Skip to main content
CVE-2026-28289 CRITICAL POC PATCH Act Now

File upload bypass in FreeScout 1.8.206 — patch bypass for CVE-2026-27636. PoC and patch available. CVSS 10.0.

PHP Laravel RCE Race Condition Freescout
NVD GitHub
CVSS 3.1
10.0
EPSS
0.0%
CVE-2026-27971 CRITICAL POC PATCH THREAT Act Now

RCE in Qwik JavaScript framework <= 1.19.0 via unsafe deserialization in server$ Runtime. EPSS 13.4% with PoC available.

RCE Deserialization Qwik
NVD GitHub
CVSS 3.1
9.8
EPSS
13.4%
CVE-2026-24898 CRITICAL POC PATCH Act Now

Unauthenticated token disclosure in OpenEMR before 8.0.0. CVSS 10.0. PoC and patch available.

Authentication Bypass Information Disclosure PHP Openemr
NVD GitHub
CVSS 3.1
10.0
EPSS
0.2%
CVE-2026-24848 CRITICAL POC Act Now

Path traversal in OpenEMR 7.0.4 disposeDocument() allows file access. PoC available.

PHP RCE Openemr
NVD GitHub
CVSS 3.1
9.9
EPSS
0.2%
CVE-2026-3485 CRITICAL POC Act Now

Command injection in D-Link DIR-868L via SSDP service. PoC available.

D-Link Command Injection Dir 868l Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
0.4%
CVE-2026-22891 CRITICAL POC Act Now

Heap overflow in libbiosig 3.9.2 Intan CLP parsing. PoC available.

Buffer Overflow Heap Overflow Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-1492 CRITICAL POC Act Now

Privilege escalation in User Registration & Membership WordPress plugin.

WordPress Privilege Escalation
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70240 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard51. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70239 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard55. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70234 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70241 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANType_Wizard5. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70237 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetPortTr. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70236 CRITICAL POC Act Now

Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDomainFilter. Part of a family of 15+ critical buffer overflows in this router.

D-Link Buffer Overflow Dir 513 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-24103 CRITICAL POC Act Now

Buffer overflow in Tenda AC15V1.0 via formSetMacFilterCfg. PoC available.

Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-70821 CRITICAL POC Act Now

SQL injection in renren-security before v5.5.0 in BaseServiceImpl.java. PoC available.

Java SQLi Renren Security
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27012 CRITICAL POC Act Now

Privilege escalation and auth bypass in OpenSTAManager 2.9.8. PoC available.

PHP Privilege Escalation Authentication Bypass Openstamanager
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-25146 CRITICAL POC PATCH Act Now

Information disclosure in OpenEMR 5.0.2 to before 8.0.0 exposes sensitive data. PoC and patch available.

Information Disclosure Openemr
NVD GitHub
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-26279 CRITICAL POC PATCH Act Now

Command injection in Froxlor server admin before 2.3.4 due to typo (== instead of =) disabling input validation entirely. PoC and patch available.

RCE Froxlor
NVD GitHub
CVSS 3.1
9.1
EPSS
0.6%
CVE-2025-66945 CRITICAL POC Act Now

Zip slip to arbitrary file write in Zdir Pro 4.x ZIP extraction API. PoC available.

RCE Path Traversal Zdir
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-59059 CRITICAL PATCH Act Now

RCE in Apache Ranger <= 2.7.0 via NashornScriptEngineCreator. EPSS 0.42%.

Apache RCE Ranger
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-55020 CRITICAL Act Now

Command injection in Weintek cMT-3072XH2 HMI DHCP activation. EPSS 0.30%.

Command Injection Cmt 3072xh2 Firmware Easyweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-2628 CRITICAL Act Now

Auth bypass in All-in-One Microsoft 365 SSO WordPress plugin.

WordPress Authentication Bypass Microsoft
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-3136 CRITICAL Act Now

Improper authorization in Google Cloud Build GitHub Trigger allowing unauthenticated build execution. EPSS 0.19%.

Google Github Cloud Build
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-22886 CRITICAL Act Now

Default admin credentials in OpenMQ message broker. Shipped with known default admin password.

Information Disclosure Openmq
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-3266 CRITICAL Act Now

Missing authorization in OpenText Filr allows auth bypass via XSRF tokens.

Authentication Bypass Filr
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-55026 CRITICAL Act Now

Command execution via reset_pj.cgi in Weintek cMT-3072XH2.

RCE Easyweb Cmt 3072xh2 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-57622 CRITICAL Act Now

Pickle deserialization RCE in Step-Video-T2V via API endpoints.

Deserialization AI / ML
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3204 CRITICAL Act Now

Input validation flaw in Devolutions Server error message page enables remote spoofing attacks.

Code Injection Devolutions Server
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-55024 CRITICAL Act Now

Auth bypass in Weintek cMT-3072XH2 authorization mechanism.

Authentication Bypass Easyweb Cmt 3072xh2 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3224 CRITICAL Act Now

Azure AD auth bypass in Devolutions Server 2025.3.15.0 and earlier.

Azure Authentication Bypass Devolutions Server
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2590 CRITICAL Act Now

Insecure password saving enforcement in Devolutions Remote Desktop Manager 2025.3.

Hashicorp Information Disclosure
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3130 CRITICAL Act Now

Behavioral control bypass in Devolutions Server 2025.3.15 allows authenticated users to exploit delete permissions.

Information Disclosure Devolutions Server
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-26266 CRITICAL PATCH Act Now

Stored XSS in AliasVault password manager. Patch available.

XSS Aliasvault
NVD GitHub
CVSS 3.1
9.3
EPSS
0.0%
CVE-2026-3437 CRITICAL Act Now

Local privilege escalation in Portwell Engineering Toolkits 4.8.2 stems from a kernel driver that exposes unchecked arbitrary memory read/write primitives to authenticated users. An attacker already logged onto an affected industrial/embedded host can corrupt kernel memory to elevate to SYSTEM-level control or crash the machine. No public exploit has been identified and the EPSS score is very low (0.02%, 3rd percentile), indicating no current evidence of opportunistic exploitation; this was reported through CISA's ICS-CERT rather than via observed in-the-wild activity.

Engineering Toolkits Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy