Skip to main content
CVE-2026-28289 CRITICAL POC PATCH Act Now

File upload bypass in FreeScout 1.8.206 — patch bypass for CVE-2026-27636. PoC and patch available. CVSS 10.0.

PHP Laravel RCE Race Condition Freescout
NVD GitHub
CVSS 3.1
10.0
EPSS
0.0%
CVE-2026-27971 CRITICAL POC PATCH THREAT Act Now

RCE in Qwik JavaScript framework <= 1.19.0 via unsafe deserialization in server$ Runtime. EPSS 13.4% with PoC available.

RCE Deserialization Qwik
NVD GitHub
CVSS 3.1
9.8
EPSS
13.4%
CVE-2026-24898 CRITICAL POC PATCH Act Now

Unauthenticated token disclosure in OpenEMR before 8.0.0. CVSS 10.0. PoC and patch available.

Authentication Bypass Information Disclosure PHP Openemr
NVD GitHub
CVSS 3.1
10.0
EPSS
0.2%
CVE-2026-24848 CRITICAL POC Act Now

Path traversal in OpenEMR 7.0.4 disposeDocument() allows file access. PoC available.

PHP RCE Openemr
NVD GitHub
CVSS 3.1
9.9
EPSS
0.2%
CVE-2026-3485 CRITICAL POC Act Now

Command injection in D-Link DIR-868L via SSDP service. PoC available.

D-Link Command Injection Dir 868l Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
0.4%
CVE-2026-22891 CRITICAL POC Act Now

Heap overflow in libbiosig 3.9.2 Intan CLP parsing. PoC available.

Buffer Overflow Heap Overflow Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-1492 CRITICAL POC Act Now

Privilege escalation in User Registration & Membership WordPress plugin.

WordPress Privilege Escalation
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70240 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard51. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70239 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard55. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70234 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70241 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANType_Wizard5. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70237 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetPortTr. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70236 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDomainFilter. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-24103 CRITICAL POC Act Now

Buffer overflow in Tenda AC15V1.0 via formSetMacFilterCfg. PoC available.

Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70821 CRITICAL POC Act Now

SQL injection in renren-security before v5.5.0 in BaseServiceImpl.java. PoC available.

Java SQLi Renren Security
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27012 CRITICAL POC Act Now

Privilege escalation and auth bypass in OpenSTAManager 2.9.8. PoC available.

PHP Privilege Escalation Authentication Bypass Openstamanager
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-25146 CRITICAL POC PATCH Act Now

Information disclosure in OpenEMR 5.0.2 to before 8.0.0 exposes sensitive data. PoC and patch available.

Information Disclosure Openemr
NVD GitHub
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-26279 CRITICAL POC PATCH Act Now

Command injection in Froxlor server admin before 2.3.4 due to typo (== instead of =) disabling input validation entirely. PoC and patch available.

RCE Froxlor
NVD GitHub
CVSS 3.1
9.1
EPSS
0.6%
CVE-2025-66945 CRITICAL POC Act Now

Zip slip to arbitrary file write in Zdir Pro 4.x ZIP extraction API. PoC available.

RCE Path Traversal Zdir
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-27622 HIGH POC PATCH This Week

Out-of-bounds heap write in OpenEXR's CompositeDeepScanLine::readPixels lets a crafted multi-part deep-scanline EXR file corrupt memory when parsed by an application that links the library. Attacker-controlled per-part sample counts are accumulated into 32-bit total_sizes entries that wrap modulo 2^32, yielding an undersized overall_sample_count used to size the composite sample buffer, while decode setup and generic_unpack_deep_pointers in core unpack consume the true (larger) counts and write past the buffer. Publicly available exploit code exists, but EPSS exploitation probability is very low (0.01%, 2nd percentile) and it is not listed in CISA KEV, so no public evidence of active exploitation exists at time of analysis.

Buffer Overflow Openexr Memory Corruption
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-27601 HIGH POC PATCH This Week

Unbounded recursion in Underscore.js versions before 1.13.8 enables denial of service attacks when the _.flatten or _.isEqual functions process deeply nested untrusted data structures. An attacker can trigger stack overflow conditions by supplying specially crafted recursive input, causing affected applications to crash. Public exploit code exists for this vulnerability, and patches are available.

Denial Of Service Underscore
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-20777 HIGH POC This Week

Arbitrary code execution in libbiosig 3.9.2 and Master Branch can be triggered by parsing malicious Nicolet WFT files through a heap buffer overflow in the WFT parsing functionality. An attacker can exploit this vulnerability by supplying a crafted .wft file to execute arbitrary code on affected systems. Public exploit code exists for this vulnerability, though no patch is currently available.

Buffer Overflow Heap Overflow Libbiosig
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-27905 HIGH POC PATCH This Week

Arbitrary file write in BentoML prior to version 1.4.36 allows local attackers to write files to arbitrary locations on the host system by crafting malicious tar archives containing symlinks that point outside the extraction directory. The vulnerability exists because the safe_extract_tarfile() function fails to validate symlink targets, only validating the symlink path itself, enabling attackers to bypass directory traversal protections. Public exploit code exists for this vulnerability; users should upgrade to version 1.4.36 or later.

Python AI / ML Bentoml
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-69765 HIGH POC This Week

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution. [CVSS 7.5 HIGH]

RCE Stack Overflow Memory Corruption Ax3 Firmware Tenda
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-27932 HIGH POC PATCH This Week

Joserfc versions 1.6.2 and earlier fail to validate the PBES2 iteration count parameter in JWE tokens, allowing unauthenticated attackers to trigger CPU exhaustion by specifying arbitrarily large values in the p2c header field. An attacker can exploit this resource exhaustion vulnerability to cause denial of service against any system using the library to decrypt JWE tokens. Public exploit code exists for this vulnerability, and a patch is available.

Python Denial Of Service Joserfc Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-63912 HIGH POC This Week

Tranzman versions up to 4.0 is affected by use of a broken or risky cryptographic algorithm (CVSS 7.5).

Information Disclosure Tranzman
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-63911 HIGH POC This Week

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to contain an authenticated command injection vulnerability. [CVSS 7.2 HIGH]

Command Injection Tranzman
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2025-67840 HIGH POC This Week

Multiple authenticated OS command injection vulnerabilities exist in the Cohesity (formerly Stone Ram) TranZman 4.0 Build 14614 through TZM_1757588060_SEP2025_FULL.depot web application API endpoints (including Scheduler and Actions pages). [CVSS 7.2 HIGH]

RCE Command Injection Tranzman
NVD GitHub
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-63910 HIGH POC This Week

Tranzman versions up to 4.0 is affected by insufficient verification of data authenticity (CVSS 7.2).

File Upload Authentication Bypass RCE Tranzman
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-26892 HIGH POC This Week

Simple Logistic Hub Parcel\'S Management System versions up to 1.0 is affected by sql injection (CVSS 7.2).

PHP SQLi
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-63909 HIGH POC This Week

Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files. [CVSS 7.2 HIGH]

Privilege Escalation Authentication Bypass Tranzman
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-66680 HIGH POC This Week

An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request. [CVSS 7.1 HIGH]

Path Traversal Wise Force Deleter
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-29022 MEDIUM POC PATCH This Month

Heap buffer overflow in dr_libs 0.14.4 and earlier allows attackers to corrupt memory by supplying maliciously crafted WAV files to any application using drwav_init_*_with_metadata() functions. The vulnerability exploits inconsistent validation of sample loop counts between processing passes, enabling 36 bytes of attacker-controlled data to overflow heap allocations. Public exploit code exists for this vulnerability.

Buffer Overflow Heap Overflow Dr Libs
NVD GitHub VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-3484 MEDIUM POC PATCH This Month

Command injection in PhialsBasement nmap-mcp-server allows authenticated remote attackers to execute arbitrary system commands through the Nmap CLI Command Handler component due to improper input sanitization in child_process.exec. Public exploit code exists for this vulnerability, and affected users should apply the available patch to remediate the risk.

Command Injection Mcp Nmap Server
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.4%
CVE-2026-24415 MEDIUM POC PATCH This Month

Reflected cross-site scripting in OpenSTAManager v2.9.8 and earlier allows unauthenticated attackers to inject malicious scripts through unsanitized GET parameters in invoice/order/contract modification interfaces. Public exploit code exists for this vulnerability, affecting all users of the software. An attacker can steal session tokens, perform unauthorized actions, or compromise user browsers when victims interact with crafted malicious links.

XSS Openstamanager
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-64736 MEDIUM POC This Month

An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (5462afb0). A specially crafted .abf file can lead to an information leak. [CVSS 6.1 MEDIUM]

Buffer Overflow Information Disclosure Libbiosig
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-59059 CRITICAL PATCH Act Now

RCE in Apache Ranger <= 2.7.0 via NashornScriptEngineCreator. EPSS 0.42%.

Apache RCE Ranger
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-55020 CRITICAL Act Now

Command injection in Weintek cMT-3072XH2 HMI DHCP activation. EPSS 0.30%.

Command Injection Cmt 3072xh2 Firmware Easyweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-2628 CRITICAL Act Now

Auth bypass in All-in-One Microsoft 365 SSO WordPress plugin.

WordPress Authentication Bypass Microsoft
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-3136 CRITICAL Act Now

Improper authorization in Google Cloud Build GitHub Trigger allowing unauthenticated build execution. EPSS 0.19%.

Google Github Cloud Build
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-22886 CRITICAL Act Now

Default admin credentials in OpenMQ message broker. Shipped with known default admin password.

Information Disclosure Openmq
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-3266 CRITICAL Act Now

Missing authorization in OpenText Filr allows auth bypass via XSRF tokens.

Authentication Bypass Filr
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-55026 CRITICAL Act Now

Command execution via reset_pj.cgi in Weintek cMT-3072XH2.

RCE Easyweb Cmt 3072xh2 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-57622 CRITICAL Act Now

Pickle deserialization RCE in Step-Video-T2V via API endpoints.

Deserialization AI / ML
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3204 CRITICAL Act Now

Input validation flaw in Devolutions Server error message page enables remote spoofing attacks.

Code Injection Devolutions Server
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-55024 CRITICAL Act Now

Auth bypass in Weintek cMT-3072XH2 authorization mechanism.

Authentication Bypass Easyweb Cmt 3072xh2 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3224 CRITICAL Act Now

Azure AD auth bypass in Devolutions Server 2025.3.15.0 and earlier.

Azure Authentication Bypass Devolutions Server
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2590 CRITICAL Act Now

Insecure password saving enforcement in Devolutions Remote Desktop Manager 2025.3.

Hashicorp Information Disclosure
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3130 CRITICAL Act Now

Behavioral control bypass in Devolutions Server 2025.3.15 allows authenticated users to exploit delete permissions.

Information Disclosure Devolutions Server
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-21866 MEDIUM POC PATCH This Month

Dify versions prior to 1.11.2 contain a stored cross-site scripting vulnerability in Mermaid diagram rendering due to insecure default security configurations, allowing authenticated attackers with user interaction to inject and execute malicious scripts with cross-site impact. Public exploit code exists for this vulnerability, affecting users and developers of the Dify LLM application development platform. A patch is available in version 1.11.2 and later.

XSS AI / ML Dify
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy