Skip to main content
CVE-2026-26331 HIGH POC PATCH This Week

yt-dlp is a command-line audio/video downloader. [CVSS 8.8 HIGH]

Python Command Injection Yt Dlp Red Hat Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2026-27483 HIGH POC PATCH GHSA This Week

Remote code execution in MindsDB prior to version 25.9.1.1 allows authenticated attackers to bypass file upload restrictions through path traversal in the /api/files endpoint. An attacker can exploit insufficient filename validation to write arbitrary files to any location on the server, achieving command execution. Public exploit code exists for this vulnerability.

Path Traversal AI / ML Mindsdb
NVD GitHub Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-25545 HIGH POC PATCH This Week

Astro web framework versions prior to 9.5.4 contain a server-side request forgery vulnerability in error page handling that allows unauthenticated remote attackers to bypass Host header validation and redirect requests to internal services or cloud metadata endpoints. By manipulating the Host header when accessing prerendered error pages, attackers can read response bodies from internal URLs, cloud metadata services, or localhost resources. Public exploit code exists for this vulnerability, which affects applications using custom error pages without proper Host validation.

SSRF Astrojs Node
NVD GitHub
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-26340 HIGH POC This Week

Unauthenticated RTSP stream access in multiple Tattile and Vega firmware versions allows remote attackers to view live video and audio feeds without credentials, exposing surveillance data across affected devices. Public exploit code exists for this vulnerability, which impacts Axle Counter, Vega11, Vega53, Vega33, and Anpr Mobile firmware lineups version 1.181.5 and earlier. No patch is currently available for this high-severity issue.

Authentication Bypass Axle Counter Firmware Vega11 Firmware Vega53 Firmware Anpr Mobile Firmware +2
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2026-25802 HIGH POC PATCH This Week

New API LLM gateway versions before 0.10.8-alpha.9 are vulnerable to stored cross-site scripting through the MarkdownRenderer component, which fails to sanitize script tags in model outputs. An authenticated attacker with user interaction can inject malicious scripts that execute in other users' browsers, potentially compromising session data or performing unauthorized actions. Public exploit code exists for this vulnerability, though a patch is available.

XSS AI / ML New Api Suse
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-69252 HIGH POC PATCH This Week

free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 have a NULL Pointer Dereference vulnerability. [CVSS 7.5 HIGH]

Null Pointer Dereference Denial Of Service Udm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-25899 HIGH POC PATCH This Week

Unbounded memory allocation in Fiber v3 (prior to 3.1.0) allows unauthenticated remote attackers to trigger denial of service by sending a malicious fiber_flash cookie that forces deserialization of up to 85GB of memory. All v3 endpoints are vulnerable regardless of flash message usage, and public exploit code exists. No patch is currently available.

Deserialization Fiber Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-67445 HIGH POC This Week

X5000R Firmware versions up to 9.1.0cu.2415_b20250515 is affected by uncontrolled resource consumption (CVSS 7.5).

Denial Of Service X5000r Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-69250 HIGH POC PATCH This Week

free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. [CVSS 7.5 HIGH]

Code Injection Udm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-27584 HIGH POC PATCH This Week

Actual is a local-first personal finance tool. [CVSS 7.5 HIGH]

Authentication Bypass Information Disclosure Actual
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-27642 HIGH POC PATCH This Week

Remote attackers can inject control characters into the SUPI parameter of free5GC UDM versions up to 1.4.1, causing URL parsing failures that leak sensitive system error details and enable service fingerprinting. Public exploit code exists for this vulnerability affecting the Nudm_UEAU service across all vulnerable deployments. A patch is available and should be applied immediately, as no application-level workaround exists.

Code Injection Udm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-26025 HIGH POC This Week

free5GC SMF versions up to 1.4.1 crash when receiving malformed PFCP SessionReportRequest packets on UDP port 8805, allowing unauthenticated remote attackers to cause denial of service. Public exploit code exists for this vulnerability, and no official patch is currently available, requiring organizations to implement network-level mitigations such as ACL restrictions or PFCP message inspection.

Industrial Smf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-26024 HIGH POC This Week

free5GC SMF versions up to 1.4.1 crash when processing malformed PFCP SessionReportRequest messages on the UDP/8805 interface, allowing unauthenticated remote attackers to cause denial of service. Public exploit code exists for this vulnerability, and no upstream patch is currently available. Organizations running affected SMF instances should restrict PFCP interface access to trusted UPF nodes and implement network-level filtering of malformed requests.

Industrial Smf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25882 HIGH POC PATCH This Week

Fiber web framework versions 2 and 3 are vulnerable to denial of service attacks when processing requests to routes containing more than 30 parameters, enabling remote attackers to crash affected applications without authentication. The vulnerability stems from insufficient validation during route registration and unbounded array writes in request matching logic. Public exploit code exists for this high-severity flaw, though patches are available in Fiber v2.52.12 and v3.1.0.

Denial Of Service Fiber Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25501 HIGH POC This Week

free5GC SMF versions up to 1.4.1 crash when processing malformed PFCP SessionReportRequest messages on the PFCP interface, allowing unauthenticated remote attackers to cause denial of service via nil pointer dereference. Public exploit code exists for this vulnerability and no upstream patch is currently available. Network operators should restrict PFCP interface access to trusted UPF sources and consider implementing message validation at network boundaries.

Industrial Smf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25891 HIGH POC PATCH This Week

Fiber web framework versions 3.0.0 and earlier on Windows contain a path traversal vulnerability that allows remote attackers to bypass static file middleware protections and read arbitrary files from the server. Public exploit code exists for this vulnerability, which affects applications using the vulnerable Fiber versions. The issue has been patched in Fiber v3.1.0.

Windows Path Traversal Fiber Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-23678 HIGH This Week

Authenticated attackers can achieve remote code execution on Binardat 10G08-0800GSM network switches by injecting the %1a character into the traceroute hostname parameter on the web management interface, allowing arbitrary CLI command execution. The vulnerability affects firmware version V300SP10260209 and earlier, and currently has no available patch. This requires valid web interface credentials but poses significant risk due to its high severity rating and network-accessible attack vector.

Command Injection 10g08 0800gsm Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-13943 HIGH This Week

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device. [CVSS 8.8 HIGH]

Zyxel Command Injection Dx3300 T1 Firmware Px3321 T1 Firmware Wx5610 B0 Firmware +49
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-63409 HIGH This Week

Gcom Epon 1Ge Firmware versions up to c00r371v00b01 is affected by improper access control (CVSS 8.8).

Privilege Escalation Gcom Epon 1ge Firmware Authentication Bypass
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3044 HIGH This Week

Remote code execution in Tenda AC8 firmware versions up to 16.03.34.06 allows authenticated attackers to execute arbitrary code via a stack-based buffer overflow in the HTTP upload handler. Public exploit code exists for this vulnerability, which has no patch available. An attacker with valid credentials can trigger the overflow by manipulating the boundary parameter in multipart upload requests.

Buffer Overflow Stack Overflow Ac8 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-22765 HIGH This Week

Dell Wyse Management Suite versions prior to 5.5 suffer from improper access controls that allow authenticated remote attackers to escalate their privileges. An attacker with low-level credentials can bypass authorization checks to gain high-privilege access to the system, potentially compromising confidentiality, integrity, and availability. No patch is currently available for this vulnerability.

Authentication Bypass Dell Wyse Management Suite
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2769 HIGH PATCH This Week

A use-after-free vulnerability in the IndexedDB storage component of Firefox and Thunderbird allows remote attackers to achieve arbitrary code execution through user interaction. Affected versions include Firefox below 148, Firefox ESR below 115.33 and 140.8, and Thunderbird below 148 and 140.8. No patch is currently available for this high-severity flaw.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-15386 HIGH This Week

The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved. [CVSS 8.8 HIGH]

WordPress PHP
NVD WPScan
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2798 HIGH PATCH This Week

A use-after-free vulnerability in Firefox and Thunderbird's DOM processing allows remote attackers to execute arbitrary code through a malicious webpage or email attachment, requiring only user interaction to trigger. This affects Firefox versions below 148 and Thunderbird versions below 148, with no patch currently available.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-24443 HIGH This Week

Eventsentry versions up to 6.0.1.20 contains a vulnerability that allows attackers to privilege escalation (CVSS 8.8).

Privilege Escalation Eventsentry
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-1773 HIGH This Week

IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. [CVSS 7.5 HIGH]

Denial Of Service Rtu540 Firmware Rtu560 Firmware Rtu520 Firmware Rtu530 Firmware
NVD VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2024-56373 HIGH PATCH This Week

DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server (server-side) as a result of a user viewing historical task information. [CVSS 8.4 HIGH]

RCE AI / ML Airflow
NVD GitHub
CVSS 3.1
8.4
EPSS
0.1%
CVE-2026-27468 HIGH PATCH This Week

Unauthenticated attackers can bypass FASP administrator approval in Mastodon 4.4.0-4.4.13 and 4.5.0-4.5.6 to subscribe to account events and request content backfill, affecting only servers with the experimental FASP feature enabled. While individual requests cause minor information disclosure of publicly available URIs, repeated exploitation enables denial-of-service attacks. A patch is available to address this authorization bypass.

Denial Of Service Authentication Bypass Mastodon
NVD GitHub
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-25794 HIGH PATCH GHSA This Week

Integer overflow in ImageMagick's UHDR image decoder allows remote attackers to trigger heap buffer overflows by supplying specially crafted images with large dimensions, potentially crashing the application or corrupting heap memory. The vulnerability affects ImageMagick versions prior to 7.1.2-15 and requires no user interaction or authentication to exploit. Organizations using vulnerable versions should upgrade immediately, as no workaround is available.

Imagemagick Buffer Overflow Heap Overflow
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-2460 HIGH This Week

Improper access control in REB500 firmware allows authenticated users with low privileges to read and modify unauthorized directories via the DAC protocol. An attacker with valid credentials can escalate their file system access beyond their intended permissions, potentially compromising sensitive data or system integrity. No patch is currently available for this vulnerability.

Information Disclosure Reb500 Firmware
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-27732 HIGH PATCH This Week

Server-side request forgery in AVideo prior to version 22.0 allows authenticated users to make arbitrary outbound requests from the affected server via an unvalidated downloadURL parameter in the aVideoEncoder.json.php endpoint. An attacker can exploit this to probe internal network services, access metadata endpoints, and retrieve sensitive data, potentially leading to further system compromise. This affects PHP deployments running vulnerable AVideo versions.

PHP SSRF Avideo
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-33180 HIGH This Week

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges. [CVSS 8.0 HIGH]

Linux Privilege Escalation Nvos Cumulus Linux
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-33179 HIGH This Week

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges. [CVSS 8.0 HIGH]

Linux Privilege Escalation Nvos Cumulus Linux
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-14963 HIGH This Week

A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. [CVSS 7.8 HIGH]

Windows Endpoint Security
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-2664 HIGH This Week

Local privilege escalation via out-of-bounds memory read in Docker Desktop's grpcfuse kernel module (versions up to 4.61.0) on Linux, Windows, and macOS allows authenticated local attackers to achieve complete system compromise through manipulation of /proc/docker entries. The vulnerability requires local access and valid user credentials but enables reading and modifying arbitrary kernel memory with high impact on confidentiality, integrity, and availability. Docker Desktop 4.62.0 and later resolve this issue.

Linux Windows macOS Docker Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-1524 HIGH This Week

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider (IDP) there is a risk that a local user store user's information may be replaced during the account provisioning process in cases where federated users share the same username as local users. [CVSS 7.7 HIGH]

Authentication Bypass Api Manager Identity Server
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2026-3105 HIGH PATCH This Week

Mautic's Contact Activity API endpoint is vulnerable to SQL injection due to insufficient validation of the sort direction parameter, allowing authenticated attackers to execute arbitrary SQL queries. This high-severity vulnerability (CVSS 7.6) affects multiple versions and could enable unauthorized data access or modification. No patch is currently available; users should contact security@mautic.org for mitigation guidance.

SQLi Mautic
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-27572 HIGH PATCH This Week

Wasmtime's HTTP header handling in the wasmtime-wasi-http crate crashes when processing excessive header fields, allowing remote attackers to trigger denial of service against applications embedding Wasmtime. The vulnerability affects versions prior to 24.0.6, 36.0.6, 40.0.4, 41.0.4, and 42.0.0, and has been patched to return a controlled trap instead of panicking. Embedders should update immediately to mitigate this DoS vector.

Industrial Denial Of Service Wasmtime Red Hat
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-27195 HIGH PATCH This Week

Wasmtime versions 39.0.0 and later experience a denial-of-service panic when async WebAssembly component functions are called and then abandoned by the host before completion, such as when the Future is dropped after a single poll during an async yield. This affects applications using Wasmtime's component model with async support, allowing an attacker to crash the runtime through specially crafted async function invocations. A patch is available to address this stability issue.

Golang Industrial Wasmtime Red Hat
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25989 HIGH PATCH This Week

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 are vulnerable to denial of service when processing maliciously crafted SVG files due to an off-by-one error in boundary validation. An unauthenticated remote attacker can trigger an integer underflow by bypassing the flawed size check, causing the application to crash or become unresponsive. No patch is currently available for affected deployments.

Denial Of Service Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-2803 HIGH PATCH This Week

The Settings UI component in Firefox and Thunderbird versions prior to 148 fails to properly restrict access to sensitive configuration data, enabling unauthenticated attackers to remotely disclose confidential information without user interaction. This vulnerability bypasses existing security mitigations designed to protect user settings and preferences. No patch is currently available for affected users.

Information Disclosure Mozilla
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-2801 HIGH PATCH This Week

Improper boundary condition handling in the JavaScript/WebAssembly engine of Firefox and Thunderbird before version 148 enables remote denial of service attacks without requiring user interaction or privileges. An attacker can crash affected applications or cause service unavailability by sending specially crafted content. No patch is currently available.

Mozilla Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25985 HIGH PATCH This Week

Imagemagick versions up to 7.1.2-15 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Denial Of Service Imagemagick
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25969 HIGH PATCH This Week

Denial of service in ImageMagick prior to 7.1.2-15 stems from a memory leak in the WriteASHLARImage function within coders/ashlar.c, where an allocated structure is not released when an exception is thrown during ASHLAR image encoding. Remote attackers who can submit images for processing can trigger repeated leaks to exhaust process memory in long-running services that embed ImageMagick. No public exploit identified at time of analysis, and EPSS risk is negligible at 0.05% (16th percentile).

Imagemagick Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-24485 HIGH PATCH This Week

ImageMagick is free and open-source software used for editing and manipulating digital images. [CVSS 7.5 HIGH]

Denial Of Service Magick.Net Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-48928 HIGH PATCH This Week

Piwigo is an open source photo gallery application for the web. In versions on the 14.x branch, when installing, the secret_key configuration parameter is set to MD5(RAND()) in MySQL. [CVSS 7.5 HIGH]

Golang MySQL CSRF Piwigo
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-25965 HIGH PATCH This Week

Local file disclosure in ImageMagick before 7.1.2-15 and 6.9.13-40 lets attackers bypass the path security policy (policy-secure.xml) using directory traversal, reading files a rule such as `/etc/*` was meant to block. Because the policy matcher evaluates the raw, unnormalized filename string before the OS resolves it, a traversal sequence slips past the deny rule while the kernel still opens the real sensitive file. No public exploit is identified at time of analysis and EPSS is very low (0.04%), but the bug undermines a control specifically deployed to harden image-processing pipelines that handle untrusted input.

Path Traversal Imagemagick
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24481 HIGH PATCH This Week

Heap memory disclosure in ImageMagick's PSD file parser allows unauthenticated remote attackers to leak sensitive information from process memory by crafting malicious Photoshop files with improperly compressed layer data. Affected versions prior to 7.1.2-15 and 6.9.13-40 fail to properly validate decompressed data sizes, exposing uninitialized heap contents in generated output images. No patch is currently available for this vulnerability.

Adobe Information Disclosure Imagemagick Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-27521 HIGH This Week

10G08-0800Gsm Firmware is affected by improper restriction of excessive authentication attempts (CVSS 7.5).

Authentication Bypass 10g08 0800gsm Firmware
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-2783 HIGH PATCH This Week

Unauthenticated attackers can extract sensitive information from Firefox and Thunderbird users through a JavaScript engine JIT compilation flaw, affecting all versions prior to Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. The vulnerability requires no user interaction and can be exploited remotely over the network. No patch is currently available for this high-severity flaw.

Information Disclosure Memory Corruption Mozilla
NVD
CVSS 3.1
7.5
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy