Skip to main content
CVE-2025-69985 CRITICAL POC Act Now

Authentication bypass in FUXA SCADA/HMI system 1.2.8 and prior leading to Remote Code Execution. Unauthenticated attackers can execute arbitrary code on industrial control HMI systems. EPSS 0.64% with PoC available.

Node.js RCE Authentication Bypass Fuxa
NVD GitHub Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2026-26342 CRITICAL POC Act Now

Persistent authentication token in Tattile ANPR cameras firmware 1.181.5 and prior. Authentication tokens never expire, enabling indefinite session reuse. PoC available.

Authentication Bypass Vega33 Firmware Basic Mk2 Firmware Axle Counter Firmware Vega53 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-27590 CRITICAL POC PATCH Act Now

FastCGI path splitting vulnerability in Caddy before 2.11.1 allows request smuggling or path confusion when proxying to FastCGI backends (PHP-FPM). EPSS 0.19% with PoC available.

PHP TLS RCE Caddy Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-26341 CRITICAL POC Act Now

Default credentials in Tattile Smart+, Vega, and Basic ANPR camera families firmware 1.181.5 and prior. License plate recognition cameras ship with known default credentials. PoC available.

Authentication Bypass Vega11 Firmware Axle Counter Firmware Vega33 Firmware Anpr Mobile Firmware +2
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2796 CRITICAL POC PATCH Act Now

JIT miscompilation in Firefox WebAssembly before 148. The JIT compiler generates incorrect Wasm code, enabling type confusion. PoC available.

Mozilla Memory Corruption Information Disclosure Thunderbird
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-26198 CRITICAL POC PATCH Act Now

SQL injection in Ormar async ORM for Python versions 0.9.9 through 0.22.0. Aggregate queries pass unsanitized input to SQL, enabling database compromise through the ORM abstraction. PoC and patch available.

Python Ormar
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27586 CRITICAL POC PATCH Act Now

TLS error swallowing in Caddy web server before 2.11.1 allows bypassing client certificate authentication. Errors in ClientCAs handling are silenced, potentially accepting invalid client certificates. PoC available.

TLS Caddy Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-27588 CRITICAL POC PATCH Act Now

Host header case sensitivity bypass in Caddy before 2.11.1. Virtual host routing can be bypassed by using alternate casing in the Host header. PoC available.

TLS Caddy Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-27587 CRITICAL POC PATCH Act Now

Case sensitivity bypass in Caddy web server path matching before 2.11.1. HTTP path matchers can be bypassed using alternate casing on case-insensitive filesystems. PoC available.

TLS Caddy Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-22553 CRITICAL Act Now

OS command injection in InSAT MasterSCADA BUK-TS through MMadmServ web interface. Unauthenticated RCE on SCADA management server. EPSS 1.26%.

SCADA RCE Command Injection Masterscada
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2026-2761 CRITICAL PATCH Act Now

Second sandbox escape in Firefox WebRender component. CVSS 10.0 — independent path from CVE-2026-2760 to escape the content process sandbox.

Information Disclosure Mozilla Thunderbird
NVD VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-2768 CRITICAL PATCH Act Now

Sandbox escape via IndexedDB in Firefox before 148 and Thunderbird. CVSS 10.0 — the Storage: IndexedDB component allows escaping the content process sandbox.

Authentication Bypass Mozilla Thunderbird
NVD VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-2778 CRITICAL PATCH Act Now

Sandbox escape via DOM Core & HTML component in Firefox before 148. CVSS 10.0 — fifth sandbox escape in this release.

Mozilla Buffer Overflow Thunderbird
NVD VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-2776 CRITICAL PATCH Act Now

Sandbox escape via Telemetry component in Firefox external software before 148. CVSS 10.0 — fourth sandbox escape in this release, through the telemetry subsystem.

Buffer Overflow Mozilla Thunderbird
NVD VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-2760 CRITICAL PATCH Act Now

Sandbox escape via boundary violation in Firefox WebRender graphics component. CVSS 10.0 — allows escaping the content sandbox to execute code with elevated privileges.

Information Disclosure Mozilla Thunderbird
NVD VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-26222 CRITICAL Act Now

Insecure .NET Remoting deserialization in Altec DocLink (Beyond Limits) 4.0.336.0. Exposed TCP endpoints allow unauthenticated remote code execution via .NET Remoting deserialization attacks.

.NET RCE Denial Of Service Altec Doclink
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-11165 CRITICAL Act Now

Sandbox escape in dotCMS Velocity scripting engine (VTools) allows authenticated users to execute arbitrary SQL. CVSS 9.9 with scope change — affects one of the largest Java CMS platforms.

Tomcat Java Dotcms
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2026-21410 CRITICAL Act Now

SQL injection in InSAT MasterSCADA BUK-TS through the main web interface. ICS/SCADA system with unauthenticated SQL injection enabling full database compromise.

SCADA RCE SQLi Masterscada
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-13942 CRITICAL Act Now

Command injection in Zyxel EX3510-B0 router UPnP functionality via firmware versions through 5.17. Allows remote code execution through the UPnP service.

Zyxel Command Injection Wx5610 B0 Firmware Ee6510 10 Firmware Px3321 T1 Firmware +15
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-14577 CRITICAL Act Now

PHP function injection in Slican NCP/IPL/IPM/IPU VOIP devices allows unauthenticated remote attackers to execute arbitrary PHP functions. Network telecommunications equipment vulnerability.

PHP Ipu 14 Firmware Ipm 032 Firmware Ipl 256 Firmware Ncp Firmware
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2793 CRITICAL PATCH Act Now

Memory safety bugs in Firefox ESR 115.32, ESR 140.7, and Firefox 147. Broader set of memory corruption issues than CVE-2026-2792.

Memory Corruption Mozilla Buffer Overflow RCE Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2792 CRITICAL PATCH Act Now

Memory safety bugs in Firefox ESR 140.7 and Firefox 147 with evidence of memory corruption and potential code execution exploitability.

Memory Corruption Mozilla Buffer Overflow RCE Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2788 CRITICAL PATCH Act Now

Boundary error in Firefox Audio/Video GMP (Gecko Media Plugins) component before 148. Media plugin processing triggers memory corruption.

Buffer Overflow Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2773 CRITICAL PATCH Act Now

Boundary error in Firefox Web Audio component before 148. Crafted audio processing triggers memory corruption.

Buffer Overflow Mozilla Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2771 CRITICAL PATCH Act Now

Undefined behavior in Firefox DOM Core & HTML component before 148. Can lead to memory corruption and potential code execution.

Buffer Overflow Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2764 CRITICAL PATCH Act Now

JIT miscompilation causing use-after-free in Firefox JavaScript JIT compiler before 148. JIT bugs are highly exploitable due to their deterministic nature.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2763 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript Engine before 148. One of multiple JS engine UAFs fixed in this release.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2759 CRITICAL PATCH Act Now

Boundary violation in Firefox ImageLib graphics component before 148 enables memory corruption through crafted images.

Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2758 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript garbage collector before 148 allows remote code execution through crafted JavaScript.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2757 CRITICAL PATCH Act Now

Boundary violation in Firefox WebRTC Audio/Video component before 148 allows remote code execution through crafted WebRTC media streams.

Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2779 CRITICAL PATCH Act Now

Boundary error in Firefox Networking JAR component before 148. Processing JAR (Java Archive) content triggers memory corruption.

Buffer Overflow Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2777 CRITICAL PATCH Act Now

Privilege escalation in Firefox Messaging System component before 148. The inter-process messaging system allows escalation from content to privileged process.

Privilege Escalation Mozilla Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2775 CRITICAL PATCH Act Now

HTML parser mitigation bypass in Firefox DOM before 148. Bypasses content sanitization protections via alternate authentication path in the HTML parser.

Mozilla Authentication Bypass Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2766 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript JIT compiler before 148. Second JIT-related UAF in this release, different from CVE-2026-2764.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2765 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript Engine before 148 and Thunderbird ESR 140.8. Separate UAF from CVE-2026-2763 and CVE-2026-2758.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2762 CRITICAL PATCH Act Now

Integer overflow in Firefox JavaScript Standard Library before 148 leads to memory corruption through crafted JavaScript operations.

Integer Overflow Mozilla Buffer Overflow Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2791 CRITICAL PATCH Act Now

Cache-based mitigation bypass in Firefox Networking before 148. Caching mechanism can be exploited to bypass security mitigations.

Mozilla Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2784 CRITICAL PATCH Act Now

DOM Security mitigation bypass in Firefox before 148. Security mechanisms protecting DOM operations can be circumvented.

Mozilla Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2634 CRITICAL Act Now

Address bar spoofing in Firefox before 148 allows malicious scripts to desynchronize the displayed URL from actual web content before receiving a response, enabling phishing attacks.

Apple Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2807 CRITICAL PATCH Act Now

Memory safety bugs in Firefox 147 and Thunderbird 147 with evidence of memory corruption. Mainline-only bugs not present in ESR branches.

Memory Corruption Mozilla Buffer Overflow RCE Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2805 CRITICAL PATCH Act Now

Invalid pointer in Firefox DOM Core & HTML before 148. Incorrect pointer computation leads to memory access errors.

Mozilla Memory Corruption Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-25968 CRITICAL PATCH Act Now

Stack buffer overflow in ImageMagick's MSL (Magick Scripting Language) parser allows remote attackers to corrupt memory and potentially execute arbitrary code by supplying an MSL document with an oversized attribute value processed by msl.c. All ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 are affected, as well as Magick.NET bindings below 14.10.3. No public exploit identified at time of analysis and EPSS is very low (0.06%, 17th percentile), but the CVSS 9.8 reflects the worst-case unauthenticated RCE potential against any service that parses attacker-controlled MSL input.

Buffer Overflow Imagemagick Stack Overflow
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-27507 CRITICAL Act Now

Hardcoded admin credentials in Binardat 10G08-0800GSM network switch firmware V300SP10260209 and prior. Known credentials provide full administrative access.

Authentication Bypass 10g08 0800gsm Firmware
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2800 CRITICAL PATCH Act Now

Spoofing in Firefox for Android WebAuthn component before 148. Allows phishing attacks through WebAuthn UI manipulation.

Mozilla Google Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2782 CRITICAL PATCH Act Now

Privilege escalation in Firefox Netmonitor component before 148. Second Netmonitor privilege escalation, separate from CVE-2026-2780.

Privilege Escalation Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2789 CRITICAL PATCH Act Now

Use-after-free in Firefox ImageLib graphics component before 148. Image processing triggers use of freed memory.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2787 CRITICAL PATCH Act Now

Use-after-free in Firefox DOM Window and Location component before 148. Window/Location lifecycle management error.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2774 CRITICAL PATCH Act Now

Integer overflow in Firefox Audio/Video component before 148. Overflow in media processing leads to incorrect memory allocations.

Integer Overflow Mozilla Buffer Overflow Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2772 CRITICAL PATCH Act Now

Use-after-free in Firefox Audio/Video Playback component before 148. Media playback triggers memory corruption.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2770 CRITICAL PATCH Act Now

Use-after-free in Firefox DOM Bindings (WebIDL) component before 148. Memory corruption in the interface between JavaScript and native DOM objects.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy