS 7.5
Unauthenticated attackers can exploit time-based SQL injection in wpForo Forum plugin for WordPress versions up to 2.4.14 through the 'wpfob' parameter to extract sensitive database information. The vulnerability stems from insufficient input sanitization and improper SQL query preparation, allowing attackers to inject arbitrary SQL commands without authentication. No patch is currently available.
WordPress
SQLi
-
CVE-2026-0974
HIGH
CVSS 8.8
The Orderable WordPress plugin through version 1.20.0 fails to properly verify user permissions on plugin installation functions, enabling authenticated subscribers to install malicious plugins and achieve remote code execution. An attacker with minimal WordPress account privileges can exploit this capability check bypass to gain full server compromise without administrator credentials. No patch is currently available for this vulnerability (CVSS 8.8).
WordPress
RCE
-
CVE-2026-0912
HIGH
CVSS 8.8
Privilege escalation in WordPress Toret Manager plugin through version 1.2.7 allows authenticated subscribers to modify arbitrary site options due to missing capability checks in the trman_save_option functions. An attacker can exploit this to change the default registration role to administrator and enable user registration, granting themselves admin access to the vulnerable site. No patch is currently available.
WordPress
Privilege Escalation
-
CVE-2025-15561
HIGH
CVSS 7.8
An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". [CVSS 7.8 HIGH]
Privilege Escalation
Worktime
-
CVE-2025-15560
HIGH
CVSS 8.8
An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. [CVSS 8.8 HIGH]
Mssql
SQLi
Worktime
-
CVE-2025-15041
HIGH
CVSS 7.2
The BackWPup - WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the save_site_option() function in all versions up to, and including, 5.6.2. [CVSS 7.2 HIGH]
WordPress
Privilege Escalation
PHP
-
CVE-2025-14452
HIGH
CVSS 7.2
The WP Customer Reviews plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpcr3_fname' parameter in all versions up to, and including, 3.7.5 due to insufficient input sanitization and output escaping. [CVSS 7.2 HIGH]
WordPress
XSS
PHP
-
CVE-2025-13603
HIGH
CVSS 8.8
WP AUDIO GALLERY (WordPress plugin) versions up to 2.0. is affected by missing authorization (CVSS 8.8).
WordPress
PHP
-
CVE-2025-12975
HIGH
CVSS 7.2
The CTX Feed - WooCommerce Product Feed Manager plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the woo_feed_plugin_installing() function in all versions up to, and including, 6.6.11. [CVSS 7.2 HIGH]
WordPress
RCE
PHP
-
CVE-2025-12845
HIGH
CVSS 8.8
The Tablesome Table - Contact Form DB - WPForms, CF7, Gravity, Forminator, Fluent plugin for WordPress is vulnerable to unauthorized access of data that leads to privilege escalation due to a missing capability check on the get_table_data() function in versions 0.5.4 to 1.2.1. [CVSS 8.8 HIGH]
WordPress
Privilege Escalation
PHP
-
CVE-2025-12821
HIGH
CVSS 8.8
The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 0.2.5.6 to 0.2.6.1. This is due to missing or incorrect nonce validation on the newsblogger_install_and_activate_plugin() function. [CVSS 8.8 HIGH]
WordPress
RCE
CSRF
PHP
-
CVE-2025-12707
HIGH
CVSS 7.5
The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. [CVSS 7.5 HIGH]
WordPress
SQLi
PHP
-
CVE-2025-12107
HIGH
CVSS 8.4
Identity Server versions up to 5.11.0 contains a vulnerability that allows attackers to a malicious actor with admin privilege to inject and execute arbitrary template (CVSS 8.4).
RCE
Identity Server
-
CVE-2025-11754
HIGH
CVSS 7.5
The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. [CVSS 7.5 HIGH]
WordPress
PHP
-
CVE-2025-9062
HIGH
CVSS 7.3
MeCODE Informatics and Engineering Services Ltd. Envanty is affected by authorization bypass through user-controlled key (CVSS 7.3).
Industrial
-
CVE-2025-8054
HIGH
CVSS 7.5
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText™ XM Fax allows Path Traversal. The vulnerability could allow an attacker to arbitrarily disclose content of files on the local filesystem. [CVSS 7.5 HIGH]
Path Traversal
Xm Fax
-
CVE-2025-4960
HIGH
CVSS 7.8
The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. [CVSS 7.8 HIGH]
macOS
Aws
Privilege Escalation
-
CVE-2025-4521
HIGH
CVSS 8.8
The IDonate - Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonate_donor_profile() function in versions 2.1.5 to 2.1.9. [CVSS 8.8 HIGH]
WordPress
Privilege Escalation
PHP
-
CVE-2019-25422
HIGH
CVSS 7.2
Comodo Dome Firewall 2.7.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the vpnfw endpoint. [CVSS 7.2 HIGH]
XSS
Dome Firewall
-
CVE-2019-25419
HIGH
CVSS 7.2
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the schedule endpoint. [CVSS 7.2 HIGH]
XSS
Dome Firewall
-
CVE-2019-25405
HIGH
CVSS 7.2
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the newLicense parameter. [CVSS 7.2 HIGH]
XSS
Dome Firewall
-
CVE-2026-27474
MEDIUM
CVSS 6.1
Reflected XSS in SPIP versions before 4.4.9 permits attackers to execute arbitrary scripts in the private area through insufficiently sanitized input, form, button, and anchor HTML tags. An unauthenticated attacker can craft malicious payloads that bypass the incomplete anti-XSS protection introduced in version 4.4.8, affecting all SPIP installations without the patch.
XSS
Spip
-
CVE-2026-27473
MEDIUM
CVSS 6.4
Stored XSS in SPIP before 4.4.9 allows authenticated attackers to inject malicious scripts through syndicated site URLs that execute in the private administrative area when other admins view syndication details. An attacker with the ability to configure a malicious syndication feed can achieve persistent code execution affecting other administrators. No patch is currently available for this vulnerability.
XSS
Spip
-
CVE-2026-27472
MEDIUM
CVSS 4.3
SPIP versions prior to 4.4.9 contain a blind server-side request forgery vulnerability in the syndication feature that allows authenticated users to manipulate the application into making arbitrary network requests to internal or external systems. An attacker with valid credentials can exploit this by crafting malicious syndication URLs during site editing, bypassing the security filter mechanisms. No patch is currently available for this vulnerability.
SSRF
Spip
-
CVE-2026-27440
MEDIUM
CVSS 6.5
Stored cross-site scripting in myCred versions up to 2.9.7.6 allows authenticated attackers to inject malicious scripts that execute in other users' browsers when viewing affected pages. An attacker with login credentials can leverage the vulnerability to steal session tokens, deface content, or perform actions on behalf of victims. No patch is currently available for this vulnerability.
XSS
-
CVE-2026-27387
MEDIUM
CVSS 5.4
Improper access control in designinvento DirectoryPress up to version 3.6.26 allows authenticated users to modify data and cause service disruptions through misconfigured security levels. An attacker with valid credentials can exploit this vulnerability to manipulate application integrity and availability without requiring user interaction. No patch is currently available for this medium-severity vulnerability.
Authentication Bypass
-
CVE-2026-27368
MEDIUM
CVSS 5.3
SeedProd Coming Soon Page plugin versions 6.19.7 and earlier contain a missing authorization vulnerability that allows unauthenticated attackers to modify application content by exploiting improperly configured access controls. An attacker can leverage this flaw to alter website settings without proper authentication, potentially defacing or redirecting traffic on affected sites. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-27360
MEDIUM
CVSS 5.9
Stored XSS in 10Web Photo Gallery through version 1.8.37 enables authenticated users with high privileges to inject malicious scripts that execute in victims' browsers when they view affected pages. The vulnerability requires user interaction to trigger but can compromise confidentiality, integrity, and availability across different security contexts. No patch is currently available.
XSS
-
CVE-2026-27328
MEDIUM
CVSS 5.3
DevsBlink EduBlink versions 2.0.7 and earlier contain an authorization bypass that allows unauthenticated remote attackers to modify data through improperly configured access controls. The vulnerability enables integrity compromise without requiring authentication or user interaction, affecting all installations of the vulnerable software versions. No patch is currently available to address this issue.
Authentication Bypass
-
CVE-2026-27327
MEDIUM
CVSS 4.3
Authenticated users can modify email configurations in YayMail for WooCommerce through version 4.3.2 due to missing authorization checks on access control settings. An attacker with low-level WordPress user privileges could alter email templates or settings without proper permissions. No patch is currently available for this vulnerability.
WordPress
Authentication Bypass
-
CVE-2026-27094
MEDIUM
CVSS 6.5
GoDaddy CoBlocks through version 3.1.16 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts into web pages, potentially compromising other users who view the affected content. The vulnerability requires user interaction and can impact the confidentiality, integrity, and availability of affected systems. No patch is currently available.
XSS
-
CVE-2026-27092
MEDIUM
CVSS 6.5
Inadequate access control in WPAdverts through version 2.2.11 permits authenticated users to access sensitive information they should not be authorized to view. An attacker with valid login credentials could exploit misconfigured permission checks to read confidential data within the plugin. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-27090
MEDIUM
CVSS 4.3
WP Moose Kenta Companion kenta-companion is affected by cross-site request forgery (csrf) (CVSS 4.3).
CSRF
-
CVE-2026-27074
MEDIUM
CVSS 6.5
Stored XSS in Shortcoder plugin version 6.5.1 and earlier enables authenticated attackers to inject malicious scripts into web pages, affecting all users who view the compromised content. An attacker with user-level privileges can execute arbitrary JavaScript in victims' browsers through improper input sanitization during page generation. No patch is currently available.
XSS
-
CVE-2026-27069
MEDIUM
CVSS 6.5
DOM-based cross-site scripting in PenciDesign Soledad through version 8.7.2 allows authenticated users with low privileges to inject malicious scripts that execute in other users' browsers, potentially leading to session hijacking or data theft. The vulnerability requires user interaction and impacts the confidentiality, integrity, and availability of affected installations. No patch is currently available.
XSS
-
CVE-2026-27066
MEDIUM
CVSS 5.3
PI Web Solution Live sales notification for WooCommerce live-sales-notifications-for-woocommerce is affected by missing authorization (CVSS 5.3).
WordPress
Authentication Bypass
-
CVE-2026-27059
MEDIUM
CVSS 6.5
DOM-based cross-site scripting in PenciDesign Penci Recipe plugin version 4.1 and earlier allows authenticated attackers to inject malicious scripts that execute in users' browsers, potentially stealing session data or performing actions on behalf of affected users. The vulnerability requires user interaction and affects installations using vulnerable versions of the Penci Recipe component.
XSS
-
CVE-2026-27058
MEDIUM
CVSS 6.5
DOM-based cross-site scripting in PenciDesign Penci Podcast through version 1.7 allows authenticated attackers to inject malicious scripts that execute in users' browsers with user interaction. An attacker with login credentials can exploit improper input sanitization during page generation to steal session tokens, redirect users, or perform actions on their behalf. No patch is currently available for this vulnerability.
XSS
-
CVE-2026-27057
MEDIUM
CVSS 6.5
PenciDesign Penci Filter Everything penci-filter-everything is affected by cross-site scripting (xss) (CVSS 6.5).
XSS
-
CVE-2026-27056
MEDIUM
CVSS 4.3
Improper access control in StellarWP iThemes Sync through version 3.2.8 allows authenticated attackers to modify data they should not have permission to access. An attacker with valid login credentials could exploit misconfigured authorization checks to perform unauthorized modifications within the plugin. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-27055
MEDIUM
CVSS 4.3
Penci AI SmartContent Creator version 2.0 and earlier contains an authorization bypass vulnerability that allows authenticated users to perform unauthorized actions due to improperly configured access controls. An attacker with valid credentials could exploit this to modify data or functionality they should not have access to. No patch is currently available for this issue.
Authentication Bypass
AI / ML
-
CVE-2026-27050
MEDIUM
CVSS 5.4
ThimPress RealPress versions up to 1.1.0 are vulnerable to cross-site request forgery attacks that could allow attackers to perform unauthorized actions on behalf of authenticated users. An attacker can exploit this vulnerability by tricking users into visiting a malicious webpage, resulting in integrity and availability impacts. No patch is currently available for this vulnerability.
CSRF
-
CVE-2026-27042
MEDIUM
CVSS 5.3
Unauthorized modification of content is possible in WPDeveloper NotificationX through version 3.2.1 due to improper access control checks that allow unauthenticated attackers to manipulate notification data. This vulnerability affects all installations of the plugin without authentication requirements, enabling attackers to alter or inject malicious content. No security patch is currently available.
Authentication Bypass
-
CVE-2026-27014
MEDIUM
CVSS 5.5
NanaZip versions 5.0.1252.0 through 6.0.1629.0 are vulnerable to denial of service through malformed ROMFS archives that trigger infinite loops via circular offset chains or stack overflow via deeply nested directory structures. Public exploit code exists for this vulnerability, allowing local attackers to crash the application and cause a denial of service. No patch is currently available.
Stack Overflow
Nanazip
-
CVE-2026-26953
MEDIUM
CVSS 5.4
Stored HTML injection in Pi-hole Admin Interface versions 6.0+ allows authenticated attackers to inject arbitrary HTML into the active sessions table via the X-Forwarded-For header, which is unsafely rendered when administrators view the API settings page. Public exploit code exists for this vulnerability, affecting administrators who manage Pi-hole instances. An attacker with valid credentials can exploit this to perform client-side attacks against other administrators viewing the compromised session data.
Python
Jquery
Web Interface
-
CVE-2026-26952
MEDIUM
CVSS 5.4
Pi-hole Admin Interface versions 6.4 and below allow authenticated administrators to inject stored HTML code through improperly sanitized DNS record inputs, enabling persistent attacks visible to any user viewing the DNS records table. The vulnerability exists in the populateDataTable() function which fails to escape special characters in user-supplied data before inserting it into HTML attributes. An attacker with admin privileges can inject malicious code that executes each time the DNS records page is accessed.
Dns
Web Interface
-
CVE-2026-26744
MEDIUM
CVSS 5.3
FormaLMS 4.1.18 and earlier allows unauthenticated attackers to enumerate valid usernames through the password recovery endpoint by observing differential error messages. This user enumeration vulnerability could enable an attacker to build a list of active accounts for targeted attacks. No patch is currently available for this medium-severity issue.
Information Disclosure
Formalms
-
CVE-2026-26361
MEDIUM
CVSS 6.5
Dell Unisphere for PowerMax 10.2 contains a file path control vulnerability that allows authenticated remote attackers to disclose sensitive information. The vulnerability requires low-privileged credentials and network access but no user interaction, making it accessible to internal threats or compromised accounts. Currently no patch is available to remediate this issue.
Information Disclosure
Unisphere For Powermax
-
CVE-2026-26345
MEDIUM
CVSS 5.4
Stored XSS in SPIP before 4.4.8 allows authenticated users with content-editing privileges to inject malicious scripts through inadequate sanitization in the echapper_html_suspect() function, which then execute in the browsers of other users including administrators. Attackers can exploit this vulnerability to perform unauthorized actions and modify application state within the security context of victim users. No patch is currently available.
XSS
Spip
-
CVE-2026-26327
MEDIUM
CVSS 6.5
OpenClaw's mDNS/Bonjour discovery beacons transmit unauthenticated TXT records that iOS, macOS, and Android clients treat as authoritative for routing and TLS certificate pinning, allowing an attacker on a shared LAN to advertise a rogue service and redirect connections to attacker-controlled endpoints. An attacker can exploit this to bypass TLS pinning validation and potentially capture Gateway credentials through man-in-the-middle attacks. The vulnerability affects OpenClaw versions prior to 2026.2.14 and requires network proximity but no user interaction.
macOS
Android
iOS
Tls
AI / ML
-
CVE-2026-26326
MEDIUM
CVSS 4.3
OpenClaw versions prior to 2026.2.14 expose sensitive configuration secrets through the skills.status endpoint to clients with operator.read privileges, allowing authenticated attackers to retrieve raw credential values including Discord tokens. The vulnerability affects AI/ML deployments where read-scoped access is intended to be non-sensitive; affected users should upgrade to version 2026.2.14 or later and rotate any exposed Discord tokens.
Information Disclosure
AI / ML
Openclaw
-
CVE-2026-26320
MEDIUM
CVSS 6.5
OpenClaw macOS desktop client versions 2026.2.6 through 2026.2.13 fail to fully display message content in confirmation dialogs for deep links, allowing attackers to hide malicious payloads behind whitespace that users cannot see before execution. When a user approves the truncated preview and clicks "Run," the full hidden message executes, potentially leading to arbitrary command execution depending on the user's configured permissions. This affects beta versions of the OpenClaw AI assistant on macOS where the openclaw:// URL scheme is registered without proper authentication.
macOS
AI / ML
Openclaw
-
CVE-2026-26312
MEDIUM
CVSS 6.5
Denial-of-service in Stalwart Mail Server versions 0.13.0 through 0.15.4 allows authenticated users to crash the server by sending a specially crafted email with malformed nested MIME parts through IMAP or JMAP, triggering infinite loops and resource exhaustion. The vulnerability requires valid credentials to exploit and public exploit code exists, but no patch is currently available for affected versions.
Denial Of Service
Stalwart
-
CVE-2026-26282
MEDIUM
CVSS 6.6
NanaZip versions 5.0.1252.0 through 6.0.1629.0 contain an out-of-bounds heap read in the .NET Single File bundle parser that can crash the application or expose sensitive heap memory when processing malicious archive files. A local attacker with user privileges can exploit this vulnerability by crafting a specially formatted file, and public exploit code is currently available. No patch is yet available for affected users.
Dotnet
Denial Of Service
Nanazip
-
CVE-2026-26223
MEDIUM
CVSS 6.1
Improper iframe sanitization in SPIP before 4.4.8 enables stored cross-site scripting attacks within the private administrative area, allowing attackers to execute arbitrary JavaScript in the context of backend users. An unauthenticated attacker can inject malicious iframe tags that bypass the application's security filters and execute in victims' browsers when they access the affected area. No patch is currently available and the built-in SPIP security screen does not mitigate this vulnerability.
XSS
Spip
-
CVE-2026-26203
MEDIUM
CVSS 6.5
PJSIP versions before 2.17 contain a use-after-free vulnerability in the H.264 packetizer that allows local attackers with user privileges to cause denial of service through malformed H.264 bitstreams lacking proper NAL unit markers. The flaw stems from inadequate pointer validation during packet processing, enabling out-of-bounds memory access that crashes the application. A patch is available in version 2.17 and later.
Use After Free
Pjsip
-
CVE-2026-26189
MEDIUM
CVSS 5.9
Trivy Action versions 0.31.0 through 0.33.1 allow remote code execution on GitHub Actions runners due to insufficient input sanitization when constructing shell environment variable exports. An attacker with repository access can inject shell metacharacters through action inputs to achieve arbitrary command execution in the runner context. The vulnerability requires high privileges to exploit and is addressed in version 0.34.0.
Docker
Github
Command Injection
Trivy Action
-
CVE-2026-26059
MEDIUM
CVSS 5.4
Stored cross-site scripting in ChurchCRM versions before 6.8.2 allows authenticated users with group editing permissions to inject malicious JavaScript that executes when other users view affected groups. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires user interaction and can result in session hijacking or unauthorized actions performed on behalf of affected users.
XSS
Churchcrm
-
CVE-2026-26057
MEDIUM
CVSS 6.5
Skill Scanner versions 1.0.1 and earlier expose an unauthenticated API endpoint due to improper interface binding, allowing remote attackers to trigger memory exhaustion or upload arbitrary files to the affected system. An attacker can exploit this without authentication by sending crafted API requests to the exposed server. A patch is available to address this network-accessible vulnerability.
Denial Of Service
AI / ML
Skill Scanner
-
CVE-2026-25766
MEDIUM
CVSS 5.3
Unauthenticated remote file read in Echo web framework versions 5.0.0-5.0.2 on Windows allows attackers to traverse outside the static root directory and access arbitrary files via backslash path sequences in requests. The vulnerability stems from improper path normalization where path.Clean() does not treat backslashes as separators, but the underlying os.Open() call on Windows does, enabling directory traversal. Public exploit code exists for this medium-severity vulnerability, though a patch is available in version 5.0.3.
Windows
Golang
Path Traversal
Echo
Suse
-
CVE-2026-25739
MEDIUM
CVSS 5.4
Cross-site scripting in Indico prior to version 3.3.10 allows authenticated users to inject malicious scripts through material file uploads, potentially compromising other users' sessions or stealing sensitive data. The vulnerability affects Indico deployments using Flask-Multipass authentication and requires both user interaction and authenticated access to exploit. A patch is available, and administrators should upgrade to version 3.3.10 and update webserver configurations to enforce strict Content Security Policy for file downloads.
Nginx
Github
Flask
XSS
Indico
-
CVE-2026-25738
MEDIUM
CVSS 4.3
Indico versions before 3.3.10 allow authenticated event organizers to conduct server-side request forgery attacks by providing arbitrary URLs that the application will access, potentially exposing internal services and cloud metadata endpoints. An attacker with event organizer privileges can leverage this to retrieve sensitive data from localhost or cloud infrastructure endpoints that lack authentication controls. The vulnerability affects deployments on cloud platforms like AWS where metadata services are accessible; administrators should upgrade to version 3.3.10 to remediate.
Golang
Flask
SSRF
Indico
-
CVE-2026-25527
MEDIUM
CVSS 5.3
Changedetection.io versions before 0.53.2 allow unauthenticated attackers to read arbitrary files from the application directory through directory traversal in the static file serving endpoint. An attacker can exploit this by manipulating the group parameter to escape the intended static directory and access sensitive application files like source code. Public exploit code exists for this vulnerability, which has been patched in version 0.53.2.
Flask
Changedetection
-
CVE-2026-25473
MEDIUM
CVSS 5.4
AA-Team WZone through version 14.0.31 contains a missing authorization vulnerability that allows authenticated users to bypass access control restrictions. An attacker with valid credentials could exploit this misconfiguration to modify data or cause service unavailability. No patch is currently available for this issue.
Authentication Bypass
-
CVE-2026-25472
MEDIUM
CVSS 6.5
Stored cross-site scripting in ThemeFusion Fusion Builder through version 3.14.3 allows authenticated attackers to inject malicious scripts that execute in other users' browsers when viewing affected pages. An attacker with login credentials can leverage this vulnerability to steal session cookies, redirect users, or perform actions on their behalf. No patch is currently available for this vulnerability.
XSS
-
CVE-2026-25463
MEDIUM
CVSS 6.5
Stored cross-site scripting in WpEstate Wpresidence Core through version 5.4.0 enables authenticated attackers to inject malicious scripts that execute in other users' browsers, potentially leading to session hijacking or credential theft. The vulnerability requires user interaction to trigger the payload and affects the broader site context, making it a persistence risk for compromised WordPress installations. No patch is currently available.
XSS
-
CVE-2026-25459
MEDIUM
CVSS 4.3
Improper access control in uixthemes Sober through version 3.5.12 enables authenticated attackers to modify data or resources they should not have permission to access. An attacker with valid login credentials can bypass authorization checks to perform unauthorized actions. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25453
MEDIUM
CVSS 6.5
DOM-based cross-site scripting in Advanced iFrame plugin through version 2025.10 allows authenticated attackers to inject malicious scripts that execute in users' browsers, potentially compromising session data and user interactions. The vulnerability requires user interaction and network access but can affect multiple security domains due to its scope impact. No patch is currently available.
XSS
-
CVE-2026-25451
MEDIUM
CVSS 6.5
Bold Page Builder through version 5.6.4 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts into web pages. An attacker with user privileges can craft malicious input that persists in the application and executes in the browsers of other users who view the affected pages, potentially leading to credential theft or unauthorized actions. No patch is currently available for this vulnerability.
XSS
-
CVE-2026-25441
MEDIUM
CVSS 5.3
LeadConnector versions 3.0.21 and earlier contain an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data due to improperly configured access controls. An attacker can exploit this vulnerability without authentication or user interaction to tamper with application data, though confidentiality and availability are not affected. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25432
MEDIUM
CVSS 6.5
Stored cross-site scripting in Omnipress versions 1.6.7 and earlier allows authenticated users to inject malicious scripts that execute in other users' browsers, potentially compromising session data and user interactions. The vulnerability requires user interaction to trigger but can affect any user viewing the affected content due to its stored nature. No patch is currently available.
XSS
-
CVE-2026-25428
MEDIUM
CVSS 4.4
Server-Side Request Forgery in totalsoft TS Poll versions 2.5.5 and earlier enables authenticated attackers with high privileges to make arbitrary network requests from the affected server. While this MEDIUM severity vulnerability (CVSS 4.4) requires high-privilege credentials and difficult exploitation conditions, it could facilitate reconnaissance or attacks against internal resources. No patch is currently available.
SSRF
-
CVE-2026-25422
MEDIUM
CVSS 5.4
Themes4WP Popularis Extra popularis-extra is affected by cross-site request forgery (csrf) (CVSS 5.4).
CSRF
-
CVE-2026-25420
MEDIUM
CVSS 4.3
MailerLite MailerLite official-mailerlite-sign-up-forms is affected by missing authorization (CVSS 4.3).
Authentication Bypass
-
CVE-2026-25419
MEDIUM
CVSS 4.3
UpsellWP versions 2.2.3 and earlier contain an authorization bypass vulnerability that allows authenticated users to access checkout upsell features they should not have permission to modify. An attacker with low-privilege account access could exploit improper access control to manipulate order bump and upsell configurations, potentially affecting store operations and revenue.
Authentication Bypass
-
CVE-2026-25416
MEDIUM
CVSS 4.3
blazethemes News Kit Elementor Addons news-kit-elementor-addons is affected by missing authorization (CVSS 4.3).
Authentication Bypass
-
CVE-2026-25415
MEDIUM
CVSS 5.3
Inadequate access control in WPBookit Pro through version 1.6.18 permits unauthenticated attackers to modify data by bypassing authorization checks. The vulnerability allows remote attackers without credentials to perform unauthorized actions on the plugin, affecting all installations running the vulnerable versions. No patch is currently available to remediate this issue.
Authentication Bypass
-
CVE-2026-25411
MEDIUM
CVSS 4.3
themastercut Revision Manager TMC revision-manager-tmc is affected by cross-site request forgery (csrf) (CVSS 4.3).
CSRF
-
CVE-2026-25410
MEDIUM
CVSS 4.3
The WP-CORS WordPress plugin through version 0.2.2 contains an authorization bypass that allows authenticated users to modify content due to improperly configured access controls. An attacker with valid WordPress credentials could exploit this to make unauthorized changes to website data. No patch is currently available for this vulnerability.
WordPress
-
CVE-2026-25409
MEDIUM
CVSS 4.3
crgeary JAMstack Deployments wp-jamstack-deployments is affected by missing authorization (CVSS 4.3).
WordPress
-
CVE-2026-25408
MEDIUM
CVSS 5.3
Broken Link Notifier plugin versions 1.3.5 and earlier contain an authorization bypass vulnerability that allows unauthenticated attackers to modify data through improperly configured access controls. An attacker can exploit this flaw to alter link notifications without proper authentication, potentially disrupting the plugin's functionality or manipulating stored information. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25407
MEDIUM
CVSS 4.3
Cookiebot versions 4.6.4 and earlier contain an access control bypass that allows authenticated attackers to exploit misconfigured security levels and gain unauthorized access to sensitive information. An attacker with low-level user credentials can leverage this vulnerability to read restricted data without proper authorization. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25404
MEDIUM
CVSS 5.3
Improper access control in WP Job Manager through version 2.4.0 permits unauthenticated attackers to access sensitive information by bypassing authorization checks. The vulnerability affects WordPress sites running the vulnerable plugin and could allow unauthorized disclosure of job-related data. No patch is currently available.
WordPress
-
CVE-2026-25402
MEDIUM
CVSS 4.3
The echo-knowledge-base plugin through version 16.011.0 fails to properly enforce access controls, enabling authenticated users to modify content they should not have permission to change. An attacker with valid login credentials could exploit misconfigured authorization rules to alter documentation or FAQ entries within the knowledge base system.
Authentication Bypass
AI / ML
-
CVE-2026-25399
MEDIUM
CVSS 4.3
CryoutCreations Serious Slider cryout-serious-slider is affected by missing authorization (CVSS 4.3).
Authentication Bypass
-
CVE-2026-25395
MEDIUM
CVSS 4.3
Insufficient access control in ikreatethemes Business Roy versions up to 1.1.4 enables authenticated users to modify data they should not have permission to access. An attacker with valid credentials could exploit misconfigured security levels to perform unauthorized changes within the application. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25394
MEDIUM
CVSS 4.3
Sparklewpthemes Fitness FSE plugin versions up to 1.0.6 contains a missing authorization check that allows authenticated users to modify content they should not have access to. An attacker with low-level user privileges can exploit this access control misconfiguration to alter website data without proper permission.
Authentication Bypass
-
CVE-2026-25393
MEDIUM
CVSS 4.3
Unauthorized data modification in Hello FSE WordPress theme version 1.0.6 and earlier results from improper access control enforcement. Authenticated users can exploit this vulnerability to make unauthorized changes to website content or settings without proper permission checks.
Authentication Bypass
-
CVE-2026-25392
MEDIUM
CVSS 4.7
The Update URLs WordPress plugin through version 1.4.0 contains an open redirect vulnerability that allows unauthenticated attackers to craft malicious links redirecting users to arbitrary external sites, enabling phishing attacks. The vulnerability requires user interaction to click a crafted link but has no patch currently available. Affected WordPress sites using this plugin should upgrade or disable it immediately.
WordPress
Open Redirect
-
CVE-2026-25391
MEDIUM
CVSS 5.4
WP Wand AI Content Generation plugin for WordPress versions up to 1.3.07 contains an authorization bypass that allows authenticated users to modify or disable plugin functionality through improper access control enforcement. An attacker with user-level credentials can exploit this vulnerability to cause service disruption or data integrity issues. No patch is currently available.
Authentication Bypass
WordPress
AI / ML
-
CVE-2026-25389
MEDIUM
CVSS 5.3
Metagauss EventPrime eventprime-event-calendar-management contains a security vulnerability (CVSS 5.3).
Information Disclosure
-
CVE-2026-25388
MEDIUM
CVSS 5.4
Inadequate access control in scripteo Ads Pro plugin version 5.0 and earlier enables authenticated attackers to modify data and cause service disruptions through misconfigured security levels. An attacker with valid credentials can exploit this vulnerability to bypass authorization checks and alter plugin functionality without administrative privileges. No patch is currently available.
Authentication Bypass
-
CVE-2026-25387
MEDIUM
CVSS 4.3
Elementor Image Optimizer by Elementor image-optimization is affected by missing authorization (CVSS 4.3).
Authentication Bypass
-
CVE-2026-25386
MEDIUM
CVSS 5.3
Elementor Ally versions up to 4.0.2 contain an authorization bypass vulnerability that allows unauthenticated remote attackers to modify content through improperly configured access controls. The vulnerability has a network attack vector with low complexity and no user interaction required, potentially enabling unauthorized alterations to website content. No patch is currently available.
Authentication Bypass
-
CVE-2026-25385
MEDIUM
CVSS 5.5
KaizenCoders URL Shortify versions up to 1.12.3 contain a server-side request forgery vulnerability that allows high-privileged attackers to make arbitrary HTTP requests from the affected server without user interaction. An authenticated attacker could exploit this flaw to access internal resources, interact with backend services, or perform reconnaissance on the internal network. No patch is currently available for this vulnerability.
SSRF
-
CVE-2026-25384
MEDIUM
CVSS 5.3
WP-Lister Lite for eBay through version 3.8.5 contains a missing authorization vulnerability allowing unauthenticated remote attackers to bypass access controls and gain unauthorized information disclosure. The improper access control configuration enables attackers to exploit the plugin's functionality without proper authentication or permissions. No patch is currently available for affected WordPress installations.
WordPress
-
CVE-2026-25375
MEDIUM
CVSS 4.3
WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite is affected by missing authorization (CVSS 4.3).
Authentication Bypass
WordPress
-
CVE-2026-25374
MEDIUM
CVSS 5.3
Inadequate access control in raratheme Spa and Salon plugin versions 1.3.2 and earlier permits unauthorized users to modify sensitive data through improperly configured security levels. An unauthenticated remote attacker can exploit this vulnerability to perform unauthorized actions without authentication. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25372
MEDIUM
CVSS 6.5
Kodezen Academy LMS versions up to 3.5.3 contain an access control misconfiguration that allows authenticated users to modify data they should not have permission to access. An attacker with valid credentials can exploit this missing authorization check to perform unauthorized changes, though no public exploit code or active exploitation has been reported. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25370
MEDIUM
CVSS 5.3
Improper access control in the WP Compress image optimizer plugin for WordPress (versions up to 6.60.28) enables unauthenticated attackers to modify plugin data and settings. The vulnerability allows unauthorized manipulation of the plugin's functionality without requiring user interaction or special network conditions. Currently, no patch is available for affected installations.
WordPress
-
CVE-2026-25368
MEDIUM
CVSS 6.5
codepeople Calculated Fields Form calculated-fields-form is affected by missing authorization (CVSS 6.5).
Authentication Bypass
-
CVE-2026-25367
MEDIUM
CVSS 5.3
NooTheme CitiLights versions below 3.7.2 contain an authorization bypass that allows unauthenticated remote attackers to modify data through improperly configured access controls. The vulnerability enables unauthorized state changes without requiring user interaction or elevated privileges. A patch is not currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25364
MEDIUM
CVSS 5.3
BoldGrid Client Invoicing by Sprout Invoices sprout-invoices is affected by missing authorization (CVSS 5.3).
Authentication Bypass
-
CVE-2026-25363
MEDIUM
CVSS 4.3
FooGallery through version 3.1.11 contains a missing authorization check that allows authenticated users to modify gallery content they should not have access to. An attacker with valid login credentials can exploit improperly configured access controls to alter galleries, potentially defacing or corrupting gallery data. No patch is currently available.
Authentication Bypass
-
CVE-2026-25362
MEDIUM
CVSS 5.9
Stored XSS in FooGallery through version 3.1.11 allows authenticated users with high privileges to inject malicious scripts that execute in other users' browsers when viewing gallery content. An attacker with administrative or elevated access could leverage this vulnerability to steal session tokens, modify gallery data, or redirect users to malicious sites. A patch is not currently available for affected installations.
XSS
-
CVE-2026-25348
MEDIUM
CVSS 5.3
Improper access control in Alt Text AI versions up to 1.10.15 enables unauthenticated remote attackers to cause denial of service through misconfigured authorization checks. The vulnerability allows an attacker to disrupt service availability without requiring authentication or user interaction. No patch is currently available for this issue.
Authentication Bypass
AI / ML
-
CVE-2026-25343
MEDIUM
CVSS 5.9
DOM-based cross-site scripting in VeronaLabs WP SMS plugin version 7.1 and earlier for WordPress allows authenticated attackers with high privileges to execute arbitrary JavaScript in users' browsers through improper input handling. An attacker could exploit this vulnerability to steal session cookies, perform unauthorized actions on behalf of users, or deface web pages. No patch is currently available for this vulnerability.
WordPress
XSS
-
CVE-2026-25338
MEDIUM
CVSS 5.3
Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant is affected by missing authorization (CVSS 5.3).
Authentication Bypass
AI / ML
-
CVE-2026-25337
MEDIUM
CVSS 5.4
Coachify versions 1.1.5 and earlier contain a cross-site request forgery vulnerability that allows unauthenticated attackers to perform unintended actions on behalf of authenticated users through crafted requests. An attacker can leverage this to modify user data or trigger unwanted functionality with user interaction. No patch is currently available for this vulnerability.
CSRF
-
CVE-2026-25336
MEDIUM
CVSS 5.3
Coachify plugin versions 1.1.5 and earlier contain an authorization bypass that allows unauthenticated remote attackers to exploit misconfigured access controls. This vulnerability enables denial of service attacks without requiring user interaction or authentication.
Authentication Bypass
-
CVE-2026-25335
MEDIUM
CVSS 4.3
Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection is affected by missing authorization (CVSS 4.3).
Authentication Bypass
-
CVE-2026-25333
MEDIUM
CVSS 5.3
The Shopwell theme for Shopify versions 1.0.11 and earlier contains improper access control that allows unauthenticated remote attackers to view sensitive information through incorrectly configured authorization checks. This vulnerability exposes confidential data without requiring authentication or user interaction. No patch is currently available.
Authentication Bypass
-
CVE-2026-25332
MEDIUM
CVSS 5.3
Fahad Mahmood Endless Posts Navigation endless-posts-navigation is affected by missing authorization (CVSS 5.3).
Authentication Bypass
-
CVE-2026-25331
MEDIUM
CVSS 6.5
Melapress WP Activity Log wp-security-audit-log is affected by cross-site scripting (xss) (CVSS 6.5).
WordPress
XSS
-
CVE-2026-25330
MEDIUM
CVSS 4.3
PublishPress PublishPress Authors publishpress-authors is affected by missing authorization (CVSS 4.3).
Authentication Bypass
-
CVE-2026-25329
MEDIUM
CVSS 4.3
ExpressTech Systems Quiz And Survey Master quiz-master-next is affected by missing authorization (CVSS 4.3).
Authentication Bypass
-
CVE-2026-25325
MEDIUM
CVSS 5.3
The rtMedia plugin for WordPress versions up to 4.7.8 exposes sensitive system information through an information disclosure vulnerability that allows unauthenticated remote attackers to retrieve embedded data. This vulnerability affects WordPress installations using rtMedia with BuddyPress and bbPress extensions, potentially exposing confidential system details to unauthorized users. No patch is currently available for this medium-severity issue.
WordPress
-
CVE-2026-25324
MEDIUM
CVSS 5.3
ExpressTech Systems Quiz And Survey Master quiz-master-next is affected by authorization bypass through user-controlled key (CVSS 5.3).
Authentication Bypass
-
CVE-2026-25323
MEDIUM
CVSS 4.3
Improper access control in MiKa OSM through version 6.1.12 allows authenticated users to modify data or settings they should not have permission to access. An attacker with valid credentials could exploit misconfigured security levels to escalate privileges or alter system configuration. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25322
MEDIUM
CVSS 5.4
PublishPress PublishPress Revisions revisionary is affected by cross-site request forgery (csrf) (CVSS 5.4).
CSRF
-
CVE-2026-25321
MEDIUM
CVSS 5.3
Insufficient access control in SupportCandy plugin versions 3.4.4 and earlier allows unauthenticated remote attackers to modify data through improperly configured security permissions. This vulnerability affects WordPress installations using the vulnerable plugin, enabling attackers to perform unauthorized actions without requiring authentication. No patch is currently available for this issue.
Authentication Bypass
-
CVE-2026-25320
MEDIUM
CVSS 5.3
Cool Plugins Elementor Contact Form DB sb-elementor-contact-form-db is affected by missing authorization (CVSS 5.3).
Authentication Bypass
-
CVE-2026-25319
MEDIUM
CVSS 4.3
wpzita Zita Elementor Site Library zita-site-library is affected by cross-site request forgery (csrf) (CVSS 4.3).
CSRF
-
CVE-2026-25318
MEDIUM
CVSS 4.3
Wisernotify team WiserReview Product Reviews for WooCommerce wiser-review is affected by missing authorization (CVSS 4.3).
WordPress
-
CVE-2026-25315
MEDIUM
CVSS 5.3
hcaptcha hCaptcha for WP hcaptcha-for-forms-and-more is affected by missing authorization (CVSS 5.3).
Authentication Bypass
-
CVE-2026-25314
MEDIUM
CVSS 4.3
WP Messiah TOP Table Of Contents top-table-of-contents is affected by missing authorization (CVSS 4.3).
Authentication Bypass
WordPress
-
CVE-2026-25313
MEDIUM
CVSS 4.3
FluentForm versions 6.1.14 and earlier contain an access control bypass that allows authenticated users to perform unauthorized modifications. An attacker with valid credentials can exploit improperly configured security levels to alter data they should not have access to. No patch is currently available.
Authentication Bypass
-
CVE-2026-25311
MEDIUM
CVSS 5.4
Improper access control in 10up Autoshare for Twitter through version 2.3.1 enables authenticated users to modify or disable sharing functionality without proper authorization checks. An attacker with limited privileges could exploit this vulnerability to disrupt social media publishing workflows or cause service unavailability for legitimate users. No patch is currently available for this medium-severity vulnerability.
Authentication Bypass
-
CVE-2026-25310
MEDIUM
CVSS 4.9
D-Link products versions 2.0.0 and earlier are vulnerable to server-side request forgery (SSRF) that allows authenticated attackers to make arbitrary HTTP requests from the affected system. This MEDIUM severity vulnerability requires valid credentials but enables attackers to bypass network controls and potentially access internal resources or services. No patch is currently available.
D-Link
SSRF
-
CVE-2026-25308
MEDIUM
CVSS 4.3
Improper access control in wp.insider Simple Membership plugin versions 4.6.9 and earlier allows authenticated users to bypass security level restrictions and modify content they should not have access to. An attacker with valid credentials can exploit misconfigured access controls to escalate privileges within the plugin. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-25307
MEDIUM
CVSS 6.5
DOM-based XSS in the 8theme XStore Core et-core-plugin versions below 5.7 enables authenticated attackers to inject malicious scripts that execute in users' browsers through improper input handling during page generation. An attacker with user-level privileges and ability to trigger user interaction can exploit this to steal session data, perform actions on behalf of victims, or redirect users to malicious sites. No patch is currently available for this medium-severity vulnerability.
XSS
-
CVE-2026-25305
MEDIUM
CVSS 6.5
DOM-based cross-site scripting in 8theme XStore through version 9.6.4 allows authenticated attackers to inject malicious scripts that execute in users' browsers, potentially stealing sensitive information or performing actions on behalf of victims. The vulnerability requires user interaction and affects the scope beyond the vulnerable component, with no patch currently available.
XSS
-
CVE-2026-25229
MEDIUM
CVSS 6.5
Gogs versions 0.13.4 and earlier contain an access control bypass in the label management function that allows authenticated users to modify labels across repositories they don't own. The vulnerability stems from insufficient validation in the label update endpoint, enabling cross-repository label tampering attacks. Public exploit code exists for this issue, though a patch is available in version 0.14.1.
Authentication Bypass
Gogs
Suse
-
CVE-2026-25008
MEDIUM
CVSS 4.3
Ninja Tables plugin through version 5.2.5 inadvertently exposes sensitive data in outbound communications, allowing authenticated users to retrieve embedded sensitive information. This authenticated vulnerability affects all installations of the affected versions, though exploitation requires valid user credentials. No patch is currently available.
Information Disclosure
-
CVE-2026-25006
MEDIUM
CVSS 5.3
XStore versions 9.6.4 and earlier fail to properly sanitize HTML script tags, enabling attackers to inject malicious code that executes in users' browsers. This stored or reflected cross-site scripting vulnerability requires no authentication or user interaction, allowing attackers to steal session tokens, deface content, or redirect users to malicious sites. No patch is currently available, leaving affected installations vulnerable.
Code Injection
-
CVE-2026-25005
MEDIUM
CVSS 5.3
N-Media Frontend File Manager nmedia-user-file-uploader is affected by authorization bypass through user-controlled key (CVSS 5.3).
Authentication Bypass
-
CVE-2026-25004
MEDIUM
CVSS 4.8
CreativeMindsSolutions CM Business Directory cm-business-directory is affected by cross-site scripting (xss) (CVSS 4.8).
XSS
-
CVE-2026-25003
MEDIUM
CVSS 4.3
Improper access control in madalin.ungureanu Client Portal versions up to 1.2.1 allows authenticated users to modify data they should not have access to due to incorrectly configured security levels. An attacker with valid credentials can exploit this missing authorization check to perform unauthorized modifications, though no patch is currently available.
Authentication Bypass
-
CVE-2026-25000
MEDIUM
CVSS 5.3
Kraft Plugins Wheel of Life version 1.2.0 and earlier contains a missing authorization vulnerability that allows unauthenticated remote attackers to modify data through incorrectly configured access controls. The vulnerability enables integrity attacks against affected installations without requiring user interaction. No patch is currently available.
Authentication Bypass
-
CVE-2026-24999
MEDIUM
CVSS 5.3
The Alma payment gateway plugin for WooCommerce versions up to 5.16.1 contains an authorization bypass that allows unauthenticated attackers to modify data through improper access control enforcement. WordPress sites using this plugin are at risk of unauthorized changes to payment-related settings or configurations. A patch is not currently available, making immediate mitigation through plugin disabling or version control necessary.
WordPress
-
CVE-2026-24392
MEDIUM
CVSS 5.9
Stored XSS in HurryTimer through version 2.14.2 enables authenticated attackers with high privileges to inject malicious scripts that execute in other users' browsers, potentially compromising session data or performing unauthorized actions. The vulnerability requires user interaction to trigger but can affect multiple users due to its persistent nature. No patch is currently available.
XSS
-
CVE-2026-24375
MEDIUM
CVSS 5.3
WP Swings Ultimate Gift Cards For WooCommerce woo-gift-cards-lite is affected by missing authorization (CVSS 5.3).
WordPress
-
CVE-2026-24126
MEDIUM
CVSS 6.6
Weblate versions up to 5.16.0 contains a vulnerability that allows attackers to an argument injection to `ssh-add` (CVSS 6.6).
Ssh
Weblate
Suse
-
CVE-2026-23804
MEDIUM
CVSS 5.4
BBR Plugins Better Business Reviews better-business-reviews is affected by missing authorization (CVSS 5.4).
Authentication Bypass
-
CVE-2026-23803
MEDIUM
CVSS 6.4
Burhan Nasir Smart Auto Upload Images smart-auto-upload-images is affected by server-side request forgery (ssrf) (CVSS 6.4).
SSRF
-
CVE-2026-23621
MEDIUM
CVSS 4.3
GFI MailEssentials AI versions prior to 22.4 allow authenticated users to enumerate arbitrary directories on the server through the ListServer.IsPathExist() web method, which fails to validate filesystem paths before checking their existence. An attacker with valid credentials can exploit this information disclosure vulnerability to map the server's directory structure and identify sensitive locations. No patch is currently available for this vulnerability.
RCE
Mailessentials
-
CVE-2026-23620
MEDIUM
CVSS 4.3
GFI MailEssentials AI versions before 22.4 expose a file enumeration vulnerability in the ListServer.IsDBExist() web method that allows authenticated users to probe arbitrary filesystem paths and determine file existence on the server. An attacker can exploit this by submitting unrestricted paths via the JSON "path" parameter, which are processed without validation, disclosing sensitive information about the server's filesystem structure. No patch is currently available for this vulnerability.
RCE
Mailessentials
-
CVE-2026-23619
MEDIUM
CVSS 5.4
GFI MailEssentials AI versions before 22.4 contain a stored XSS vulnerability in the Local Domains settings page that allows authenticated users to inject malicious scripts into the txtDescription parameter, which are then executed when administrators view the management interface. An attacker with valid credentials can exploit this to perform actions as a logged-in administrator or steal sensitive information from the management console. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23618
MEDIUM
CVSS 5.4
Stored cross-site scripting in GFI MailEssentials AI before version 22.4 allows authenticated users to inject malicious JavaScript through the Spam Keyword Checking interface, which executes when administrators access the management console. An attacker with valid credentials can exploit this to steal session tokens, modify security policies, or perform actions on behalf of logged-in administrators. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23617
MEDIUM
CVSS 5.4
GFI MailEssentials AI prior to version 22.4 is vulnerable to stored cross-site scripting in the Spam Keyword Checking interface, where authenticated users can inject malicious scripts that execute when administrators access the management console. An attacker with valid credentials can leverage this to perform actions on behalf of logged-in users or steal session information, affecting organizations using vulnerable versions of the product.
XSS
Mailessentials
-
CVE-2026-23616
MEDIUM
CVSS 5.4
Stored cross-site scripting in GFI MailEssentials AI before version 22.4 allows authenticated users to inject malicious scripts into the Anti-Spoofing configuration page, which execute when administrators view the management interface. An attacker with valid credentials can exploit the TxtSmtpDesc parameter to compromise other authenticated users through arbitrary JavaScript execution. No patch is currently available for this medium-severity vulnerability.
XSS
Mailessentials
-
CVE-2026-23615
MEDIUM
CVSS 5.4
Stored XSS in GFI MailEssentials AI versions before 22.4 allows authenticated users to inject malicious scripts into the Sender Policy Framework Email Exceptions interface that execute when administrators view the management console. An attacker with valid credentials can inject HTML/JavaScript through the email description parameter, compromising other logged-in users' sessions.
XSS
Mailessentials
-
CVE-2026-23614
MEDIUM
CVSS 5.4
GFI MailEssentials AI before version 22.4 contains a stored cross-site scripting vulnerability in the Sender Policy Framework configuration interface that allows authenticated users to inject malicious scripts into IP description fields. An attacker with valid credentials can execute arbitrary JavaScript in the context of administrators accessing the management interface, potentially compromising administrative sessions. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23613
MEDIUM
CVSS 5.4
GFI MailEssentials AI prior to version 22.4 allows authenticated users to inject malicious scripts into the URI DNS Blocklist configuration page, which are stored and executed when administrators access the management interface. An attacker with valid credentials can exploit the unsanitized ctl00$ContentPlaceHolder1$pv1$TXB_URIs parameter to perform actions in the context of logged-in users, such as stealing session tokens or modifying security settings. No patch is currently available for this stored cross-site scripting vulnerability.
Dns
XSS
Mailessentials
-
CVE-2026-23612
MEDIUM
CVSS 5.4
Stored cross-site scripting in GFI MailEssentials AI versions before 22.4 allows authenticated users to inject malicious scripts into the IP DNS Blocklist configuration page that execute when administrators access the management interface. An attacker with valid credentials can inject HTML/JavaScript through the IP configuration parameter to compromise other authenticated users' sessions. No patch is currently available for this vulnerability.
Dns
XSS
Mailessentials
-
CVE-2026-23611
MEDIUM
CVSS 5.4
GFI MailEssentials AI versions before 22.4 contain a stored cross-site scripting vulnerability in the IP Blocklist management page that allows authenticated users to inject malicious scripts into the IP description field, which are executed when administrators view the management interface. An attacker with valid credentials can exploit this to hijack administrator sessions or perform unauthorized actions with their privileges. Currently, no patch is available and the vulnerability requires user interaction to trigger.
XSS
Mailessentials
-
CVE-2026-23610
MEDIUM
CVSS 5.4
GFI MailEssentials AI versions before 22.4 contain a stored cross-site scripting vulnerability in the POP2Exchange configuration endpoint that allows authenticated users to inject malicious scripts through the POP3 server login field. An attacker with valid credentials can execute arbitrary JavaScript in the context of administrators viewing the management interface, potentially compromising administrative sessions. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23609
MEDIUM
CVSS 5.4
GFI MailEssentials AI versions before 22.4 contain a stored cross-site scripting vulnerability in the Perimeter SMTP Servers configuration page that allows authenticated users to inject malicious scripts into the management interface. An attacker with valid credentials can execute arbitrary JavaScript in the context of other logged-in administrators by manipulating the description parameter. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23608
MEDIUM
CVSS 5.4
GFI MailEssentials AI prior to version 22.4 contains a stored cross-site scripting vulnerability in the Mail Monitoring rule creation endpoint that allows authenticated users to inject malicious JavaScript through the rule name field. When an administrator views the affected rules in the management interface, the stored script executes in their browser session, potentially enabling session hijacking or unauthorized administrative actions. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23607
MEDIUM
CVSS 5.4
GFI MailEssentials AI prior to version 22.4 contains a stored XSS vulnerability in the Anti-Spam Whitelist management interface that allows authenticated users to inject malicious scripts through the description field. An attacker with valid credentials can craft payloads that execute in the browser context of other administrators accessing the management console, potentially compromising administrative sessions. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23606
MEDIUM
CVSS 5.4
GFI MailEssentials AI prior to version 22.4 contains a stored cross-site scripting vulnerability in the Advanced Content Filtering rule creation feature that allows authenticated users to inject malicious scripts into rule names, which are later executed in the browsers of administrators viewing the management interface. An attacker with valid credentials can exploit this to perform actions as a logged-in administrator, including potential unauthorized configuration changes or credential theft. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23605
MEDIUM
CVSS 5.4
GFI MailEssentials AI versions before 22.4 contain a stored cross-site scripting vulnerability in the Attachment Filtering rule creation feature that allows authenticated users to inject malicious scripts into rule names, which execute when administrators access the management interface. An attacker with valid credentials can exploit this to perform actions on behalf of logged-in administrators or steal sensitive information from the management dashboard. No patch is currently available for this medium-severity vulnerability.
XSS
Mailessentials
-
CVE-2026-23604
MEDIUM
CVSS 5.4
Stored cross-site scripting in GFI MailEssentials AI versions before 22.4 allows authenticated users to inject malicious JavaScript into the Keyword Filtering rule creation interface, which executes when administrators view the management console. An attacker with valid credentials can compromise other users' sessions and perform unauthorized actions within the MailEssentials application. No patch is currently available for this vulnerability.
XSS
Mailessentials
-
CVE-2026-23548
MEDIUM
CVSS 5.3
DirectoryPress through version 3.6.25 contains an access control bypass that allows unauthenticated attackers to modify data due to improperly configured authorization checks. An attacker can exploit this vulnerability over the network without authentication or user interaction to alter information in affected installations. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-23545
MEDIUM
CVSS 6.5
Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache is affected by missing authorization (CVSS 6.5).
Authentication Bypass
-
CVE-2026-23543
MEDIUM
CVSS 5.3
WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite is affected by missing authorization (CVSS 5.3).
Authentication Bypass
-
CVE-2026-22422
MEDIUM
CVSS 5.3
Everest Forms through version 3.4.1 fails to properly sanitize HTML script tags, enabling unauthenticated attackers to inject malicious code and compromise site integrity. The vulnerability allows attackers to perform code injection attacks without authentication or user interaction, potentially leading to data theft or malware distribution. No patch is currently available for this vulnerability.
Code Injection
-
CVE-2026-22269
MEDIUM
CVSS 4.7
Dell PowerProtect Data Manager versions prior to 19.22 contain improper verification of REST API communication channels that allows high-privileged remote attackers to bypass security protections. The vulnerability requires administrative credentials and network access, enabling authenticated attackers to circumvent established security controls. No patch is currently available.
Authentication Bypass
Dell
Powerprotect Data Manager
-
CVE-2026-22268
MEDIUM
CVSS 6.3
Dell PowerProtect Data Manager versions prior to 19.22 contain a privilege assignment flaw that allows low-privileged remote attackers to disrupt Enterprise Support connections, resulting in denial of service. Exploitation requires valid credentials and user interaction, and no patch is currently available. The vulnerability affects system availability rather than confidentiality or data integrity.
Denial Of Service
Powerprotect Data Manager
-
CVE-2026-22266
MEDIUM
CVSS 4.7
Dell PowerProtect Data Manager versions prior to 19.22 contain improper verification of communication channels in the REST API, allowing high-privileged remote attackers to bypass security protections. The vulnerability requires administrative credentials but carries no patch availability, creating ongoing risk for affected deployments.
Authentication Bypass
Dell
Powerprotect Data Manager
-
CVE-2026-2817
MEDIUM
CVSS 4.4
Spring Data Geode's snapshot import functionality uses predictable temporary directories with overly permissive permissions, allowing local users on shared systems to read cache data belonging to other users. An attacker with basic local privileges can access and extract snapshot contents without authorization, compromising the confidentiality of sensitive cached information. No patch is currently available for this medium-severity vulnerability.
Spring
Redhat
-
CVE-2026-2736
MEDIUM
CVSS 6.1
Reflected XSS in OpenCms v18.0 via the 'q' parameter in /search/index.html allows unauthenticated attackers to inject malicious scripts through crafted URLs. Successful exploitation enables session hijacking, credential theft, and arbitrary actions performed on behalf of authenticated users. No patch is currently available.
XSS
Opencms
-
CVE-2026-2735
MEDIUM
CVSS 5.4
Stored XSS in OpenCms v18.0 allows authenticated attackers to inject malicious scripts through the 'text' parameter in blog article creation requests, which execute in other users' browsers when they view the affected content. The vulnerability requires user interaction and results in limited impact to confidentiality and integrity, but currently has no available patch.
XSS
Opencms
-
CVE-2026-2718
MEDIUM
CVSS 6.4
The Dealia - Request a Quote WordPress plugin through version 1.0.6 allows authenticated contributors and above to inject malicious scripts into pages via improperly escaped Gutenberg block attributes. An attacker with contributor-level access can embed arbitrary JavaScript that executes when users view the affected pages, potentially compromising user sessions and data. No patch is currently available.
WordPress
XSS
-
CVE-2026-2716
MEDIUM
CVSS 4.4
Stored XSS in the Client Testimonial Slider WordPress plugin through version 2.0 allows administrators to inject malicious scripts into the 'Testimonial Heading' setting due to inadequate input sanitization. The injected scripts execute when users view affected pages, impacting multi-site WordPress installations or sites with unfiltered_html disabled. Currently no patch is available.
WordPress
XSS
-
CVE-2026-2711
MEDIUM
CVSS 5.6
Server-side request forgery (SSRF) in worldquant-miner up to version 1.0.9 allows remote attackers to manipulate the make_request parameter in the URL handler component, enabling them to forge requests to internal systems or arbitrary destinations. Public exploit code exists for this vulnerability, though exploitation requires high complexity conditions. The vendor has not yet released a patch despite early notification.
SSRF
AI / ML
-
CVE-2026-2706
MEDIUM
CVSS 6.3
SQL injection in Patient Record Management System 1.0 via the comp_id parameter in /fecalysis_not.php enables authenticated remote attackers to read, modify, or delete database contents. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction.
PHP
SQLi
Patient Record Management System
-
CVE-2026-2705
MEDIUM
CVSS 4.3
Out-of-bounds memory reads in Open Babel's MOL2 file handler (via OBAtom::SetFormalCharge function) allow remote attackers to trigger denial of service through malicious molecule files. Public exploit code is available for this vulnerability, which remains unpatched as of the advisory date. Versions up to 3.1.1 are affected.
Buffer Overflow
Open Babel
Suse
-
CVE-2026-2704
MEDIUM
CVSS 4.3
Out-of-bounds read in Open Babel's CIF file handler (versions up to 3.1.1) allows remote denial of service when processing malicious files. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can trigger a crash by sending specially crafted input to the affected transform3d function without requiring authentication or user interaction beyond opening a file.
Buffer Overflow
Open Babel
Suse
-
CVE-2026-2693
MEDIUM
CVSS 4.3
Cyreneadmin versions up to 1.3.0. contains a vulnerability that allows attackers to improper authorization (CVSS 4.3).
Information Disclosure
Cyreneadmin
-
CVE-2026-2692
MEDIUM
CVSS 4.3
Path traversal in CyreneAdmin's image handler endpoint allows authenticated attackers to read arbitrary files on the server through manipulation of the Avatar parameter. The vulnerability affects versions up to 1.3.0 and requires valid user credentials to exploit, limiting the attack surface to authenticated users. Public exploit code exists and no patch is currently available.
Path Traversal
Cyreneadmin
-
CVE-2026-2681
MEDIUM
CVSS 5.3
The blst cryptographic library is vulnerable to an out-of-bounds stack write in the blst_sha256_bcopy routine when processing zero-length salt parameters in key generation functions, allowing remote attackers to trigger memory corruption and process crashes. Applications that expose blst_keygen_v5() or similar functions to untrusted input are susceptible to denial-of-service attacks. No patch is currently available for this vulnerability.
Memory Corruption
Redhat
-
CVE-2026-2504
MEDIUM
CVSS 4.3
The Dealia - Request a quote WordPress plugin fails to properly validate user permissions on AJAX endpoints, allowing authenticated users with Contributor-level access or higher to reset plugin configuration by exploiting an exposed admin nonce. An attacker with basic edit_posts capability can bypass the capability check and modify critical plugin settings without administrative privileges. The vulnerability affects all versions up to 1.0.6 and currently has no available patch.
WordPress
PHP
Authentication Bypass
-
CVE-2026-2502
MEDIUM
CVSS 6.1
Stored cross-site scripting in the WordPress XML-RPC Attacks Blocker plugin up to version 1.0 allows unauthenticated attackers to inject malicious scripts via the X-Forwarded-For HTTP header, which are then executed when administrators access the debug log page. The vulnerability stems from improper handling of untrusted header data without output escaping. No patch is currently available.
WordPress
XSS
-
CVE-2026-2284
MEDIUM
CVSS 5.4
Complete data destruction in WordPress via the News Element Elementor Blog Magazine plugin (versions up to 1.0.8) due to insufficient authorization checks on an AJAX function, allowing authenticated users with Subscriber-level privileges to truncate core database tables and delete the uploads directory. The vulnerability requires user authentication but no additional interaction, making it exploitable by any low-privileged WordPress user with no patch currently available.
WordPress
-
CVE-2026-2282
MEDIUM
CVSS 4.4
Stored XSS in WordPress Slidorion plugin through version 1.0.2 allows administrators to inject malicious scripts via insufficiently sanitized settings that execute when other users view affected pages. The vulnerability requires high privileges and only manifests in multisite WordPress installations or those with unfiltered HTML disabled. No patch is currently available.
WordPress
XSS
-
CVE-2026-2243
MEDIUM
CVSS 5.1
QEMU's VMDK image parser is vulnerable to an out-of-bounds read when processing maliciously crafted disk images, allowing local attackers to leak sensitive information or trigger denial of service. This vulnerability affects systems running QEMU with untrusted VMDK input and currently lacks an available patch.
Denial Of Service
Redhat
Suse
-
CVE-2026-1658
MEDIUM
CVSS 5.3
Directory Services versions up to 25.2. is affected by user interface (ui) misrepresentation of critical information (CVSS 5.3).
Code Injection
Directory Services
-
CVE-2026-1646
MEDIUM
CVSS 6.4
Stored cross-site scripting in the Advance Block Extend WordPress plugin versions up to 1.0.4 allows authenticated contributors and above to inject malicious scripts through the TitleColor attribute in the Latest Posts block, which execute in the browsers of users viewing affected pages. The vulnerability stems from inadequate input sanitization and output escaping, enabling persistent payload injection. No patch is currently available.
WordPress
XSS
-
CVE-2026-1461
MEDIUM
CVSS 6.5
Simple Membership (WordPress plugin) versions up to 4.7.0 contains a security vulnerability (CVSS 6.5).
WordPress
React
-
CVE-2026-1455
MEDIUM
CVSS 4.3
Whatsiplus Scheduled Notification for Woocommerce (WordPress plugin) is affected by cross-site request forgery (csrf) (CVSS 4.3).
WordPress
CSRF
-
CVE-2026-1373
MEDIUM
CVSS 6.4
Stored XSS in WordPress Easy Author Image plugin up to version 1.7 allows authenticated subscribers and above to inject malicious scripts through the author_profile_picture_url parameter due to inadequate input sanitization. Attackers can embed arbitrary JavaScript that executes when other users view affected pages, potentially compromising user sessions and data. No patch is currently available for this vulnerability.
WordPress
XSS
-
CVE-2026-1219
MEDIUM
CVSS 5.3
Radio by Sonaar versions up to 4.0 is affected by authorization bypass through user-controlled key (CVSS 5.3).
WordPress
-
CVE-2026-1055
MEDIUM
CVSS 4.4
Stored XSS in the TalkJS WordPress plugin through version 0.1.15 permits high-privilege administrators to inject malicious scripts into admin settings that execute for all users viewing affected pages, restricted to multisite installations or those with unfiltered_html disabled. The vulnerability stems from inadequate input sanitization and output escaping in the plugin's settings handling. No patch is currently available.
WordPress
XSS
-
CVE-2026-1047
MEDIUM
CVSS 4.4
Stored XSS in the Salavat Counter WordPress plugin up to version 0.9.5 allows authenticated administrators to inject malicious scripts through the 'image_url' parameter due to inadequate input sanitization and output escaping. When users visit affected pages, the injected scripts execute in their browsers, potentially compromising site integrity and user sessions. A patch is not currently available.
WordPress
XSS
-
CVE-2026-1044
MEDIUM
CVSS 4.4
Stored cross-site scripting in Tennis Court Bookings plugin for WordPress through version 1.2.7 allows administrators to inject malicious scripts into admin settings that execute when other users access affected pages. The vulnerability requires high privileges and only impacts multi-site WordPress installations or those with unfiltered_html disabled. No patch is currently available.
WordPress
XSS
-
CVE-2026-1043
MEDIUM
CVSS 4.4
PostmarkApp Email Integrator (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 4.4).
WordPress
XSS
-
CVE-2026-0722
MEDIUM
CVSS 6.5
The Shield Security plugin for WordPress versions up to 21.0.8 contains a CSRF vulnerability that allows attackers to bypass nonce verification through a manipulated parameter, enabling SQL injection attacks to extract database contents. An unauthenticated attacker can exploit this by tricking a site administrator into clicking a malicious link, potentially compromising sensitive information stored in the WordPress database. No patch is currently available for affected installations.
WordPress
SQLi
CSRF
-
CVE-2026-0561
MEDIUM
CVSS 6.1
Shield Security plugin for WordPress versions up to 21.0.8 contains a reflected XSS vulnerability in the 'message' parameter that allows unauthenticated attackers to inject malicious scripts through specially crafted links. Successful exploitation requires tricking users into clicking a malicious link, resulting in execution of arbitrary JavaScript in their browser context. No patch is currently available for this vulnerability.
WordPress
XSS
-
CVE-2026-0556
MEDIUM
CVSS 6.4
Stored XSS in the XO Event Calendar WordPress plugin through version 3.2.10 allows authenticated contributors and above to inject malicious scripts into pages via the 'xo_event_field' shortcode due to improper input sanitization. When other users visit affected pages, the injected scripts execute in their browsers, potentially compromising their sessions or stealing sensitive data. No patch is currently available.
WordPress
XSS
-
CVE-2026-0549
MEDIUM
CVSS 6.4
Stored XSS in WordPress Groups plugin through the 'groups_group_info' shortcode allows authenticated contributors and higher-privileged users to inject malicious scripts into pages via inadequate input validation. When other users access the compromised pages, the injected scripts execute in their browsers, potentially leading to session hijacking or account compromise. No patch is currently available for versions up to 3.10.0.
WordPress
XSS
-
CVE-2025-71244
MEDIUM
CVSS 6.1
Spip versions up to 4.4.5 is affected by url redirection to untrusted site (open redirect) (CVSS 6.1).
Open Redirect
Spip
-
CVE-2025-71242
MEDIUM
CVSS 6.5
SPIP before 4.3.6, 4.2.17, and 4.1.20 allows unauthorized content disclosure in the private area. [CVSS 6.5 MEDIUM]
Authentication Bypass
Spip
-
CVE-2025-71241
MEDIUM
CVSS 6.1
SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS) in the private area. The content of the error message displayed by the 'transmettre' API is not properly sanitized, allowing an attacker to inject malicious scripts. [CVSS 6.1 MEDIUM]
XSS
Spip
-
CVE-2025-71240
MEDIUM
CVSS 5.4
SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser. [CVSS 5.4 MEDIUM]
XSS
Spip
-
CVE-2025-69725
MEDIUM
CVSS 4.7
An Open Redirect vulnerability in the go-chi/chi >=5.2.2 RedirectSlashes function allows remote attackers to redirect victim users to malicious websites using the legitimate website domain. [CVSS 4.7 MEDIUM]
Open Redirect
Redhat
Suse
-
CVE-2025-69674
MEDIUM
CVSS 6.4
Buffer Overflow vulnerability in CDATA FD614GS3-R850 V3.2.7_P161006 (Build.0333.250211) allows an attacker to execute arbitrary code via the node_mac, node_opt, opt_param, and domainblk parameters of the mesh_node_config and domiainblk_config modules [CVSS 6.4 MEDIUM]
Buffer Overflow
-
CVE-2025-15563
MEDIUM
CVSS 5.3
Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here. [CVSS 5.3 MEDIUM]
Authentication Bypass
Worktime
-
CVE-2025-15562
MEDIUM
CVSS 6.1
The server API endpoint /report/internet/urls reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim's browser if the victim opens a URL prepared by the attacker. [CVSS 6.1 MEDIUM]
RCE
XSS
Worktime
-
CVE-2025-14983
MEDIUM
CVSS 6.4
The Advanced Custom Fields: Font Awesome Field plugin for WordPress is vulnerable to Cross-Site Scripting in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-14864
MEDIUM
CVSS 4.3
The Virusdie - One-click website security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.7. This is due to missing capability checks on the `vd_get_apikey` function which is hooked to `wp_ajax_virusdie_apikey`. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve the site's Virusdie API key, which could be used to access the site owner's Virusdie account and potentially compromis...
WordPress
Information Disclosure
PHP
-
CVE-2025-14851
MEDIUM
CVSS 6.4
The YaMaps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `yamap` shortcode parameters in all versions up to, and including, 0.6.40 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-14445
MEDIUM
CVSS 6.4
The Image Hotspot by DevVN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hotspot_content' custom field meta in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-14427
MEDIUM
CVSS 4.3
The Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `MfaEmailDisable` action in all versions up to, and including, 21.0.9. [CVSS 4.3 MEDIUM]
WordPress
PHP
-
CVE-2025-14357
MEDIUM
CVSS 5.3
The Mega Store Woocommerce theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the setup_widgets() function in core/includes/importer/whizzie.php in all versions up to, and including, 5.9. [CVSS 5.3 MEDIUM]
WordPress
PHP
-
CVE-2025-14342
MEDIUM
CVSS 4.3
SEO Plugin by Squirrly SEO (WordPress plugin) versions up to 12.4.14. is affected by missing authorization (CVSS 4.3).
WordPress
PHP
-
CVE-2025-14294
MEDIUM
CVSS 5.3
The Razorpay for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getCouponList() function in all versions up to, and including, 4.7.8. This is due to the checkAuthCredentials() permission callback always returning true, providing no actual authentication. This makes it possible for unauthenticated attackers to modify the billing and shipping contact information (email and phone) of any WooCommerce order by knowing or...
WordPress
PHP
-
CVE-2025-14167
MEDIUM
CVSS 4.3
The Remove Post Type Slug plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to incorrect nonce validation logic that uses OR (||) instead of AND (&&), causing the validation to fail when the nonce field is not empty OR when verification fails, rather than when it's empty AND verification fails. This makes it possible for unauthenticated attackers to modify the plugin's post type slug removal settings via a forged request ...
WordPress
CSRF
PHP
-
CVE-2025-14076
MEDIUM
CVSS 6.1
The iXML - Google XML sitemap generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'iXML_email' parameter in all versions up to, and including, 0.6 due to insufficient input sanitization and output escaping. [CVSS 6.1 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-13930
MEDIUM
CVSS 5.3
The Checkout Field Manager (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 7.8.5. [CVSS 5.3 MEDIUM]
WordPress
PHP
-
CVE-2025-13864
MEDIUM
CVSS 5.3
The Breeze - WordPress Cache Plugin plugin for WordPress is vulnerable to unauthorized cache clearing in all versions up to, and including, 2.2.21. This is due to the REST API endpoint `/wp-json/breeze/v1/clear-all-cache` being registered with `permission_callback => '__return_true'` and authentication being disabled by default when the API is enabled. This makes it possible for unauthenticated attackers to clear all site caches (page cache, Varnish, and Cloudflare) via a simple POST request,...
WordPress
PHP
-
CVE-2025-13842
MEDIUM
CVSS 5.3
The Breadcrumb NavXT plugin for WordPress is vulnerable to authorization bypass through user-controlled key in versions up to and including 7.5.0. This is due to the Gutenberg block renderer trusting the $_REQUEST['post_id'] parameter without verification in the includes/blocks/build/breadcrumb-trail/render.php file. This makes it possible for unauthenticated attackers to enumerate and view breadcrumb trails for draft or private posts by manipulating the post_id parameter, revealing post titl...
WordPress
PHP
-
CVE-2025-13738
MEDIUM
CVSS 6.4
The Easy Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `ez-toc` shortcode in all versions up to, and including, 2.0.78 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-13732
MEDIUM
CVSS 6.4
The s2Member - Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 's2Eot' shortcode in all versions up to, and including, 251005 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-13672
MEDIUM
CVSS 5.4
Web Site Management Server versions up to 16.7.0 is affected by cross-site scripting (xss) (CVSS 5.4).
XSS
Web Site Management Server
-
CVE-2025-13671
MEDIUM
CVSS 6.5
Web Site Management Server versions up to 16.7.0 is affected by cross-site request forgery (csrf) (CVSS 6.5).
CSRF
Web Site Management Server
-
CVE-2025-13617
MEDIUM
CVSS 6.4
Apollo13 Framework Extensions (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.4).
WordPress
XSS
PHP
-
CVE-2025-13612
MEDIUM
CVSS 6.4
Album and Image Gallery plus Lightbox (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.4).
WordPress
XSS
PHP
-
CVE-2025-13587
MEDIUM
CVSS 6.5
The Two Factor (2FA) Authentication via Email plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 1.9.8. [CVSS 6.5 MEDIUM]
WordPress
Authentication Bypass
PHP
-
CVE-2025-13438
MEDIUM
CVSS 4.3
The Page Title, Description & Open Graph Updater plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.02. This is due to missing nonce validation on multiple AJAX actions including dieno_update_page_title. [CVSS 4.3 MEDIUM]
WordPress
CSRF
PHP
-
CVE-2025-13413
MEDIUM
CVSS 4.3
Country Blocker for AdSense (WordPress plugin) is affected by cross-site request forgery (csrf) (CVSS 4.3).
WordPress
CSRF
PHP
-
CVE-2025-13113
MEDIUM
CVSS 5.3
The Web Accessibility by accessiBe plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11. This is due to the `accessibe_render_js_in_footer()` function logging the complete plugin options array to the browser console on public pages, without restricting output to privileged users or checking for debug mode. This makes it possible for unauthenticated attackers to view sensitive configuration data, including email addresses, accessiBe us...
WordPress
Information Disclosure
PHP
-
CVE-2025-13091
MEDIUM
CVSS 4.3
The Shopire theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the shopire_admin_install_plugin() function in all versions up to, and including, 1.0.57. [CVSS 4.3 MEDIUM]
WordPress
PHP
-
CVE-2025-13079
MEDIUM
CVSS 5.3
mobile friendly marketing popups. versions up to 4.4.2. contains a security vulnerability (CVSS 5.3).
WordPress
PHP
-
CVE-2025-13048
MEDIUM
CVSS 6.4
The StatCounter - Free Real Time Visitor Stats plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user's Nickname in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-12884
MEDIUM
CVSS 4.3
The Advanced Ads - Ad Manager & AdSense plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 2.0.14. This is due to the plugin not properly verifying that a user is authorized to perform an action in the `placement_update_item()` function. [CVSS 4.3 MEDIUM]
WordPress
PHP
-
CVE-2025-12500
MEDIUM
CVSS 5.3
The Checkout Field Manager (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to unauthenticated limited file upload in all versions up to, and including, 7.8.1. This is due to the plugin not properly verifying that a user is authorized to perform file upload actions via the "ajax_checkout_attachment_upload" function. This makes it possible for unauthenticated attackers to upload files to the server, though file types are limited to WordPress's default allowed MIME types (i...
WordPress
PHP
-
CVE-2025-12451
MEDIUM
CVSS 4.4
The Easy SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping. [CVSS 6.1 MEDIUM]
WordPress
XSS
-
CVE-2025-12448
MEDIUM
CVSS 6.4
The Smartsupp - live chat, AI shopping assistant and chatbots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'code' parameter in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]
WordPress
XSS
AI / ML
PHP
-
CVE-2025-12375
MEDIUM
CVSS 6.4
The Printful Integration for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.11 via the advanced size chart REST API endpoint. This is due to insufficient validation of user-supplied URLs before passing them to the download_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application which can b...
WordPress
SSRF
PHP
-
CVE-2025-12172
MEDIUM
CVSS 4.3
Mailchimp List Subscribe Form (WordPress plugin) is affected by cross-site request forgery (csrf) (CVSS 4.3).
WordPress
CSRF
PHP
-
CVE-2025-12117
MEDIUM
CVSS 6.4
The Renden theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-12116
MEDIUM
CVSS 6.4
The Drift theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-12081
MEDIUM
CVSS 4.3
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the "acf_photo_gallery_edit_save" function in all versions up to, and including, 3.0. [CVSS 4.3 MEDIUM]
WordPress
PHP
-
CVE-2025-12027
MEDIUM
CVSS 4.3
The Mesmerize Companion plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the "openPageInCustomizer" and "openPageInDefaultEditor" functions in all versions up to, and including, 1.6.158. [CVSS 4.3 MEDIUM]
WordPress
PHP
-
CVE-2025-11725
MEDIUM
CVSS 6.5
Aruba HiSpeed Cache (WordPress plugin) versions up to 3.0.2. is affected by missing authorization (CVSS 6.5).
WordPress
PHP
-
CVE-2025-11706
MEDIUM
CVSS 6.1
The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the dbstatus parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. [CVSS 6.1 MEDIUM]
WordPress
XSS
PHP
-
CVE-2025-9208
MEDIUM
CVSS 5.4
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Web Site Management Server allows Stored XSS. [CVSS 5.4 MEDIUM]
XSS
Web Site Management Server
-
CVE-2025-8055
MEDIUM
CVSS 5.3
Server-Side Request Forgery (SSRF) vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerability could allow an attacker to
perform blind SSRF to other systems accessible from the XM Fax server. [CVSS 5.3 MEDIUM]
SSRF
Xm Fax
-
CVE-2019-25430
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25429
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpn_advanced endpoint. [CVSS 6.1 MEDIUM]
Openvpn
XSS
Dome Firewall
-
CVE-2019-25428
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the openvpn_users endpoint that allow attackers to inject malicious scripts through POST parameters. [CVSS 6.1 MEDIUM]
Openvpn
XSS
Dome Firewall
-
CVE-2019-25427
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the antispyware endpoint. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25426
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25425
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUS_ADMIN parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25424
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25423
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25421
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25420
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the snat endpoint. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25418
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25417
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25416
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input through the device parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25415
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspot_permanent_users endpoint. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25414
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25413
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25412
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTP_SERVER_LIST parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25411
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the GATEWAY_GREEN parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25410
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through the source and destination parameters. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25409
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the destination parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25408
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the netmask_addr parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25407
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25406
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25404
MEDIUM
CVSS 6.4
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. [CVSS 6.4 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25403
MEDIUM
CVSS 6.4
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. [CVSS 6.4 MEDIUM]
XSS
Dome Firewall
-
CVE-2019-25402
MEDIUM
CVSS 6.1
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. [CVSS 6.1 MEDIUM]
XSS
Dome Firewall
-
CVE-2026-26958
None
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point.
Golang
MySQL
Github
-
CVE-2026-26205
None
opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the `input.parsed_path` field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes (`//`) as authority components, and therefore dropping them from the parsed path. This creates a path in...
Authentication Bypass
-
CVE-2026-26063
None
CediPay is a crypto-to-fiat app for the Ghanaian market. A vulnerability in CediPay prior to version 1.2.3 allows attackers to bypass input validation in the transaction API. The issue has been fixed in version 1.2.3. If upgrading is not immediately possible, restrict API access to trusted networks or IP ranges; enforce strict input validation at the application layer; and/or monitor transaction logs for anomalies or suspicious activity. These mitigations reduce exposure but do not fully elim...
Code Injection
-
CVE-2026-25423
LOW
CVSS 3.8
creativeinteractivemedia Real 3D FlipBook real3d-flipbook-lite is affected by missing authorization (CVSS 3.8).
Authentication Bypass
-
CVE-2026-25120
LOW
CVSS 2.7
Gogs is an open source self-hosted Git service. In versions 0.13.4 and below, the DeleteComment API does not verify that the comment belongs to the repository specified in the URL. [CVSS 2.7 LOW]
Authentication Bypass
-
CVE-2026-24764
LOW
CVSS 3.7
OpenClaw (formerly Clawdbot) is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata (topic/description) can be incorporated into the model's system prompt. [CVSS 3.7 LOW]
Code Injection
-
CVE-2026-24122
LOW
CVSS 3.7
Cosign provides code signing and transparency for containers and binaries. [CVSS 3.7 LOW]
Authentication Bypass
-
CVE-2026-23541
None
Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through <= 1.19.4.
Authentication Bypass
-
CVE-2026-2738
None
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet
Buffer Overflow
Denial Of Service
-
CVE-2026-2733
LOW
CVSS 3.8
A flaw was identified in the Docker v2 authentication endpoint of Keycloak, where tokens continue to be issued even after a Docker registry client has been administratively disabled. This means that turning the client “Enabled” setting to OFF does not fully prevent access. [CVSS 3.8 LOW]
Docker
-
CVE-2026-2731
None
Path traversal and content injection in JobRunnerBackground.aspx in DynamicWeb 8 (all) and 9 (<9.19.7 and <9.20.3) allows unauthenticated attackers to execute code via simple web requests
Path Traversal
-
CVE-2026-2709
LOW
CVSS 3.5
A flaw has been found in busy versions up to 2.5.5. is affected by url redirection to untrusted site (open redirect) (CVSS 3.5).
Open Redirect
-
CVE-2026-2703
LOW
CVSS 3.3
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decode_base64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. [CVSS 3.3 LOW]
Information Disclosure
-
CVE-2026-2702
LOW
CVSS 3.1
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials. The attacker must have access to the local network to execute the attack. The complexity of an attack is rather high. The exploitability is assessed as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did ...
Authentication Bypass
-
CVE-2026-2409
None
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Delinea Cloud Suite allows Argument Injection.This issue affects Cloud Suite: before 25.2 HF1.
SQLi
-
CVE-2026-2274
None
A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet versions up to 2025-11 is affected by server-side request forgery (ssrf).
Google
SSRF
-
CVE-2025-71250
None
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
Information Disclosure
-
CVE-2025-71249
None
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
Information Disclosure
-
CVE-2025-71248
None
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
Information Disclosure
-
CVE-2025-71247
None
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
Information Disclosure
-
CVE-2025-71246
None
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
Information Disclosure
-
CVE-2025-71245
None
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
Information Disclosure
-
CVE-2025-41023
None
An authentication bypass vulnerability has been found in Thesamur's AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms.
Authentication Bypass
-
CVE-2025-40697
None
Reflected Cross-Site Scripting (XSS) vulnerability in '/index.php' in Lewe WebMeasure, which allows remote attackers to execute arbitrary code through the 'page' parameter.
PHP
XSS
-
CVE-2025-15586
None
OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can result in authentication bypass without knowledge of the victim account's password.
Authentication Bypass
-
CVE-2025-15585
None
Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration.
MySQL
SQLi
Privilege Escalation
-
CVE-2025-14270
LOW
CVSS 2.7
OneClick Chat to Order (WordPress plugin) versions up to 1.0.9. is affected by missing authorization (CVSS 2.7).
WordPress
PHP