THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — February 27, 2026

203 CVEs tracked today. 33 Critical, 77 High, 72 Medium, 11 Low.

CVE-2026-28517 CRITICAL CVSS 9.8
OS command injection in openDCIM 23.04 through commit 4467e9c4 via report_network_map.php allows authenticated users to execute arbitrary commands. EPSS 0.57% with PoC and patch available.

PHP Command Injection Opendcim
CVE-2026-28411 CRITICAL CVSS 9.8
Authentication bypass via unsafe extract() function in WeGIA before 3.6.5. The extract() call on user-controlled data allows overwriting authentication variables. EPSS 0.7% with PoC available.

PHP Authentication Bypass Wegia
CVE-2026-28409 CRITICAL CVSS 10.0
Critical RCE via OS command injection in WeGIA before 3.6.5. Unauthenticated attackers can execute arbitrary commands on the server. CVSS 10.0 with PoC available.

RCE Authentication Bypass Command Injection Wegia
CVE-2026-28408 CRITICAL CVSS 9.8
Authentication bypass in WeGIA charitable institution management system before 3.6.5. The adicionar_tipo_docs_atendido.php script lacks authentication, allowing unauthorized access. PoC available.

PHP Golang Wegia
CVE-2026-28370 CRITICAL CVSS 9.1
Code injection in OpenStack Vitrage query parser allows authenticated users to execute arbitrary Python code through crafted queries. Affects versions before 12.0.1, 13.0.0, 14.0.0, and 15.0.0. PoC available.

RCE Code Injection Authentication Bypass Vitrage
CVE-2026-28363 CRITICAL CVSS 9.9
Validation bypass in OpenClaw tools.exec.safeBins allows shell command execution through GNU long-option abbreviation. Attackers can abuse the 'sort' binary whitelist entry to execute arbitrary commands via abbreviated flags. CVSS 9.9.

Authentication Bypass Privilege Escalation Openclaw
CVE-2026-28268 CRITICAL CVSS 9.8
Business logic vulnerability in Vikunja task management platform before 2.1.0 allows incomplete resource cleanup, potentially enabling unauthorized access to shared resources after user removal.

Authentication Bypass Vikunja Suse
CVE-2026-28231 CRITICAL CVSS 9.1
Integer overflow in pillow_heif Python library before 1.3.0 leads to out-of-bounds read when processing HEIF images, potentially causing information disclosure or crashes. PoC and patch available.

Python Integer Overflow Denial Of Service Information Disclosure Pillow Heif
CVE-2026-27772 CRITICAL CVSS 9.4
Missing WebSocket authentication — fifth CVE in the industrial platform WebSocket family. Same CWE-306 pattern enabling unauthenticated access and station impersonation.

Authentication Bypass Ev.Energy
CVE-2026-27767 CRITICAL CVSS 9.4
Missing WebSocket authentication — fourth CVE in the industrial platform WebSocket family. Same CWE-306 root cause enabling unauthenticated station impersonation.

Authentication Bypass Swtchenergy.Com
CVE-2026-27755 CRITICAL CVSS 9.8
Weak session identifier generation in SODOLA SL902-SWTGW124AS network switch firmware allows attackers to predict session tokens and hijack administrative sessions.

Authentication Bypass Sl902 Swtgw124as Firmware
CVE-2026-27751 CRITICAL CVSS 9.8
Default credentials in SODOLA SL902-SWTGW124AS network switch firmware allow unauthenticated remote access. Default credentials are publicly known, enabling complete device takeover.

Information Disclosure Sl902 Swtgw124as Firmware
CVE-2026-27028 CRITICAL CVSS 9.4
Missing WebSocket authentication — sixth CVE in the industrial platform WebSocket family. Same pattern of unauthenticated access enabling station impersonation and data injection.

Authentication Bypass Mobility46.Se
CVE-2026-25851 CRITICAL CVSS 9.4
Missing WebSocket authentication vulnerability — same family as CVE-2026-20781 and CVE-2026-24731. Unauthenticated access to WebSocket endpoints enables station impersonation.

Authentication Bypass Chargemap.Com
CVE-2026-24731 CRITICAL CVSS 9.4
Missing WebSocket authentication vulnerability identical to CVE-2026-20781. Unauthenticated attackers can perform station impersonation and data injection via unprotected WebSocket endpoints.

Authentication Bypass Ev2go.Io
CVE-2026-24663 CRITICAL CVSS 9.0
Unauthenticated OS command injection in Copeland XWEB Pro HVAC controller version 1.12.1 and prior. EPSS 0.96% indicates real exploitation risk for internet-exposed building automation systems.

Command Injection Xweb 500b Pro Firmware Xweb 300d Pro Firmware Xweb 500d Pro Firmware
CVE-2026-24497 CRITICAL CVSS 9.8
Stack-based buffer overflow in ThinkWise by SimTech Systems allows unauthenticated remote code execution via crafted network input.

Buffer Overflow Stack Overflow Thinkwise
CVE-2026-24352 CRITICAL CVSS 9.8
Session fixation vulnerability in PluXml CMS allows attackers to set session identifiers before authentication, enabling session hijacking after the victim logs in.

Information Disclosure Pluxml
CVE-2026-21718 CRITICAL CVSS 10.0
Authentication bypass in Copeland XWEB Pro HVAC controller version 1.12.1 and prior due to weak cryptographic algorithm. CVSS 10.0 — any unauthenticated attacker can gain full system access to building automation controllers.

Authentication Bypass Xweb 500d Pro Firmware Xweb 300d Pro Firmware Xweb 500b Pro Firmware
CVE-2026-21660 CRITICAL CVSS 9.8
Hardcoded email credentials stored as plaintext in Johnson Controls Frick Controls firmware. Sixth critical vulnerability — exposed credentials could enable account access and lateral movement.

Authentication Bypass Frick Controls Quantum Hd Firmware
CVE-2026-21659 CRITICAL CVSS 9.8
Unauthenticated RCE and information disclosure via Local File Inclusion in Johnson Controls Frick Controls. Fifth critical vulnerability in the product line, enabling arbitrary file reads and code execution.

RCE Lfi Information Disclosure Frick Controls Quantum Hd Firmware
CVE-2026-21658 CRITICAL CVSS 9.8
Unauthenticated remote code execution via code injection in Johnson Controls Frick Controls Quantum HD. Fourth critical vulnerability — this one explicitly noted as unauthenticated RCE.

RCE Code Injection Frick Controls Quantum Hd Firmware
CVE-2026-21657 CRITICAL CVSS 9.8
Second code injection vulnerability in Johnson Controls Frick Controls Quantum HD. Separate attack vector from CVE-2026-21656, same critical impact on industrial refrigeration control.

Code Injection Frick Controls Quantum Hd Firmware
CVE-2026-21656 CRITICAL CVSS 9.8
Code injection in Johnson Controls Frick Controls Quantum HD allows unauthenticated remote code execution on industrial refrigeration systems. Second critical vulnerability in the Quantum HD product line.

Code Injection Frick Controls Quantum Hd Firmware
CVE-2026-21654 CRITICAL CVSS 9.8
OS command injection in Johnson Controls Frick Controls Quantum HD allows unauthenticated remote attackers to execute arbitrary commands on industrial refrigeration control systems. CVSS 9.8.

Command Injection Frick Controls Quantum Hd Firmware
CVE-2026-20781 CRITICAL CVSS 9.4
Missing WebSocket authentication in industrial/IoT device management allows unauthenticated attackers to perform station impersonation, data injection, and denial of service. One of several related CVEs affecting the same WebSocket endpoints.

Authentication Bypass Cloudcharge.Se
CVE-2026-3301 CRITICAL CVSS 9.8
Command injection in TOTOLINK N300RH router firmware 6.1c.1353 via setDiagnosisCfg handler. EPSS 4.0% with PoC available — high exploitation probability for consumer routers.

Command Injection N300rh Firmware
CVE-2026-2750 CRITICAL CVSS 9.1
Input validation vulnerability in Centreon Open Tickets module allows authenticated attackers to manipulate ticket data, potentially affecting monitored infrastructure integrity.

Information Disclosure
CVE-2026-2749 CRITICAL CVSS 9.9
Path traversal in Centreon Open Tickets module allows authenticated attackers to read or write files outside intended directories. CVSS 9.9 with scope change indicates impact beyond the vulnerable component.

Path Traversal
CVE-2026-2251 CRITICAL CVSS 9.8
Path traversal vulnerability in Xerox FreeFlow Core allows attackers to access files outside restricted directories, potentially exposing sensitive print job data and system configurations.

Path Traversal Freeflow Core
CVE-2025-12981 CRITICAL CVSS 9.8
Privilege escalation in Listee WordPress theme allows unauthenticated attackers to gain administrator access. All versions up to 1.1.6 affected.

WordPress Privilege Escalation PHP
CVE-2025-11252 CRITICAL CVSS 9.8
SQL injection in Signum Technology application allows unauthenticated attackers to execute arbitrary SQL queries.

SQLi Windesk.Fm
CVE-2025-11251 CRITICAL CVSS 9.8
SQL injection in Dayneks Software allows unauthenticated attackers to manipulate database queries and extract or modify data.

SQLi Woyio
CVE-2026-28516 HIGH CVSS 8.8
Authenticated users can execute arbitrary SQL commands against openDCIM 23.04 and earlier through unsanitized input in the Config::UpdateParameter function, enabling complete database compromise. The vulnerability exists in install.php and container-install.php handlers that pass user input directly into SQL queries without prepared statements. Public exploit code is available for this SQL injection vulnerability affecting PHP-based deployments.

PHP SQLi Opendcim
CVE-2026-28515 HIGH CVSS 8.8
OpenDCIM through version 23.04 fails to enforce authorization checks in its installation and upgrade handlers, allowing any authenticated user to modify LDAP configuration settings regardless of their assigned roles. Public exploit code exists for this vulnerability, and in deployments where REMOTE_USER authentication is not enforced, unauthenticated attackers may also access these administrative functions. An attacker can exploit this to alter application configuration and potentially compromise directory services integration.

PHP Ldap Opendcim
CVE-2026-28426 HIGH CVSS 8.7
Statmatic is a Laravel and Git powered content management system (CMS). [CVSS 8.7 HIGH]

Laravel XSS Statamic
CVE-2026-28425 HIGH CVSS 8.0
Remote code execution in Statmatic CMS versions prior to 5.73.11 and 6.4.0 allows authenticated users with control panel access and permission to modify Antlers-enabled fields to execute arbitrary code in the application context. An attacker exploiting this vulnerability can fully compromise the application, including stealing sensitive configuration data, modifying or exfiltrating user data, and disrupting availability. A patch is available and exploitation requires authenticated access with specific field configuration permissions.

RCE Code Injection
CVE-2026-28416 HIGH CVSS 8.2
Server-Side Request Forgery in Gradio prior to version 6.6.0 allows attackers to execute arbitrary HTTP requests through a victim's infrastructure by crafting a malicious Space with a poisoned proxy_url configuration. Applications that load untrusted Gradio Spaces via gr.load() are vulnerable to attacks targeting internal services, cloud metadata endpoints, and private networks. No patch is currently available for affected Python/ML applications.

Python SSRF AI / ML Gradio Redhat
CVE-2026-28414 HIGH CVSS 7.5
Gradio versions up to 6.7 contains a vulnerability that allows attackers to read arbitrary files from the file system (CVSS 7.5).

Windows Python Path Traversal AI / ML Gradio
CVE-2026-28406 HIGH CVSS 8.2
Path traversal in Kaniko 1.25.4 through 1.25.9 allows attackers to extract tar archives outside the intended destination directory, enabling arbitrary file writes on the build system. When combined with Docker credential helpers in registry authentication scenarios, this vulnerability can be leveraged for code execution within the Kaniko executor process. Docker and Kubernetes environments using the affected Kaniko versions are at risk.

Docker Kubernetes Kaniko Redhat Suse
CVE-2026-28402 HIGH CVSS 7.1
Authenticated validators in nimiq/core-rs-albatross prior to version 1.2.2 can crash validator nodes by submitting macro block proposals with mismatched body roots that pass verification but cause panics during processing. This vulnerability affects only validator nodes and requires the attacker to be an elected proposer with valid credentials. No patch is currently available, and there is no known workaround.

Denial Of Service
CVE-2026-28400 HIGH CVSS 7.5
and deploy AI models using Docker. versions up to 1.0.16 contains a security vulnerability (CVSS 7.5).

Docker AI / ML
CVE-2026-28372 HIGH CVSS 7.4
Inetutils versions up to 2.7 is affected by inclusion of functionality from untrusted control sphere (CVSS 7.4).

Linux Privilege Escalation Inetutils
CVE-2026-28364 HIGH CVSS 7.9
Remote code execution in OCaml versions before 4.14.3 and 5.x before 5.4.1 allows unauthenticated attackers to execute arbitrary code by supplying malicious serialized data that exploits insufficient bounds checking in the Marshal deserialization function. The vulnerability stems from unbounded memory copy operations in the readblock() function that processes attacker-controlled length values, enabling a multi-stage exploitation chain. No patch is currently available for affected systems.

RCE Buffer Overflow Deserialization Ocaml Redhat
CVE-2026-28272 HIGH CVSS 8.1
Kiteworks Email Protection Gateway prior to version 9.2.0 contains a stored cross-site scripting vulnerability in its configuration interface that allows authenticated administrators to inject malicious scripts executed against other users. An admin with high privileges can exploit this to compromise user sessions and data through the affected UI. No patch is currently available for this vulnerability.

XSS Kiteworks
CVE-2026-27947 HIGH CVSS 8.8
Group Office versions before 26.0.9, 25.0.87, and 6.8.154 allow authenticated attackers to execute arbitrary commands through maliciously crafted TNEF attachments, where attacker-controlled filenames in winmail.dat are processed unsafely with zip wildcard expansion. An attacker with valid credentials can exploit this to achieve remote code execution with full system privileges. No patch is currently available for affected deployments.

RCE Group Office
CVE-2026-27939 HIGH CVSS 8.8
Authenticated Statamic CMS users (versions 6.0.0-6.3.x) can bypass privilege escalation verification checks to gain unauthorized elevated access, potentially enabling unauthorized sensitive operations depending on existing permissions. The vulnerability affects both Statamic and its Laravel framework integration, with a patch available in version 6.4.0.

Laravel Privilege Escalation Statamic
CVE-2026-27836 HIGH CVSS 7.5
Unauthenticated account creation in phpMyFAQ versions before 4.0.18 allows remote attackers to register unlimited user accounts through the WebAuthn prepare endpoint without authentication, CSRF protection, or captcha validation, even when registration is disabled. Public exploit code exists for this vulnerability. Update to version 4.0.18 or later to remediate.

CSRF Phpmyfaq
CVE-2026-27832 HIGH CVSS 8.8
SQL injection in Group Office email template selection endpoint allows authenticated attackers to extract sensitive data from the database through the unvalidated comparator parameter in advancedQueryData. An attacker with valid credentials can perform blind boolean-based attacks to exfiltrate password hashes from the core_auth_password table. Affected versions prior to 26.0.8, 25.0.87, and 6.8.153 require immediate patching.

PHP SQLi Group Office
CVE-2026-27776 HIGH CVSS 8.8
Remote code execution in intra-mart Accel Platform's IM-LogicDesigner module through insecure deserialization of crafted files imported by administrative users. An attacker with admin privileges can execute arbitrary code by importing a malicious file, with no patch currently available. The vulnerability affects all deployments where IM-LogicDesigner is enabled.

Deserialization RCE
CVE-2026-27757 HIGH CVSS 7.1
Sl902-Swtgw124As Firmware versions up to 200.1.20 contains a vulnerability that allows attackers to change account passwords without verifying the current password (CVSS 7.1).

Information Disclosure Sl902 Swtgw124as Firmware
CVE-2026-27707 HIGH CVSS 7.3
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. [CVSS 7.3 HIGH]

Information Disclosure Seerr
CVE-2026-27652 HIGH CVSS 7.3
Session hijacking in Cloudcharge.Se's WebSocket backend allows remote attackers to impersonate legitimate charging stations by exploiting predictable session identifiers and the acceptance of duplicate connections, enabling command interception and station displacement. An attacker can authenticate as other users or trigger denial-of-service conditions by flooding the backend with valid session requests. No patch is currently available.

Authentication Bypass Cloudcharge.Se
CVE-2026-27647 HIGH CVSS 7.3
Mobility46.Se's WebSocket implementation allows multiple connections to share predictable session identifiers, enabling attackers to intercept and hijack active charging station sessions without authentication. An attacker can impersonate legitimate stations to execute arbitrary backend commands, intercept communications, or launch denial-of-service attacks by flooding the service with valid session requests. No patch is currently available for this vulnerability.

Authentication Bypass Mobility46.Se
CVE-2026-26862 HIGH CVSS 8.3
CleverTap Web SDK versions 1.15.2 and earlier contain a DOM-based XSS vulnerability in the Visual Builder module due to improper origin validation of postMessage events, allowing attackers to inject malicious scripts through crafted subdomains. Public exploit code exists for this vulnerability, which affects all users of the affected SDK versions. An attacker can execute arbitrary JavaScript in the context of a victim's browser session to steal sensitive data or perform unauthorized actions.

XSS Clevertap Web Sdk
CVE-2026-26861 HIGH CVSS 8.3
CleverTap Web SDK through version 1.15.2 contains a cross-site scripting vulnerability in its postMessage handler that fails to properly validate message origins, allowing attackers to inject malicious scripts by exploiting subdomain bypass techniques. Public exploit code exists for this vulnerability, and affected applications can be compromised through user interaction. A patch is available to address the insufficient origin validation in the nativeDisplay.js component.

XSS Clevertap Web Sdk
CVE-2026-26305 HIGH CVSS 7.5
Mobility46.Se's WebSocket API fails to implement authentication rate limiting, enabling remote attackers to launch denial-of-service attacks against charger telemetry systems or conduct brute-force attacks to compromise accounts. The vulnerability requires no authentication or user interaction and affects all network-accessible instances. No patch is currently available.

Authentication Bypass Mobility46.Se
CVE-2026-26290 HIGH CVSS 7.3
Ev.Energy's WebSocket implementation accepts duplicate session identifiers from multiple endpoints, allowing attackers to hijack active charging station sessions through predictable identifier prediction. An unauthenticated remote attacker can impersonate legitimate stations to intercept commands, authenticate as other users, or disrupt service by flooding the backend with spoofed session requests. No patch is currently available.

Authentication Bypass Ev.Energy
CVE-2026-25945 HIGH CVSS 7.5
Ev2go.Io's WebSocket API lacks authentication rate limiting, enabling attackers to launch denial-of-service attacks that disrupt charger telemetry or conduct brute-force attacks to compromise user accounts. The vulnerability affects all users of the platform and currently has no available patch. With a CVSS score of 7.5 and low exploit prevalence, this represents a significant availability and authentication risk requiring immediate mitigation.

Authentication Bypass Ev2go.Io
CVE-2026-25778 HIGH CVSS 7.3
Session hijacking in Swtchenergy.Com's WebSocket backend allows remote attackers to impersonate legitimate charging stations and intercept backend commands by exploiting predictable and non-unique session identifiers. An attacker can authenticate as other users, redirect charging station communications, or launch denial-of-service attacks by flooding the backend with valid session requests. No patch is currently available for this vulnerability.

Authentication Bypass Swtchenergy.Com
CVE-2026-25721 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary OS commands by injecting malicious payloads into the server username or password fields during restore operations via the API V1 endpoint. The vulnerability affects Xweb 300d Pro, 500b Pro, and 500d Pro devices and requires high-level privileges but could compromise the entire system. No patch is currently available for this vulnerability.

RCE Command Injection Xweb 500b Pro Firmware Xweb 300d Pro Firmware Xweb 500d Pro Firmware
CVE-2026-25711 HIGH CVSS 7.3
Chargemap.Com's WebSocket backend accepts multiple connections with identical session identifiers, allowing attackers to hijack charging station sessions and intercept backend commands through predictable identifier prediction. An unauthenticated remote attacker can impersonate legitimate charging stations, execute unauthorized operations, or disrupt service availability by flooding the backend with crafted session requests. No patch is currently available.

Authentication Bypass Chargemap.Com
CVE-2026-25196 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware (versions 1.12.1 and earlier) allows authenticated attackers to execute arbitrary OS commands by injecting malicious payloads into Wi-Fi SSID or password configuration fields. The vulnerability affects multiple Xweb Pro models (300d, 500b, 500d) and requires high privilege access to exploit, though successful exploitation grants complete system compromise across the network. No patch is currently available.

RCE Command Injection Xweb 500b Pro Firmware Xweb 300d Pro Firmware Xweb 500d Pro Firmware
CVE-2026-25195 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary OS commands by submitting a malicious firmware update file through the update mechanism. The vulnerability affects multiple XWEB Pro models (300d, 500d, and 500b) and requires high-level privileges to exploit. No patch is currently available for this high-severity command injection flaw (CVSS 8.0).

RCE Command Injection Xweb 300d Pro Firmware Xweb 500d Pro Firmware Xweb 500b Pro Firmware
CVE-2026-25147 HIGH CVSS 7.1
OpenEMR versions prior to 8.0.0 allow authenticated portal users to access other patients' protected health information through insecure direct object references (IDOR) in the payment portal, enabling horizontal privilege escalation to view and modify another patient's demographics, invoices, and payment history. The vulnerability stems from accepting patient ID values from user-controlled request parameters instead of validating against the authenticated user's session. Public exploit code exists for this vulnerability.

PHP Privilege Escalation Openemr
CVE-2026-25114 HIGH CVSS 7.5
Cloudcharge.Se's WebSocket API fails to implement authentication rate limiting, enabling attackers to launch denial-of-service attacks against charger infrastructure or conduct brute-force credential attacks without restriction. The vulnerability affects remote, unauthenticated attackers and could result in service disruption or unauthorized system access. No patch is currently available.

Authentication Bypass Cloudcharge.Se
CVE-2026-25113 HIGH CVSS 7.5
Switchenergy.com's WebSocket API fails to implement rate limiting on authentication attempts, enabling attackers to launch denial-of-service attacks against the platform's charger telemetry infrastructure or execute brute-force credential attacks. This network-accessible vulnerability requires no authentication or user interaction, making it trivial to exploit and potentially exposing the service to sustained availability disruptions or account compromise.

Authentication Bypass Swtchenergy.Com
CVE-2026-25111 HIGH CVSS 8.0
Remote code execution in XWEB Pro versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary OS commands via malicious input submitted to the restore functionality. The vulnerability affects Xweb 500d Pro, 500b Pro, and 300d Pro firmware versions, with no patch currently available. An attacker with valid credentials could compromise the affected device and gain full system control.

RCE Command Injection Xweb 500d Pro Firmware Xweb 500b Pro Firmware Xweb 300d Pro Firmware
CVE-2026-25109 HIGH CVSS 8.0
Remote code execution in Xweb 300d Pro, 500d Pro, and 500b Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary OS commands by injecting malicious input through the devices field in the setup route. An attacker with valid credentials can exploit this command injection vulnerability to gain complete system control. No patch is currently available for this vulnerability.

RCE Command Injection Xweb 300d Pro Firmware Xweb 500d Pro Firmware Xweb 500b Pro Firmware
CVE-2026-25105 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary OS commands by injecting malicious input into the Modbus command tool parameters accessible through the debug route. The vulnerability affects Xweb 300d Pro, 500d Pro, and 500b Pro devices, with a CVSS score of 8.0 indicating high severity. No patch is currently available for this command injection flaw.

RCE Command Injection Xweb 300d Pro Firmware Xweb 500d Pro Firmware Xweb 500b Pro Firmware
CVE-2026-25085 HIGH CVSS 8.6
Copeland XWEB Pro firmware versions 1.12.1 and earlier suffer from an authentication bypass vulnerability where malformed authentication responses are incorrectly validated as legitimate, allowing unauthenticated remote attackers to gain unauthorized access. The flaw affects multiple XWEB Pro models (500d, 300d, and 500b) with a CVSS score of 8.6 indicating high severity, though no patch is currently available. An attacker exploiting this vulnerability could bypass security controls and potentially access sensitive device functionality without valid credentials.

Authentication Bypass Xweb 500d Pro Firmware Xweb 300d Pro Firmware Xweb 500b Pro Firmware
CVE-2026-25037 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware versions 1.12.1 and prior allows authenticated attackers to execute arbitrary OS commands by injecting malicious payloads through crafted LCD state configurations that are processed during system initialization. This vulnerability affects Xweb 300d Pro, 500b Pro, and 500d Pro devices and requires high-level privileges to exploit, though the impact extends across connected systems. No patch is currently available for this high-severity vulnerability (CVSS 8.0).

RCE Command Injection Xweb 500b Pro Firmware Xweb 300d Pro Firmware Xweb 500d Pro Firmware
CVE-2026-24695 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary commands by injecting malicious input into OpenSSL parameter fields. An attacker with valid credentials can exploit this command injection vulnerability through the utility route to gain complete system compromise. No patch is currently available for affected XWEB 500b Pro and 300d Pro devices.

OpenSSL Tls RCE Command Injection Xweb 500b Pro Firmware
CVE-2026-24689 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware (versions 1.12.1 and earlier) allows authenticated attackers to execute arbitrary OS commands by injecting malicious input into the devices field during firmware updates. The vulnerability affects multiple Xweb Pro models (500d, 300d, and 500b) and requires high privileges to exploit, though it can impact the entire system. No patch is currently available for this HIGH severity issue.

RCE Command Injection Xweb 500d Pro Firmware Xweb 300d Pro Firmware Xweb 500b Pro Firmware
CVE-2026-24517 HIGH CVSS 8.0
Remote code execution in Xweb 300d/500b/500d Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary OS commands by injecting malicious input into the firmware update endpoint. The vulnerability stems from insufficient input validation in command processing and requires high privileges but affects the entire system scope. No patch is currently available for this HIGH severity issue.

RCE Command Injection Xweb 300d Pro Firmware Xweb 500b Pro Firmware Xweb 500d Pro Firmware
CVE-2026-24498 HIGH CVSS 7.5
Multiple IpTIME router firmware versions (T5008, AX2004M, AX3000Q, AX6000M) through 15.26.8 contain an authentication bypass vulnerability that exposes sensitive information to unauthenticated remote attackers. An attacker can leverage this flaw to access confidential device data without valid credentials. No patch is currently available for affected devices.

Authentication Bypass Information Disclosure T5008 Firmware Ax3000q Firmware Ax2004m Firmware
CVE-2026-24452 HIGH CVSS 8.0
Remote code execution in Xweb Pro firmware (versions 1.12.1 and prior) allows authenticated attackers to execute arbitrary OS commands by uploading a malicious template file through the devices route. This vulnerability affects Xweb 300d Pro, 500b Pro, and 500d Pro models, with no patch currently available. The high CVSS score of 8.0 reflects the severity of achieving code execution with administrative privileges on vulnerable devices.

RCE Command Injection Xweb 300d Pro Firmware Xweb 500b Pro Firmware Xweb 500d Pro Firmware
CVE-2026-24445 HIGH CVSS 7.5
Ev.Energy's WebSocket API fails to implement rate limiting on authentication attempts, enabling attackers to launch denial-of-service attacks against charger telemetry systems or conduct brute-force credential attacks without restriction. This vulnerability affects all unauthenticated network-based interactions with the affected application and has no available patch at this time.

Authentication Bypass Ev.Energy
CVE-2026-23702 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier (affecting Xweb 500b Pro, 500d Pro, and 300d Pro models) allows authenticated attackers to execute arbitrary OS commands by injecting malicious input into the server username field during the import preconfiguration API action. An attacker with administrative privileges can exploit this OS command injection vulnerability to gain complete system compromise. No patch is currently available for this vulnerability.

RCE Command Injection Xweb 500b Pro Firmware Xweb 500d Pro Firmware Xweb 300d Pro Firmware
CVE-2026-21389 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware (versions 1.12.1 and earlier) allows authenticated attackers to execute arbitrary OS commands by submitting malicious input through the contacts import endpoint. The vulnerability affects multiple Xweb Pro models (500d, 300d, and 500b) and requires high-level privileges but can compromise the entire system. No patch is currently available.

RCE Command Injection Xweb 500d Pro Firmware Xweb 300d Pro Firmware Xweb 500b Pro Firmware
CVE-2026-20910 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary OS commands by injecting malicious input through the devices field during firmware update operations. The vulnerability affects multiple Xweb Pro models (500d, 500b, and 300d) and requires high-level privileges to exploit, though it can impact the entire system. No patch is currently available for this HIGH severity issue.

RCE Command Injection Xweb 500d Pro Firmware Xweb 500b Pro Firmware Xweb 300d Pro Firmware
CVE-2026-20902 HIGH CVSS 8.0
Remote code execution in Xweb 300d Pro, 500b Pro, and 500d Pro firmware (version 1.12.1 and prior) allows authenticated attackers to execute arbitrary OS commands by injecting malicious payloads into the map filename field during file upload operations. An attacker with valid credentials can exploit this command injection flaw to gain full system control. No patch is currently available for this vulnerability.

RCE Command Injection Xweb 300d Pro Firmware Xweb 500b Pro Firmware Xweb 500d Pro Firmware
CVE-2026-20895 HIGH CVSS 7.3
Session hijacking in Ev2go.Io's WebSocket backend allows remote attackers to impersonate legitimate charging stations and intercept commands due to predictable session identifiers and insufficient endpoint validation. An unauthenticated attacker can establish multiple connections with the same session ID to displace legitimate stations, potentially gaining unauthorized access to charging infrastructure or disrupting service availability. No patch is currently available.

Authentication Bypass Ev2go.Io
CVE-2026-20792 HIGH CVSS 7.5
Chargemap.Com's WebSocket API lacks authentication rate limiting, enabling attackers to launch denial-of-service attacks that disrupt charger telemetry or conduct brute-force credential attacks against user accounts. The vulnerability affects all users of the platform and currently has no available patch. With a CVSS score of 7.5 and minimal exploit prerequisites (no authentication or user interaction required), this represents a significant availability risk.

Authentication Bypass Chargemap.Com
CVE-2026-20764 HIGH CVSS 8.0
Authenticated attackers can execute arbitrary OS commands on Xweb Pro devices (versions 1.12.1 and earlier across 300d, 500b, and 500d models) by injecting malicious payloads into the hostname configuration parameter during system setup. This command injection vulnerability grants remote code execution with high privileges on affected systems. No patch is currently available, requiring organizations to implement network access controls or disable affected devices until remediation is released.

RCE Command Injection Xweb 500b Pro Firmware Xweb 500d Pro Firmware Xweb 300d Pro Firmware
CVE-2026-20742 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary OS commands by injecting malicious input through the templates route. Affected versions include Xweb 500d Pro, 300d Pro, and 500b Pro. No patch is currently available for this vulnerability.

RCE Command Injection Xweb 500d Pro Firmware Xweb 300d Pro Firmware Xweb 500b Pro Firmware
CVE-2026-3275 HIGH CVSS 8.8
Remote code execution in Tenda F453 firmware allows authenticated attackers to achieve complete system compromise through a buffer overflow in the httpd address NAT function. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

Buffer Overflow F453 Firmware
CVE-2026-3274 HIGH CVSS 8.8
Remote code execution in Tenda F453 firmware through a buffer overflow in the L7Prot HTTP handler allows unauthenticated attackers to achieve full system compromise via a malicious page parameter. Public exploit code exists for this vulnerability, increasing the risk of widespread attacks. No patch is currently available, leaving affected devices vulnerable until firmware updates are released.

Buffer Overflow F453 Firmware
CVE-2026-3273 HIGH CVSS 8.8
Remote code execution in Tenda F453 firmware version 1.0.0.3 allows authenticated attackers to execute arbitrary code via a buffer overflow in the wireless security settings endpoint. The vulnerability exists in the httpd component's formWrlsafeset function and can be triggered through manipulation of the mit_ssid_index parameter. Public exploit code is available and no patch has been released.

Buffer Overflow F453 Firmware
CVE-2026-3272 HIGH CVSS 8.8
Unauthenticated remote attackers can execute arbitrary code on Tenda F453 devices running firmware 1.0.0.3 by exploiting a stack buffer overflow in the DHCP list client function through the httpd service. Public exploit code exists for this vulnerability and no patch is currently available. The attack requires network access but no user interaction, making it trivial to exploit.

Buffer Overflow F453 Firmware
CVE-2026-3271 HIGH CVSS 8.8
Remote code execution in Tenda F453 firmware through a buffer overflow in the P2pListFilter HTTP handler allows authenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, creating immediate risk for deployed devices. No patch is currently available, leaving affected systems vulnerable to exploitation.

Buffer Overflow F453 Firmware
CVE-2026-3037 HIGH CVSS 8.0
Remote code execution in XWEB Pro firmware (versions 1.12.1 and earlier) allows authenticated attackers to execute arbitrary OS commands by injecting malicious payloads into the MBird SMS service URL parameters processed during system setup. The vulnerability affects Xweb 500d Pro, 500b Pro, and 300d Pro models, with no patch currently available. Exploitation requires high privilege access but carries high impact due to complete system compromise potential.

RCE Command Injection Xweb 500d Pro Firmware Xweb 500b Pro Firmware Xweb 300d Pro Firmware
CVE-2026-2751 HIGH CVSS 8.3
Blind SQL injection in Centreon Web's Service Dependencies module allows authenticated attackers to extract sensitive database information through unsanitized array keys in deletion requests. This vulnerability affects Centreon Web versions before 25.10.8, 24.10.20, and 24.04.24 on Linux systems, requiring valid credentials but no user interaction to exploit. No patch is currently available, leaving affected deployments vulnerable to database reconnaissance and potential data exfiltration.

Linux SQLi Centreon Web
CVE-2026-2597 HIGH CVSS 7.5
Heap buffer overflow in Crypt::SysRandom::XS before version 0.010 allows denial of service through negative length parameter validation bypass in the random_bytes() function. When negative values are passed to the function, integer wraparound causes incorrect memory allocation and unbounded writes to heap memory, triggering application crashes. Exploitation requires attacker control over the length argument, which in typical usage is hardcoded, limiting practical attack scenarios.

Buffer Overflow Memory Corruption Denial Of Service
CVE-2026-2428 HIGH CVSS 7.5
Fluent Forms Pro Add On Pack for WordPress versions up to 6.1.17 fail to verify PayPal Instant Payment Notifications by default, allowing unauthenticated attackers to forge payment confirmations and mark unpaid submissions as paid. An attacker can exploit this to trigger post-payment automation including email delivery, access grants, and digital product distribution without actual payment. The vulnerability affects all installations that have not manually enabled IPN verification and currently lacks a patch.

WordPress PHP
CVE-2026-2252 HIGH CVSS 7.5
Xerox FreeFlow Core versions through 8.0.7 contain an XML External Entity (XXE) vulnerability that allows unauthenticated remote attackers to conduct Server-Side Request Forgery attacks by submitting malicious XML input. This vulnerability could enable attackers to access internal resources or sensitive data on the affected system. A patch is currently unavailable, though Xerox recommends upgrading to version 8.1.0.

SSRF XXE Freeflow Core
CVE-2026-1442 HIGH CVSS 7.8
Unitree robotics firmware updates can be modified and executed by local attackers due to inadequate encryption of the firmware protection mechanism, allowing arbitrary code execution on affected Go1 and Go2 models. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with physical or local access could tamper with firmware packages to gain complete control over the device.

Authentication Bypass Go2 Edu Plus Firmware Go1 Air Firmware Go2 Air Firmware Go1 Pro Firmware
CVE-2026-0980 HIGH CVSS 8.3
Remote code execution in Red Hat Satellite's rubyipmi BMC component allows authenticated users with host creation or update permissions to execute arbitrary code by injecting malicious input into the BMC username field. An attacker with these privileges can compromise the underlying system through command injection. No patch is currently available for this vulnerability.

Redhat RCE Command Injection
CVE-2025-69437 HIGH CVSS 8.7
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. [CVSS 8.7 HIGH]

Java Publiccms XSS
CVE-2025-40932 HIGH CVSS 8.2
Apache\ versions up to \ contains a vulnerability that allows attackers to gain access to systems (CVSS 8.2).

Apache Suse
CVE-2025-10990 HIGH CVSS 7.5
A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. [CVSS 7.5 HIGH]

Denial Of Service Redhat Suse
CVE-2019-25497 HIGH CVSS 8.2
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the currency parameter. [CVSS 8.2 HIGH]

PHP SQLi Oscommerce
CVE-2019-25496 HIGH CVSS 8.2
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the products_id parameter. [CVSS 8.2 HIGH]

PHP SQLi Oscommerce
CVE-2019-25495 HIGH CVSS 8.2
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviews_id parameter. [CVSS 8.2 HIGH]

PHP SQLi Oscommerce
CVE-2019-25494 HIGH CVSS 8.2
Homey BNB V4 contains an SQL injection vulnerability in the administration panel login that allows unauthenticated attackers to bypass authentication by injecting SQL syntax into username and password fields. [CVSS 8.2 HIGH]

SQLi Authentication Bypass Airbnb Clone Script
CVE-2019-25493 HIGH CVSS 8.2
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'val' parameter. [CVSS 8.2 HIGH]

PHP SQLi Airbnb Clone Script
CVE-2019-25492 HIGH CVSS 8.2
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. [CVSS 8.2 HIGH]

PHP SQLi Airbnb Clone Script
CVE-2019-25491 HIGH CVSS 8.2
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. [CVSS 8.2 HIGH]

PHP SQLi Airbnb Clone Script
CVE-2019-25490 HIGH CVSS 8.2
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' parameter. [CVSS 8.2 HIGH]

PHP SQLi Airbnb Clone Script
CVE-2019-25489 HIGH CVSS 8.2
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the hosting_id parameter. [CVSS 8.2 HIGH]

SQLi Denial Of Service Airbnb Clone Script
CVE-2026-28424 MEDIUM CVSS 6.5
Statamic CMS versions before 5.73.11 and 6.4.0 expose user email addresses through the user fieldtype data endpoint to authenticated users lacking "view users" permissions, allowing information disclosure. An authenticated attacker with limited privileges can retrieve sensitive email information that should be restricted, potentially enabling targeted attacks or account enumeration.

Laravel Statamic
CVE-2026-28423 MEDIUM CVSS 6.8
Statmatic is a Laravel and Git powered content management system (CMS). [CVSS 6.8 MEDIUM]

Laravel Statamic
CVE-2026-28421 MEDIUM CVSS 5.3
Vim versions before 9.2.0077 contain heap buffer overflow and segmentation fault vulnerabilities in swap file recovery that can be triggered by opening a specially crafted swap file, affecting users who recover sessions from untrusted sources. An attacker could exploit this to cause application crashes or potentially achieve code execution through memory corruption. A patch is available in version 9.2.0077 and later.

Code Injection Vim Redhat Suse
CVE-2026-28420 MEDIUM CVSS 4.4
Vim versions prior to 9.2.0076 contain a heap buffer overflow and out-of-bounds read vulnerability in the terminal emulator when handling Unicode combining characters from supplementary planes, allowing a local attacker with user interaction to cause memory corruption and denial of service. The vulnerability requires local access and user interaction to trigger, with no confidentiality impact but potential integrity and availability consequences. A patch is available in version 9.2.0076 and later.

Buffer Overflow Heap Overflow Vim Redhat Suse
CVE-2026-28419 MEDIUM CVSS 5.3
Vim versions prior to 9.2.0075 contain a heap buffer underflow in the tags file parser that triggers when processing malformed tag files with delimiters at line starts, potentially allowing local attackers with user interaction to read out-of-bounds memory and cause information disclosure or crashes. The vulnerability requires local file system access and user interaction to exploit, with a CVSS score of 5.3 indicating medium severity. A patch is available in Vim 9.2.0075 and later versions.

Heap Overflow Vim Redhat Suse
CVE-2026-28418 MEDIUM CVSS 4.4
Vim versions prior to 9.2.0074 contain a heap buffer overflow in the Emacs-style tags file parser that allows reading up to 7 bytes of out-of-bounds memory when processing malformed tags files. A local attacker can trigger this vulnerability through a crafted tags file to leak sensitive information from the application's memory. The vulnerability has been patched in version 9.2.0074 and later.

Buffer Overflow Heap Overflow Vim Redhat Suse
CVE-2026-28417 MEDIUM CVSS 4.4
Arbitrary command execution in Vim's netrw plugin prior to version 9.2.0073 allows attackers to execute shell commands with user privileges by crafting malicious URLs (such as scp:// handlers) that users are tricked into opening. The vulnerability requires user interaction but poses a local privilege escalation risk in multi-user environments. A patch is available in Vim 9.2.0073 and later.

Command Injection Vim Redhat Suse
CVE-2026-28415 MEDIUM CVSS 4.3
Open redirect in Gradio's OAuth implementation allows unauthenticated attackers to redirect users to arbitrary external URLs through the unvalidated _target_url parameter on /logout and /login/callback endpoints in applications with OAuth enabled. This affects Gradio versions prior to 6.6.0 running on Hugging Face Spaces with gr.LoginButton, enabling phishing attacks or credential theft. The vulnerability has been patched in version 6.6.0 by sanitizing the parameter to only accept relative URLs.

Python AI / ML Gradio Hugging Face Redhat
CVE-2026-28407 MEDIUM CVSS 5.3
Malcontent versions before 1.21.0 fail to preserve nested archives that cannot be extracted, potentially allowing malicious content to evade detection during supply-chain compromise analysis. An attacker could exploit this by embedding malicious payloads in problematic nested archives that the tool would discard without scanning. The vulnerability has a patch available in version 1.21.0 and later.

Information Disclosure Malcontent Suse
CVE-2026-28354 MEDIUM CVSS 6.5
Unauthorized collection manipulation in ClipBucket v5 prior to 5.5.3 #59 allows authenticated attackers to add or remove items from other users' collections due to missing and broken authorization checks in the add and delete item functions. An attacker with valid credentials can exploit this to alter collections they do not own without restriction. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP Clipbucket
CVE-2026-28352 MEDIUM CVSS 6.5
Missing authentication checks on Indico's event series management API endpoint allows unauthenticated attackers to view event metadata, delete series, and modify series configurations. The vulnerability affects Indico versions prior to 3.3.11 and has limited impact as it does not grant access to actual event data beyond basic metadata. Upgrade to version 3.3.11 or restrict API endpoint access at the web server level to remediate.

Flask Indico
CVE-2026-28351 MEDIUM CVSS 5.3
Crafted PDF files can trigger excessive memory consumption in pypdf versions before 6.7.4 when processing content streams with the RunLengthDecode filter, enabling denial-of-service attacks against applications using the library. An unauthenticated attacker can exploit this remotely by submitting a malicious PDF, causing the affected application to exhaust system memory. A patch is available in pypdf 6.7.4 and later.

Python Pypdf Redhat Suse
CVE-2026-28338 MEDIUM CVSS 6.8
Cross-site scripting (XSS) in PMD's legacy vbhtml and yahtml report formats allows arbitrary JavaScript execution when HTML reports are opened in a browser, triggered by analyzing malicious source code containing crafted string literals. Public exploit code exists for this vulnerability affecting PMD versions prior to 7.22.0. The impact is limited since these legacy formats are rarely used and the default html format is properly escaped.

XSS Pmd
CVE-2026-28288 MEDIUM CVSS 5.3
Dify versions prior to 1.9.0 leak information through inconsistent API responses that distinguish between registered and non-registered email addresses, enabling attackers to enumerate valid user accounts. Public exploit code exists for this vulnerability, and affected users should upgrade to version 1.9.0 or later to remediate the information disclosure risk.

Information Disclosure AI / ML Dify
CVE-2026-28271 MEDIUM CVSS 6.5
Kiteworks versions prior to 9.2.0 contain a DNS rebinding vulnerability that allows authenticated administrators to circumvent SSRF protections and access restricted internal services. An attacker with administrative privileges could exploit this misconfiguration to reach backend systems that should be isolated from external access. No patch is currently available for affected deployments.

Dns SSRF Kiteworks
CVE-2026-28270 MEDIUM CVSS 4.9
Kiteworks versions prior to 9.2.0 lack proper file validation in their configuration upload functionality, allowing authenticated administrators to upload arbitrary files to the system. An attacker with administrative privileges could exploit this to introduce malicious or unauthorized file types, potentially compromising system integrity. A patch is available in version 9.2.0 and later.

File Upload Kiteworks
CVE-2026-27824 MEDIUM CVSS 5.3
Calibre Content Server's brute-force protection can be bypassed by manipulating the X-Forwarded-For HTTP header, allowing attackers to circumvent IP-based account lockouts and conduct credential stuffing attacks. Public exploit code exists for this vulnerability, which affects Calibre versions prior to 9.4.0 and poses a significant risk to internet-exposed servers where brute-force protection is the primary authentication defense mechanism. No patch is currently available for affected versions.

Authentication Bypass Calibre Suse
CVE-2026-27810 MEDIUM CVSS 6.4
HTTP response header injection in Calibre Content Server prior to version 9.4.0 permits authenticated users to inject arbitrary headers through an unsanitized query parameter, potentially enabling cache poisoning, session fixation, or credential theft attacks. Any authenticated user can exploit this vulnerability directly or via social engineering, affecting all instances with authentication enabled. Public exploit code exists and no patch is currently available.

Code Injection Calibre Suse
CVE-2026-27793 MEDIUM CVSS 6.5
Seerr prior to version 3.1.0 leaks sensitive third-party API credentials (Pushover, Pushbullet, Telegram) through the GET /api/v1/user/:id endpoint to any authenticated user regardless of privilege level. When combined with CVE-2026-27707 (unauthenticated account creation), an attacker can gain zero-prior-access to extract credentials for all users including administrators. The vulnerability is fixed in version 3.1.0.

Authentication Bypass Seerr
CVE-2026-27792 MEDIUM CVSS 5.4
Seerr versions 2.7.0 through 3.0.x contain an authorization bypass in push subscription API endpoints that allows authenticated users to read and modify other users' data due to missing permission checks. An attacker with valid credentials can exploit this to access sensitive information and alter configurations belonging to arbitrary accounts. The vulnerability is fixed in version 3.1.0.

Authentication Bypass Seerr
CVE-2026-27773 MEDIUM CVSS 6.5
Switchenergy.Com exposes charging station authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated attackers to discover and potentially intercept sensitive authentication data. This vulnerability affects users and operators relying on the platform's mapping functionality and could enable unauthorized access to charging infrastructure. No patch is currently available to address this exposure.

Authentication Bypass Swtchenergy.Com
CVE-2026-27758 MEDIUM CVSS 4.3
Sl902-Swtgw124As Firmware versions up to 200.1.20 is affected by cross-site request forgery (csrf) (CVSS 4.3).

CSRF Sl902 Swtgw124as Firmware
CVE-2026-27756 MEDIUM CVSS 6.1
Sl902-Swtgw124As Firmware versions up to 200.1.20 is affected by cross-site scripting (xss) (CVSS 6.1).

XSS Sl902 Swtgw124as Firmware
CVE-2026-27754 MEDIUM CVSS 6.5
Session cookie forgery in SODOLA SL902-SWTGW124AS firmware through version 200.1.20 stems from the use of cryptographically broken MD5 hashing for session token generation, allowing unauthenticated remote attackers to forge valid session cookies and gain unauthorized device access. The vulnerability requires no user interaction and affects all default configurations, with no patch currently available. MD5's known collision vulnerabilities combined with predictable token generation significantly lower the computational barrier for successful exploitation.

Authentication Bypass Sl902 Swtgw124as Firmware
CVE-2026-27753 MEDIUM CVSS 6.5
Sl902-Swtgw124As Firmware versions up to 200.1.20 is affected by improper restriction of excessive authentication attempts (CVSS 6.5).

Authentication Bypass Sl902 Swtgw124as Firmware
CVE-2026-27752 MEDIUM CVSS 5.9
Sl902-Swtgw124As Firmware versions up to 200.1.20 is affected by cleartext transmission of sensitive information (CVSS 5.9).

Information Disclosure Sl902 Swtgw124as Firmware
CVE-2026-27734 MEDIUM CVSS 6.5
Path traversal in Beszel hub's container API endpoints allows authenticated users, including those with read-only roles, to bypass validation and access arbitrary Docker Engine API endpoints on agent hosts through improper URL path construction. This exposure of sensitive infrastructure details affects Beszel versions prior to 0.18.4 and Docker integrations, with public exploit code already available. The vulnerability requires valid authentication but no special privileges, making it exploitable by low-privileged users in multi-tenant environments.

Docker Beszel Suse
CVE-2026-27653 MEDIUM CVSS 6.7
Soliton Systems installers for Securebrowser For Onegate, Secureworkspace, and Securebrowser II fail to set proper file permissions during installation, enabling local authenticated users to execute arbitrary code with SYSTEM privileges. An attacker with user-level access can exploit this misconfiguration to achieve full system compromise. No patch is currently available.

Privilege Escalation RCE Securebrowser For Onegate Secureworkspace Securebrowser Ii
CVE-2026-26997 MEDIUM CVSS 5.4
Stored cross-site scripting in ClipBucket v5 prior to version 5.5.3 #59 allows authenticated users to inject malicious scripts that execute when viewed by administrators, enabling session hijacking or credential theft. Public exploit code exists for this vulnerability, which affects the open-source video sharing platform and has been patched in the latest release.

XSS Clipbucket
CVE-2026-25774 MEDIUM CVSS 6.5
Ev.Energy charging stations expose authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated remote attackers to obtain access identifiers. An attacker with these credentials could potentially intercept or manipulate charging sessions and related data. No patch is currently available for this exposure.

Authentication Bypass Ev.Energy
CVE-2026-24488 MEDIUM CVSS 6.5
OpenEMR versions up to 8.0.0 contain a path traversal vulnerability in the fax sending functionality that allows authenticated users to exfiltrate arbitrary files from the server, including database credentials, patient records, and source code. The fax endpoint fails to validate or restrict file paths, enabling attackers to read and transmit sensitive data to attacker-controlled phone numbers. Public exploit code exists for this vulnerability, and a patch is available.

Path Traversal Openemr
CVE-2026-24351 MEDIUM CVSS 5.4
PluXml CMS versions 5.8.21 and 5.9.0-rc7 contain a stored cross-site scripting vulnerability in the static pages editor that allows authenticated users with editing privileges to inject malicious JavaScript and HTML into pages. When other users visit the compromised pages, the injected code executes in their browsers, potentially enabling session hijacking, credential theft, or malware distribution. No patch is currently available from the vendor.

XSS Pluxml
CVE-2026-24350 MEDIUM CVSS 5.4
Stored XSS in PluXml CMS file upload functionality allows authenticated attackers to embed malicious payloads in SVG files that execute when victims directly access the uploaded files. The vulnerability affects at least versions 5.8.21 and 5.9.0-rc7, with other versions untested. No patch is currently available from the vendor.

XSS Pluxml
CVE-2026-22890 MEDIUM CVSS 6.5
Ev2go.Io charging stations expose authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated remote attackers to obtain sensitive identification data. This exposure could enable unauthorized access to charging infrastructure or facilitate further attacks against connected systems. No patch is currently available for this vulnerability.

Authentication Bypass Ev2go.Io
CVE-2026-22878 MEDIUM CVSS 6.5
Mobility46.Se charging stations expose authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated attackers to obtain sensitive authentication data. This disclosure could enable unauthorized access to charging infrastructure and associated user accounts. No patch is currently available to address this exposure.

Authentication Bypass Mobility46.Se
CVE-2026-22716 MEDIUM CVSS 5.0
VMware Workstation 25H1 and earlier contains an out-of-bounds write vulnerability that allows unprivileged guest VM users to crash specific Workstation processes. The vulnerability requires user interaction and does not enable privilege escalation or data theft, making it suitable for denial-of-service attacks against the host virtualization platform. No patch is currently available for this medium-severity flaw.

VMware
CVE-2026-20797 MEDIUM CVSS 4.3
Unauthenticated attackers can exploit a stack buffer overflow in XWEB Pro firmware (versions 1.12.1 and earlier) through an unprotected API endpoint to corrupt memory and crash the affected device. This vulnerability impacts Xweb 500b Pro, 300d Pro, and 500d Pro models, causing denial of service with no authentication required. No patch is currently available for this issue.

Buffer Overflow Xweb 500b Pro Firmware Xweb 300d Pro Firmware Xweb 500d Pro Firmware
CVE-2026-20791 MEDIUM CVSS 6.5
Chargemap.Com exposes charging station authentication credentials through publicly accessible web-based mapping interfaces, allowing unauthenticated attackers to obtain sensitive authentication data. This vulnerability enables attackers to potentially access or manipulate charging station services, affecting users and operators who rely on the platform. No patch is currently available to remediate this exposure.

Authentication Bypass Chargemap.Com
CVE-2026-20733 MEDIUM CVSS 6.5
Cloudcharge.Se charging stations expose authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated attackers to discover and potentially intercept sensitive station identifiers. This exposure could enable unauthorized access to charging infrastructure or user accounts without requiring authentication bypass techniques. No patch is currently available for this vulnerability.

Authentication Bypass Cloudcharge.Se
CVE-2026-3302 MEDIUM CVSS 4.3
Cross-site scripting (XSS) in SourceCodester Doctor Appointment System 1.0 allows unauthenticated remote attackers to inject malicious scripts via the Email parameter in the /register.php Sign Up Page. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. The lack of an available patch leaves affected systems vulnerable to session hijacking and credential theft.

PHP XSS Doctor Appointment System
CVE-2026-3292 MEDIUM CVSS 6.3
SQL injection in jizhiCMS up to version 2.5.6 via the findAll function in the Model.php batch interface allows authenticated remote attackers to manipulate database queries and potentially access or modify sensitive data. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. The flaw requires valid user credentials but can be exploited over the network with minimal additional complexity.

PHP SQLi Jizhicms
CVE-2026-3289 MEDIUM CVSS 6.3
Path traversal in Sanluan PublicCMS 6.202506.d's Template Cache Generation component allows authenticated remote attackers to manipulate the saveMetadata function and access arbitrary files on the system. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor who has not responded to disclosure attempts.

Java Path Traversal Publiccms
CVE-2026-3287 MEDIUM CVSS 6.3
SQL injection in Youlai Mall 2.0.0's product pagination endpoint allows authenticated remote attackers to manipulate the sortField parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch. Attackers with valid credentials can exploit this flaw to read or modify sensitive data within the database.

Java SQLi Youlai Mall
CVE-2026-3286 MEDIUM CVSS 6.3
Server-side request forgery in Paicoding 1.0.0-1.0.3 allows authenticated attackers to manipulate the image upload parameter and trigger arbitrary outbound requests from the affected server. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires valid credentials but poses risks to internal network reconnaissance and data exfiltration.

Java Github SSRF Paicoding
CVE-2026-3281 MEDIUM CVSS 5.3
Heap-based buffer overflow in libvips 8.19.0's vips_bandrank_build function can be triggered by manipulating the index argument, allowing local attackers with user privileges to corrupt heap memory and potentially achieve code execution. Public exploit code exists for this vulnerability, and a patch is available to address the issue.

Buffer Overflow Heap Overflow Libvips
CVE-2026-3277 MEDIUM CVSS 6.5
authentication configuration in PowerShell Universal versions up to 2026.1.3 is affected by cleartext storage of sensitive information.

Information Disclosure
CVE-2026-3270 MEDIUM CVSS 6.3
Server-side request forgery in PSI Probe up to version 5.3.0 allows authenticated attackers to conduct arbitrary network requests through the Whois lookup function. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor. The flaw requires valid credentials but can be exploited remotely with minimal complexity.

Java SSRF Psi Probe
CVE-2026-3269 MEDIUM CVSS 4.3
Psi Probe versions up to 5.3.0 contain a denial of service vulnerability in the session expiration handler that allows authenticated remote attackers to crash the application through request manipulation. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. The vulnerability affects Java-based deployments of Psi Probe used for Tomcat monitoring.

Java Denial Of Service Psi Probe
CVE-2026-3255 MEDIUM CVSS 6.5
HTTP::Session2 before version 1.12 for Perl generates predictable session identifiers on Windows systems when /dev/urandom is unavailable, falling back to weak randomization using rand() combined with guessable values like PID and epoch time. An attacker could predict valid session IDs to hijack user sessions, as SHA-1 hashing of these weak inputs provides insufficient cryptographic protection. This affects Perl applications using HTTP::Session2 on Windows platforms where secure random sources are not accessible.

Windows
CVE-2026-2831 MEDIUM CVSS 4.9
SQL injection in the MailArchiver WordPress plugin through version 4.5.0 allows authenticated administrators to extract sensitive database information by injecting malicious SQL commands via the 'logid' parameter due to improper input escaping. The vulnerability requires high-level privileges and administrator credentials to exploit, limiting its risk to insider threats or compromised administrative accounts. No patch is currently available for this medium-severity issue.

WordPress SQLi
CVE-2026-2383 MEDIUM CVSS 6.4
Stored XSS in Simple Download Monitor plugin for WordPress through version 4.0.5 allows authenticated users with Contributor privileges or higher to inject malicious scripts via custom fields that execute in other users' browsers. The vulnerability stems from inadequate input sanitization and output encoding, enabling attackers to compromise page integrity and steal user data. No patch is currently available.

WordPress XSS
CVE-2026-2362 MEDIUM CVSS 6.4
Stored DOM-based XSS in WordPress WP Accessibility plugin (versions up to 2.3.1) allows authenticated contributors and above to inject malicious scripts via image alt attributes when the Long Description UI feature is enabled and configured as a link. The injected scripts execute in the browsers of any user accessing affected pages. No patch is currently available and exploitation requires specific plugin settings to be enabled.

WordPress XSS
CVE-2026-1627 MEDIUM CVSS 6.5
Outdated MAC algorithms in SSH implementations for Mrs1000 and Lms1000 device firmware enable network-positioned attackers to tamper with session data integrity without user interaction. An attacker with network access can manipulate transmitted SSH traffic due to the use of cryptographically weak message authentication codes. No patch is currently available for affected devices.

Ssh Mrs1000 Firmware Lms1000 Firmware
CVE-2026-1626 MEDIUM CVSS 6.5
Weak CBC cipher suite implementations in SSH services across SSH, LMS1000, and MRS1000 devices enable network-positioned attackers to observe or modify encrypted SSH traffic without authentication. The vulnerability requires user interaction and network access but poses a confidentiality risk to sensitive communications. No patch is currently available.

Ssh Lms1000 Firmware Mrs1000 Firmware
CVE-2026-1585 MEDIUM CVSS 6.7
Unquoted service path handling in IJ Scan Utility versions 1.1.2 through 1.5.0 on Windows allows privileged local attackers to achieve arbitrary code execution by placing a malicious executable in a predictable directory location. An authenticated user with high privileges could exploit this weakness to execute commands with the same permissions as the vulnerable service. No patch is currently available for this issue.

Windows
CVE-2026-1558 MEDIUM CVSS 5.3
Unauthenticated attackers can modify arbitrary post metadata in WordPress sites running WP Recipe Maker plugin versions up to 10.3.2 due to an insecure direct object reference in the Instacart integration REST API endpoint. The vulnerability stems from improper authorization checks on the recipeId parameter, allowing attackers to overwrite recipe configuration data without authentication. No patch is currently available for this issue.

WordPress
CVE-2026-1434 MEDIUM CVSS 6.1
Omega Psir contains a reflected cross-site scripting (XSS) vulnerability in the lang parameter that allows attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. The vulnerability affects unauthenticated users who click on attacker-controlled links, potentially enabling session hijacking, credential theft, or malware distribution. No patch is currently available for this MEDIUM severity flaw.

XSS Omega Psir
CVE-2026-1305 MEDIUM CVSS 5.3
The Japanized for WooCommerce plugin through version 2.8.4 fails to properly validate webhook signatures, allowing unauthenticated attackers to bypass payment authentication and fraudulently update order statuses to "Processing" or "Completed" without actual payment. An attacker can exploit this by omitting the signature header in POST requests to the Paidy webhook endpoint, resulting in the permission check unconditionally returning true. No patch is currently available.

WordPress
CVE-2026-0871 MEDIUM CVSS 4.9
Build Of Keycloak contains a vulnerability that allows attackers to unauthorized changes to user profiles, even when the system is configured to res (CVSS 4.9).

Authentication Bypass Keycloak Build Of Keycloak Redhat
CVE-2025-15509 MEDIUM CVSS 4.3
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage. [CVSS 4.3 MEDIUM]

Authentication Bypass Smartremote Module
CVE-2025-14149 MEDIUM CVSS 6.4
The Xpro Addons - 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Scroller widget box link attribute in all versions up to, and including, 1.4.24 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
CVE-2025-14142 MEDIUM CVSS 6.4
The Electric Enquiries plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button' parameter of the electric-enquiry shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
CVE-2025-14040 MEDIUM CVSS 6.4
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
CVE-2025-13327 MEDIUM CVSS 6.3
A flaw was found in uv. This vulnerability allows an attacker to execute malicious code during package resolution or installation via specially crafted ZIP (Zipped Information Package) archives that exploit parsing differentials, requiring user interaction to install an attacker-controlled package. [CVSS 6.3 MEDIUM]

Information Disclosure Uv Redhat Suse
CVE-2025-11950 MEDIUM CVSS 6.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KNOWHY Advanced Technology Trading Ltd. Co. [CVSS 6.3 MEDIUM]

XSS Eduasist
CVE-2025-9909 MEDIUM CVSS 6.7
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. [CVSS 6.7 MEDIUM]

Redhat Information Disclosure
CVE-2025-9908 MEDIUM CVSS 6.7
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. [CVSS 6.7 MEDIUM]

Redhat Information Disclosure
CVE-2025-9907 MEDIUM CVSS 6.7
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the test_headers field when an event stream is in test mode. [CVSS 6.7 MEDIUM]

Redhat Privilege Escalation Information Disclosure
CVE-2025-9572 MEDIUM CVSS 5.0
n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass. [CVSS 5.0 MEDIUM]

Information Disclosure Redhat
CVE-2024-10938 MEDIUM CVSS 6.5
The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives to prevent the execution of certain scripts while allowing execution of known malicious PHP files. [CVSS 6.5 MEDIUM]

WordPress PHP
CVE-2021-4456 MEDIUM CVSS 6.5
Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions `addr2cidr` and `cidrlookup` may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. [CVSS 6.5 MEDIUM]

Authentication Bypass Suse
CVE-2018-25160 MEDIUM CVSS 6.5
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. [CVSS 6.5 MEDIUM]

Code Injection
CVE-2026-28422 LOW CVSS 2.2
Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide terminal. [CVSS 2.2 LOW]

Buffer Overflow
CVE-2026-28355 None
Canarytokens help track activity and actions on a network. Versions prior to `sha-7ff0e12` have a Self Cross-Site Scripting vulnerability in the "PWA" Canarytoken, whereby the Canarytoken's creator can attack themselves or someone they share the link with.

Docker XSS
CVE-2026-27759 None
Featured Image from Content (featured-image-from-content) WordPress plugin versions prior to 1.7 contain an authenticated server-side request forgery vulnerability that allows Author-level users to fetch internal HTTP resources.

WordPress SSRF
CVE-2026-27167 NONE
Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g.

Python Hugging Face AI / ML
CVE-2026-22877 LOW CVSS 3.7
An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to read arbitrary files on the system, and potentially causing a denial-of-service attack. [CVSS 3.7 LOW]

Path Traversal Information Disclosure
CVE-2026-22717 LOW CVSS 2.7
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed. [CVSS 2.7 LOW]

VMware Information Disclosure
CVE-2026-21619 LOW CVSS 2.0
Uncontrolled resource consumption in hex_core, hex, and rebar3 package managers results from unsafe deserialization of untrusted data in API request handling, enabling remote attackers to trigger excessive memory allocation and denial of service without authentication. Affected versions include hex_core before 0.12.1, hex before 2.3.2, and rebar3 before 3.27.0, with no patch currently available. An attacker can exploit this remotely over the network to exhaust system resources and crash affected Erlang/Elixir build environments.

Deserialization Denial Of Service
CVE-2026-3327 None
Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated user to circumvent the restriction enforced on the configured frontend URL, enabling the loading of arbitrary external resources or origins.

XSS
CVE-2026-3304 None
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion.

Node.js Denial Of Service
CVE-2026-3293 LOW CVSS 3.3
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. [CVSS 3.3 LOW]

Java
CVE-2026-3285 LOW CVSS 3.3
A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scan_string of the file src/be_lexer.c. [CVSS 3.3 LOW]

Buffer Overflow
CVE-2026-3284 LOW CVSS 3.3
A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the file libvips/conversion/extract.c. [CVSS 3.3 LOW]

Integer Overflow
CVE-2026-3283 LOW CVSS 3.3
A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_build of the file libvips/conversion/extract.c. [CVSS 3.3 LOW]

Buffer Overflow
CVE-2026-3282 LOW CVSS 3.3
A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_build of the file libvips/conversion/unpremultiply.c. [CVSS 3.3 LOW]

Buffer Overflow
CVE-2026-3223 None
Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.

Google Privilege Escalation
CVE-2026-2880 None
A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-scoped middleware (for example, app.use('/secret', auth)).

Code Injection
CVE-2026-2359 None
A vulnerability in Multer versions up to 2.1.0 is affected by missing release of resource after effective lifetime.

Node.js Denial Of Service
CVE-2026-2293 None
A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization options are enabled. This issue affects nest.Js: 11.1.13.

Authentication Bypass
CVE-2025-15567 LOW CVSS 3.3
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure. [CVSS 3.3 LOW]

Information Disclosure
CVE-2025-15498 None
Pro3W CMS if vulnerable to SQL injection attacks. Improper neutralization of input provided into a login form allows an unauthenticated attacker to bypass authentication and gain administrative privileges.

SQLi Authentication Bypass
CVE-2025-12150 LOW CVSS 3.1
A flaw was found in Keycloak’s WebAuthn registration component. [CVSS 3.1 LOW]

Authentication Bypass

Today's Vulnerabilities Vulnerabilities