Skip to main content
CVE-2026-28338 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) in PMD's legacy vbhtml and yahtml report formats allows arbitrary JavaScript execution when HTML reports are opened in a browser, triggered by analyzing malicious source code containing crafted string literals. Public exploit code exists for this vulnerability affecting PMD versions prior to 7.22.0. The impact is limited since these legacy formats are rarely used and the default html format is properly escaped.

XSS Pmd
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-27734 MEDIUM POC PATCH This Month

Path traversal in Beszel hub's container API endpoints allows authenticated users, including those with read-only roles, to bypass validation and access arbitrary Docker Engine API endpoints on agent hosts through improper URL path construction. This exposure of sensitive infrastructure details affects Beszel versions prior to 0.18.4 and Docker integrations, with public exploit code already available. The vulnerability requires valid authentication but no special privileges, making it exploitable by low-privileged users in multi-tenant environments.

Docker Beszel Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28354 MEDIUM POC This Month

Unauthorized collection manipulation in ClipBucket v5 prior to 5.5.3 #59 allows authenticated attackers to add or remove items from other users' collections due to missing and broken authorization checks in the add and delete item functions. An attacker with valid credentials can exploit this to alter collections they do not own without restriction. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP Clipbucket
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24488 MEDIUM POC PATCH This Month

OpenEMR versions up to 8.0.0 contain a path traversal vulnerability in the fax sending functionality that allows authenticated users to exfiltrate arbitrary files from the server, including database credentials, patient records, and source code. The fax endpoint fails to validate or restrict file paths, enabling attackers to read and transmit sensitive data to attacker-controlled phone numbers. Public exploit code exists for this vulnerability, and a patch is available.

Path Traversal Openemr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27810 MEDIUM POC This Month

HTTP response header injection in Calibre Content Server prior to version 9.4.0 permits authenticated users to inject arbitrary headers through an unsanitized query parameter, potentially enabling cache poisoning, session fixation, or credential theft attacks. Any authenticated user can exploit this vulnerability directly or via social engineering, affecting all instances with authentication enabled. Public exploit code exists and no patch is currently available.

Code Injection Calibre Suse
NVD GitHub
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-26997 MEDIUM POC PATCH This Month

Stored cross-site scripting in ClipBucket v5 prior to version 5.5.3 #59 allows authenticated users to inject malicious scripts that execute when viewed by administrators, enabling session hijacking or credential theft. Public exploit code exists for this vulnerability, which affects the open-source video sharing platform and has been patched in the latest release.

XSS Clipbucket
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-28288 MEDIUM POC This Month

Dify versions prior to 1.9.0 leak information through inconsistent API responses that distinguish between registered and non-registered email addresses, enabling attackers to enumerate valid user accounts. Public exploit code exists for this vulnerability, and affected users should upgrade to version 1.9.0 or later to remediate the information disclosure risk.

Information Disclosure AI / ML Dify
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-27824 MEDIUM POC This Month

Calibre Content Server's brute-force protection can be bypassed by manipulating the X-Forwarded-For HTTP header, allowing attackers to circumvent IP-based account lockouts and conduct credential stuffing attacks. Public exploit code exists for this vulnerability, which affects Calibre versions prior to 9.4.0 and poses a significant risk to internet-exposed servers where brute-force protection is the primary authentication defense mechanism. No patch is currently available for affected versions.

Authentication Bypass Calibre Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28423 MEDIUM PATCH This Month

Statmatic is a Laravel and Git powered content management system (CMS). [CVSS 6.8 MEDIUM]

Laravel Statamic
NVD GitHub
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-1585 MEDIUM This Month

Unquoted service path handling in IJ Scan Utility versions 1.1.2 through 1.5.0 on Windows allows privileged local attackers to achieve arbitrary code execution by placing a malicious executable in a predictable directory location. An authenticated user with high privileges could exploit this weakness to execute commands with the same permissions as the vulnerable service. No patch is currently available for this issue.

Windows
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-9909 MEDIUM PATCH This Month

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. [CVSS 6.7 MEDIUM]

Red Hat Information Disclosure
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-9908 MEDIUM PATCH This Month

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. [CVSS 6.7 MEDIUM]

Red Hat Information Disclosure
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-9907 MEDIUM PATCH This Month

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the test_headers field when an event stream is in test mode. [CVSS 6.7 MEDIUM]

Red Hat Privilege Escalation Information Disclosure
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-27653 MEDIUM This Month

Soliton Systems installers for Securebrowser For Onegate, Secureworkspace, and Securebrowser II fail to set proper file permissions during installation, enabling local authenticated users to execute arbitrary code with SYSTEM privileges. An attacker with user-level access can exploit this misconfiguration to achieve full system compromise. No patch is currently available.

Privilege Escalation RCE Securebrowser For Onegate Secureworkspace Securebrowser Ii
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2021-4456 MEDIUM PATCH This Month

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions `addr2cidr` and `cidrlookup` may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. [CVSS 6.5 MEDIUM]

Authentication Bypass Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-22878 MEDIUM This Month

Mobility46.Se charging stations expose authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated attackers to obtain sensitive authentication data. This disclosure could enable unauthorized access to charging infrastructure and associated user accounts. No patch is currently available to address this exposure.

Authentication Bypass Mobility46.Se
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-27753 MEDIUM This Month

Sl902-Swtgw124As Firmware versions up to 200.1.20 is affected by improper restriction of excessive authentication attempts (CVSS 6.5).

Authentication Bypass Sl902 Swtgw124as Firmware
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-10938 MEDIUM This Month

The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives to prevent the execution of certain scripts while allowing execution of known malicious PHP files. [CVSS 6.5 MEDIUM]

WordPress PHP
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-28352 MEDIUM PATCH This Month

Missing authentication checks on Indico's event series management API endpoint allows unauthenticated attackers to view event metadata, delete series, and modify series configurations. The vulnerability affects Indico versions prior to 3.3.11 and has limited impact as it does not grant access to actual event data beyond basic metadata. Upgrade to version 3.3.11 or restrict API endpoint access at the web server level to remediate.

Flask Indico
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-20791 MEDIUM This Month

Chargemap.Com exposes charging station authentication credentials through publicly accessible web-based mapping interfaces, allowing unauthenticated attackers to obtain sensitive authentication data. This vulnerability enables attackers to potentially access or manipulate charging station services, affecting users and operators who rely on the platform. No patch is currently available to remediate this exposure.

Authentication Bypass Chargemap.Com
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-25774 MEDIUM This Month

Ev.Energy charging stations expose authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated remote attackers to obtain access identifiers. An attacker with these credentials could potentially intercept or manipulate charging sessions and related data. No patch is currently available for this exposure.

Authentication Bypass Ev.Energy
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27773 MEDIUM This Month

Switchenergy.Com exposes charging station authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated attackers to discover and potentially intercept sensitive authentication data. This vulnerability affects users and operators relying on the platform's mapping functionality and could enable unauthorized access to charging infrastructure. No patch is currently available to address this exposure.

Authentication Bypass Swtchenergy.Com
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-22890 MEDIUM This Month

Ev2go.Io charging stations expose authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated remote attackers to obtain sensitive identification data. This exposure could enable unauthorized access to charging infrastructure or facilitate further attacks against connected systems. No patch is currently available for this vulnerability.

Authentication Bypass Ev2go.Io
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20733 MEDIUM This Month

Cloudcharge.Se charging stations expose authentication credentials through publicly accessible web-based mapping platforms, allowing unauthenticated attackers to discover and potentially intercept sensitive station identifiers. This exposure could enable unauthorized access to charging infrastructure or user accounts without requiring authentication bypass techniques. No patch is currently available for this vulnerability.

Authentication Bypass Cloudcharge.Se
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28424 MEDIUM PATCH This Month

Statamic CMS versions before 5.73.11 and 6.4.0 expose user email addresses through the user fieldtype data endpoint to authenticated users lacking "view users" permissions, allowing information disclosure. An authenticated attacker with limited privileges can retrieve sensitive email information that should be restricted, potentially enabling targeted attacks or account enumeration.

Laravel Statamic
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27793 MEDIUM PATCH This Month

Seerr prior to version 3.1.0 leaks sensitive third-party API credentials (Pushover, Pushbullet, Telegram) through the GET /api/v1/user/:id endpoint to any authenticated user regardless of privilege level. When combined with CVE-2026-27707 (unauthenticated account creation), an attacker can gain zero-prior-access to extract credentials for all users including administrators. The vulnerability is fixed in version 3.1.0.

Authentication Bypass Seerr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28271 MEDIUM This Month

Kiteworks versions prior to 9.2.0 contain a DNS rebinding vulnerability that allows authenticated administrators to circumvent SSRF protections and access restricted internal services. An attacker with administrative privileges could exploit this misconfiguration to reach backend systems that should be isolated from external access. No patch is currently available for affected deployments.

DNS SSRF Kiteworks
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2018-25160 MEDIUM This Month

HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. [CVSS 6.5 MEDIUM]

Code Injection Http
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27754 MEDIUM This Month

Session cookie forgery in SODOLA SL902-SWTGW124AS firmware through version 200.1.20 stems from the use of cryptographically broken MD5 hashing for session token generation, allowing unauthenticated remote attackers to forge valid session cookies and gain unauthorized device access. The vulnerability requires no user interaction and affects all default configurations, with no patch currently available. MD5's known collision vulnerabilities combined with predictable token generation significantly lower the computational barrier for successful exploitation.

Authentication Bypass Sl902 Swtgw124as Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1627 MEDIUM This Month

Outdated MAC algorithms in SSH implementations for Mrs1000 and Lms1000 device firmware enable network-positioned attackers to tamper with session data integrity without user interaction. An attacker with network access can manipulate transmitted SSH traffic due to the use of cryptographically weak message authentication codes. No patch is currently available for affected devices.

SSH Mrs1000 Firmware Lms1000 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1626 MEDIUM This Month

Weak CBC cipher suite implementations in SSH services across SSH, LMS1000, and MRS1000 devices enable network-positioned attackers to observe or modify encrypted SSH traffic without authentication. The vulnerability requires user interaction and network access but poses a confidentiality risk to sensitive communications. No patch is currently available.

SSH Lms1000 Firmware Mrs1000 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-3255 MEDIUM PATCH This Month

HTTP::Session2 before version 1.12 for Perl generates predictable session identifiers on Windows systems when /dev/urandom is unavailable, falling back to weak randomization using rand() combined with guessable values like PID and epoch time. An attacker could predict valid session IDs to hijack user sessions, as SHA-1 hashing of these weak inputs provides insufficient cryptographic protection. This affects Perl applications using HTTP::Session2 on Windows platforms where secure random sources are not accessible.

Windows
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-3277 MEDIUM This Month

authentication configuration in PowerShell Universal versions up to 2026.1.3 is affected by cleartext storage of sensitive information.

Information Disclosure Powershell Universal
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2362 MEDIUM This Month

Stored DOM-based XSS in WordPress WP Accessibility plugin (versions up to 2.3.1) allows authenticated contributors and above to inject malicious scripts via image alt attributes when the Long Description UI feature is enabled and configured as a link. The injected scripts execute in the browsers of any user accessing affected pages. No patch is currently available and exploitation requires specific plugin settings to be enabled.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-2383 MEDIUM This Month

Stored XSS in Simple Download Monitor plugin for WordPress through version 4.0.5 allows authenticated users with Contributor privileges or higher to inject malicious scripts via custom fields that execute in other users' browsers. The vulnerability stems from inadequate input sanitization and output encoding, enabling attackers to compromise page integrity and steal user data. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-14142 MEDIUM This Month

The Electric Enquiries plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button' parameter of the electric-enquiry shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-14149 MEDIUM This Month

The Xpro Addons - 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Scroller widget box link attribute in all versions up to, and including, 1.4.24 due to insufficient input sanitization and output escaping on user supplied attributes. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-14040 MEDIUM This Month

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. [CVSS 6.4 MEDIUM]

WordPress XSS PHP
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-11950 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KNOWHY Advanced Technology Trading Ltd. Co. [CVSS 6.3 MEDIUM]

XSS Eduasist
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-13327 MEDIUM PATCH This Month

A flaw was found in uv. This vulnerability allows an attacker to execute malicious code during package resolution or installation via specially crafted ZIP (Zipped Information Package) archives that exploit parsing differentials, requiring user interaction to install an attacker-controlled package. [CVSS 6.3 MEDIUM]

Information Disclosure Uv Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-27756 MEDIUM This Month

Sl902-Swtgw124As Firmware versions up to 200.1.20 is affected by cross-site scripting (xss) (CVSS 6.1).

XSS Sl902 Swtgw124as Firmware
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-1434 MEDIUM This Month

Omega Psir contains a reflected cross-site scripting (XSS) vulnerability in the lang parameter that allows attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. The vulnerability affects unauthenticated users who click on attacker-controlled links, potentially enabling session hijacking, credential theft, or malware distribution. No patch is currently available for this MEDIUM severity flaw.

XSS Omega Psir
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-27752 MEDIUM This Month

Sl902-Swtgw124As Firmware versions up to 200.1.20 is affected by cleartext transmission of sensitive information (CVSS 5.9).

Information Disclosure Sl902 Swtgw124as Firmware
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-24350 MEDIUM This Month

Stored XSS in PluXml CMS file upload functionality allows authenticated attackers to embed malicious payloads in SVG files that execute when victims directly access the uploaded files. The vulnerability affects at least versions 5.8.21 and 5.9.0-rc7, with other versions untested. No patch is currently available from the vendor.

XSS Pluxml
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-27792 MEDIUM PATCH This Month

Seerr versions 2.7.0 through 3.0.x contain an authorization bypass in push subscription API endpoints that allows authenticated users to read and modify other users' data due to missing permission checks. An attacker with valid credentials can exploit this to access sensitive information and alter configurations belonging to arbitrary accounts. The vulnerability is fixed in version 3.1.0.

Authentication Bypass Seerr
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-1305 MEDIUM This Month

The Japanized for WooCommerce plugin through version 2.8.4 fails to properly validate webhook signatures, allowing unauthenticated attackers to bypass payment authentication and fraudulently update order statuses to "Processing" or "Completed" without actual payment. An attacker can exploit this by omitting the signature header in POST requests to the Paidy webhook endpoint, resulting in the permission check unconditionally returning true. No patch is currently available.

WordPress
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2026-1558 MEDIUM This Month

Unauthenticated attackers can modify arbitrary post metadata in WordPress sites running WP Recipe Maker plugin versions up to 10.3.2 due to an insecure direct object reference in the Instacart integration REST API endpoint. The vulnerability stems from improper authorization checks on the recipeId parameter, allowing attackers to overwrite recipe configuration data without authentication. No patch is currently available for this issue.

WordPress
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-28351 MEDIUM PATCH This Month

Crafted PDF files can trigger excessive memory consumption in pypdf versions before 6.7.4 when processing content streams with the RunLengthDecode filter, enabling denial-of-service attacks against applications using the library. An unauthenticated attacker can exploit this remotely by submitting a malicious PDF, causing the affected application to exhaust system memory. A patch is available in pypdf 6.7.4 and later.

Python Pypdf Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-28407 MEDIUM PATCH This Month

Malcontent versions before 1.21.0 fail to preserve nested archives that cannot be extracted, potentially allowing malicious content to evade detection during supply-chain compromise analysis. An attacker could exploit this by embedding malicious payloads in problematic nested archives that the tool would discard without scanning. The vulnerability has a patch available in version 1.21.0 and later.

Information Disclosure Malcontent Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28421 MEDIUM POC PATCH This Month

Vim versions before 9.2.0077 contain heap buffer overflow and segmentation fault vulnerabilities in swap file recovery that can be triggered by opening a specially crafted swap file, affecting users who recover sessions from untrusted sources. An attacker could exploit this to cause application crashes or potentially achieve code execution through memory corruption. A patch is available in version 9.2.0077 and later.

Code Injection Vim Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy