Skip to main content
CVE-2026-23231 HIGH POC PATCH CISA Act Now

A use-after-free vulnerability in the Linux kernel's netfilter nf_tables chain registration allows local attackers with user privileges to trigger memory corruption and cause a denial of service, potentially leading to privilege escalation. The flaw occurs when hook registration fails during chain addition, allowing concurrent operations to access freed memory without proper RCU synchronization. The vulnerability affects systems running vulnerable Linux kernels with netfilter enabled, and no patch is currently available.

Linux Use After Free Information Disclosure Memory Corruption
NVD VulDB Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
Threat
5.1
CVE-2026-28773 HIGH POC This Week

Authenticated attackers can execute arbitrary OS commands with root privileges on IDC SFX2100 satellite receivers through command injection in the web-based Ping utility, bypassing input filters by using alternate shell metacharacters like the pipe operator. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the web management interface and allows complete system compromise for any authenticated user.

Command Injection Sfx2100 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-28774 HIGH POC This Week

Authenticated attackers can achieve remote code execution with root privileges on IDC SFX2100 satellite receiver devices through OS command injection in the web-based Traceroute diagnostic tool. By injecting shell metacharacters into the flags parameter, an attacker can execute arbitrary operating system commands on the affected system. Public exploit code exists for this vulnerability, and no patch is currently available.

Command Injection Sfx2100 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2019-25507 HIGH POC This Week

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 4.0
8.8
EPSS
0.1%
CVE-2019-25504 HIGH POC This Week

NCrypted Jobgator contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the experience parameter. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB
CVSS 4.0
8.8
EPSS
0.1%
CVE-2026-28770 HIGH POC This Week

XML injection in the IDC SFX2100 satellite receiver web interface allows authenticated attackers to inject arbitrary XML elements and execute reflected cross-site scripting attacks through unsanitized input in the checkifdone.cgi script. Public exploit code exists for this vulnerability, and potential for more severe attacks such as XXE exploitation has not been ruled out. No patch is currently available for affected firmware versions.

XSS XXE Sfx2100 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2019-25506 HIGH POC This Week

FreeSMS 2.1.2 contains a boolean-based blind SQL injection vulnerability in the password parameter that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login endpoint. [CVSS 8.2 HIGH]

PHP SQLi Authentication Bypass Freesms
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.3%
CVE-2019-25499 HIGH POC This Week

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the job_id parameter. [CVSS 8.2 HIGH]

PHP SQLi Authentication Bypass Simplejobscript
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.3%
CVE-2019-25498 HIGH POC This Week

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landing_location parameter. [CVSS 8.2 HIGH]

SQLi Authentication Bypass Simplejobscript
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.2%
CVE-2019-25501 HIGH POC This Week

Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the app_id parameter. [CVSS 8.2 HIGH]

PHP SQLi Authentication Bypass Simplejobscript
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2019-25500 HIGH POC This Week

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the employerid parameter. [CVSS 8.2 HIGH]

SQLi Simplejobscript
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-23233 HIGH POC PATCH This Week

F2FS swapfile memory corruption in Linux kernel 6.6+ allows local attackers with user privileges to cause data corruption through improper physical block mapping when using fragmented swapfiles smaller than the F2FS section size. Public exploit code exists for this vulnerability, and attackers can trigger dm-verity corruption errors or F2FS node corruption leading to system crashes and data loss. No patch is currently available.

Linux Google Buffer Overflow Memory Corruption Linux Kernel +3
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-70341 HIGH POC PATCH This Week

Insecure permissions in App-Auto-Patch v3.4.2 create a race condition which allows attackers to write arbitrary files. [CVSS 7.8 HIGH]

Race Condition App Auto Patch
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26514 HIGH POC PATCH This Week

Remote attackers can inject arbitrary command-line arguments into bird-lg-go's traceroute module through unsanitized user input, enabling denial-of-service attacks that exhaust system resources. The vulnerability affects Golang and bird-lg-go installations prior to commit 6187a4e, and public exploit code exists. A patch is available to remediate this high-severity flaw.

Golang Denial Of Service Bird Lg Go
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-26673 HIGH POC This Week

Remote denial of service attacks against DJI Mavic Mini, Spark, and Mini SE firmware versions 0.1.00.0500 and below can be executed over the network by exploiting the Enhanced-WiFi transmission subsystem without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker can disrupt drone operations and connectivity by sending specially crafted wireless transmissions to affected devices.

Denial Of Service Mini Se Firmware Spark Firmware Mavic Mini Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-7337 HIGH POC This Week

The JS Help Desk - AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied values and lack of sufficient preparation on the existing SQL query. [CVSS 7.5 HIGH]

WordPress SQLi
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-28435 HIGH POC PATCH This Week

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. [CVSS 7.5 HIGH]

Denial Of Service Cpp Httplib Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-28696 HIGH POC PATCH This Week

Craft is a content management system (CMS). [CVSS 7.5 HIGH]

Authentication Bypass Craft Cms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-2025 HIGH POC This Week

Unauthenticated disclosure of WordPress user email addresses in Mail Mint plugin versions before 1.19.5 through an unprotected REST API endpoint allows remote attackers to enumerate users without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. This affects all installations of the Mail Mint plugin below the patched version.

WordPress Information Disclosure
NVD WPScan GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-28695 HIGH POC PATCH This Week

Remote code execution in Craft CMS 5.8.21 allows authenticated administrators to execute arbitrary PHP code through Server-Side Template Injection in the create() Twig function combined with Symfony Process gadget chains. Public exploit code exists for this vulnerability, which bypasses the previous patch for CVE-2025-57811. Updates are available in Craft CMS 5.9.0-beta.1 and 4.17.0-beta.1.

PHP RCE Craft Cms
NVD GitHub
CVSS 3.1
7.2
EPSS
0.1%
CVE-2019-25503 HIGH POC This Week

PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bannerID parameter in click.php3. [CVSS 7.1 HIGH]

PHP SQLi Phpads
NVD Exploit-DB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2019-25505 HIGH POC This Week

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. [CVSS 7.1 HIGH]

SQLi Tradebox
NVD Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-3544 HIGH PATCH This Week

Google Chrome versions before 145.0.7632.159 contain a heap buffer overflow in the WebCodecs component that enables remote attackers to write data outside allocated memory bounds through malicious HTML pages. An unauthenticated attacker can exploit this vulnerability with minimal user interaction to achieve arbitrary code execution on affected systems. A patch is available in Chrome 145.0.7632.159 and later.

Google Buffer Overflow Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3537 HIGH PATCH This Week

Heap corruption in Chrome's PowerVR graphics driver on Android versions prior to 145.0.7632.159 can be triggered through malicious HTML pages, potentially enabling remote code execution without user interaction beyond visiting a compromised website. The vulnerability stems from improper object lifecycle management and affects all Android users running vulnerable Chrome versions. A patch is available and should be applied immediately given the high exploitation potential.

Android Chrome Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3538 HIGH PATCH This Week

Google Chrome's Skia rendering engine contains an integer overflow flaw that enables remote attackers to access out-of-bounds memory when processing malicious HTML pages. Affected users running Chrome versions prior to 145.0.7632.159 could face memory corruption leading to information disclosure, data modification, or denial of service. A security patch is available to remediate this critical vulnerability.

Integer Overflow Chrome Google Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3536 HIGH PATCH This Week

Google Chrome's ANGLE graphics library before version 145.0.7632.159 contains an integer overflow vulnerability that enables remote attackers to access out-of-bounds memory through malicious HTML pages. An unauthenticated attacker can exploit this flaw by tricking users into visiting a crafted webpage, potentially compromising confidentiality, integrity, and availability. A patch is available in Chrome 145.0.7632.159 and later versions.

Integer Overflow Chrome Google Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3543 HIGH PATCH This Week

Out-of-bounds memory access in Google Chrome's V8 engine (versions prior to 145.0.7632.159) enables remote attackers to achieve memory corruption through malicious HTML pages without requiring user privileges beyond standard interaction. The vulnerability affects all Chrome users and could potentially lead to information disclosure, data corruption, or code execution depending on memory layout and exploitation context.

Chrome Google Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3541 HIGH PATCH This Week

Out-of-bounds memory read in Google Chrome's CSS implementation (versions prior to 145.0.7632.159) allows network attackers to read sensitive memory contents by tricking users into viewing a malicious HTML page. The vulnerability requires user interaction but carries high impact, enabling information disclosure without authentication or special privileges. A patch is available in Chrome 145.0.7632.159 and later.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3540 HIGH PATCH This Week

Out-of-bounds memory access in Google Chrome's WebAudio component (versions prior to 145.0.7632.159) enables remote attackers to read, modify, or crash the browser by tricking users into visiting malicious web pages. This network-based vulnerability requires no special privileges and affects all Chrome users who interact with untrusted content. A patch is available in Chrome 145.0.7632.159 and later versions.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3542 HIGH PATCH This Week

Out-of-bounds memory access in Google Chrome's WebAssembly implementation (versions prior to 145.0.7632.159) enables remote attackers to achieve full memory corruption through malicious HTML pages, requiring only user interaction. An attacker can exploit this to read sensitive data, modify memory, or crash the browser with no authentication needed. A patch is available in Chrome 145.0.7632.159 and later.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3539 HIGH PATCH This Week

Heap corruption in Google Chrome's DevTools prior to version 145.0.7632.159 can be triggered through a malicious extension, requiring user installation and interaction. An attacker exploiting this object lifecycle vulnerability could achieve arbitrary code execution with full system privileges. A patch is available in Chrome 145.0.7632.159 and later versions.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3520 HIGH PATCH This Week

Denial of service in Multer (Express.js multipart/form-data middleware) before version 2.1.1 allows remote unauthenticated attackers to crash a Node.js application by sending specially malformed multipart requests that trigger uncontrolled recursion and stack overflow. Affecting one of the most widely used file-upload middlewares in the Node.js/Express ecosystem, the flaw carries a CVSS 4.0 base score of 8.7 with availability-only impact. There is no public exploit identified at time of analysis and the EPSS score is very low (0.06%, 18th percentile), but a vendor patch and Red Hat errata are available.

Node.js Denial Of Service Multer
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-20039 HIGH This Week

Unauthenticated remote attackers can trigger a denial of service against Cisco Secure Firewall ASA and FTD devices by sending crafted HTTP requests to the VPN web server, exploiting ineffective memory management to force device reloads. The vulnerability requires no authentication or user interaction and affects all network-exposed instances. No patch is currently available.

Cisco Denial Of Service
NVD
CVSS 3.1
8.6
EPSS
0.2%
CVE-2026-20082 HIGH This Week

Cisco Secure Firewall ASA devices fail to properly manage embryonic connection limits during TCP SYN flood attacks, allowing unauthenticated remote attackers to block all incoming TCP connections including management access and VPN services. An attacker can exploit this denial-of-service vulnerability by sending crafted traffic streams to management or data interfaces, effectively isolating the device from legitimate network access. No patch is currently available for this HIGH severity vulnerability.

Cisco Denial Of Service
NVD VulDB
CVSS 3.1
8.6
EPSS
0.1%
CVE-2026-20101 HIGH This Week

Cisco Secure Firewall ASA and Secure FTD devices can be remotely rebooted by unauthenticated attackers through malformed SAML 2.0 authentication messages, causing service unavailability due to insufficient input validation. The vulnerability has a high attack surface as it requires no authentication or user interaction and affects the device's core authentication mechanism. No patch is currently available.

Cisco Information Disclosure
NVD VulDB
CVSS 3.1
8.6
EPSS
0.1%
CVE-2026-20103 HIGH This Week

Denial of service in Cisco Secure Firewall ASA and FTD Remote Access SSL VPN allows unauthenticated remote attackers to exhaust device memory through malformed packets, causing the VPN service to become unresponsive. The vulnerability stems from insufficient input validation on the SSL VPN server and currently has no available patch. While the management interface remains accessible, new VPN connections cannot be established during an attack.

Cisco Denial Of Service
NVD VulDB
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-66024 HIGH PATCH GHSA This Week

The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Versions prior to 9.15.7 are vulnerable to Stored Cross-Site Scripting (XSS) via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML <title> tag without proper escaping. An attacker with permissions to create or edit blog posts can inject malicious J...

XSS Privilege Escalation Blog Application
NVD GitHub
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-27803 HIGH PATCH This Week

Vaultwarden versions prior to 1.35.4 fail to properly enforce collection management permissions, allowing authenticated users with Manager roles to perform restricted management operations on collections where they lack authorization. An attacker with valid credentials can exploit this privilege escalation to modify or control collections they should not have access to. No patch is currently available for affected deployments.

Privilege Escalation Vaultwarden Red Hat
NVD GitHub
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-27802 HIGH PATCH This Week

Vaultwarden versions before 1.35.4 contain a privilege escalation vulnerability that allows authenticated Manager-level users to modify permissions on collections they should not have access to. An attacker with Manager role can exploit this during bulk permission updates to gain unauthorized access to sensitive collections. A patch is available in version 1.35.4 and should be applied immediately.

Privilege Escalation Vaultwarden Red Hat
NVD GitHub
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-25750 HIGH This Week

LangSmith Studio contains a URL parameter injection vulnerability that allows attackers to steal authentication tokens, user IDs, and workspace credentials from users who click malicious links, enabling account takeover and unauthorized access to workspace resources. Both LangSmith Cloud and self-hosted Kubernetes deployments are affected, with exploitation requiring social engineering to trick authenticated users into clicking attacker-controlled URLs. No patch is currently available for this high-severity vulnerability (CVSS 8.1).

Kubernetes Authentication Bypass Langsmith Langchain AI / ML
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-20002 HIGH This Week

Unauthenticated SQL injection in Cisco Secure FMC's web management interface allows authenticated attackers to manipulate database queries and extract sensitive data or read operating system files. The vulnerability stems from insufficient input validation on user-supplied requests, requiring valid credentials to exploit. No patch is currently available.

Cisco SQLi
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-23234 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's f2fs filesystem allows a local attacker with user privileges to trigger memory corruption and crash the system through a race condition between I/O completion and filesystem unmount operations. The vulnerability occurs when a loop device completes write operations concurrently with an unmount that frees filesystem structures still being accessed by pending I/O handlers. This issue has no available patch and requires kernel-level access to exploit.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71238 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsg_done() causing double free Kernel panic observed on system, [5353358.825191] BUG: unable to handle page fault for address: ff5f5e897b024000 [5353358.825194] #PF: supervisor write access in kernel mode [5353358.825195] #PF: error_code(0x0002) - not-present page [5353358.825196] PGD 100006067 P4D 0 [5353358.825198] Oops: 0002 [#1] PREEMPT SMP NOPTI [5353358.825200] CPU: 5 PID: 2132085 Comm: qlafwupdate.sub Kdump: loaded Tainted: G W L ------- --- 5.14.0-503.34.1.el9_5.x86_64 #1 [5353358.825203] Hardware name: HPE ProLiant DL360 Gen11/ProLiant DL360 Gen11, BIOS 2.44 01/17/2025 [5353358.825204] RIP: 0010:memcpy_erms+0x6/0x10 [5353358.825211] RSP: 0018:ff591da8f4f6b710 EFLAGS: 00010246 [5353358.825212] RAX: ff5f5e897b024000 RBX: 0000000000007090 RCX: 0000000000001000 [5353358.825213] RDX: 0000000000001000 RSI: ff591da8f4fed090 RDI: ff5f5e897b024000 [5353358.825214] RBP: 0000000000010000 R08: ff5f5e897b024000 R09: 0000000000000000 [5353358.825215] R10: ff46cf8c40517000 R11: 0000000000000001 R12: 0000000000008090 [5353358.825216] R13: ff591da8f4f6b720 R14: 0000000000001000 R15: 0000000000000000 [5353358.825218] FS: 00007f1e88d47740(0000) GS:ff46cf935f940000(0000) knlGS:0000000000000000 [5353358.825219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [5353358.825220] CR2: ff5f5e897b024000 CR3: 0000000231532004 CR4: 0000000000771ef0 [5353358.825221] PKRU: 55555554 [5353358.825222] Call Trace: [5353358.825223] <TASK> [5353358.825224] ? show_trace_log_lvl+0x1c4/0x2df [5353358.825229] ? show_trace_log_lvl+0x1c4/0x2df [5353358.825232] ? sg_copy_buffer+0xc8/0x110 [5353358.825236] ? __die_body.cold+0x8/0xd [5353358.825238] ? page_fault_oops+0x134/0x170 [5353358.825242] ? kernelmode_fixup_or_oops+0x84/0x110 [5353358.825244] ? exc_page_fault+0xa8/0x150 [5353358.825247] ? asm_exc_page_fault+0x22/0x30 [5353358.825252] ? memcpy_erms+0x6/0x10 [5353358.825253] sg_copy_buffer+0xc8/0x110 [5353358.825259] qla2x00_process_vendor_specific+0x652/0x1320 [qla2xxx] [5353358.825317] qla24xx_bsg_request+0x1b2/0x2d0 [qla2xxx] Most routines in qla_bsg.c call bsg_done() only for success cases.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-3094 HIGH This Week

Arbitrary code execution in Delta Electronics CNCSoft-G2 occurs when the application fails to properly validate user-supplied files, allowing an attacker to execute malicious code by tricking a user into opening a crafted file. This local vulnerability affects industrial environments running CNCSoft-G2 and requires user interaction to exploit. No patch is currently available.

Industrial Cncsoft G2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-29120 HIGH This Week

Local privilege escalation in IDC SFX2100 Satellite Receiver firmware stems from a hardcoded root password hash stored in the installation configuration file that is vulnerable to offline dictionary attacks. An attacker with low-privileged local access can exploit this weak credential to escalate to root, though no patch is currently available. The vulnerability requires prior system compromise but provides a reliable path to full administrative control on affected devices.

Authentication Bypass Sfx2100 Firmware
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20100 HIGH This Week

Cisco Secure Firewall ASA and FTD devices are vulnerable to a denial of service attack through the Remote Access SSL VPN feature, where authenticated attackers can trigger unvalidated input processing in the Lua interpreter to force device reloads. The vulnerability stems from insufficient input validation in the Lua interpreter and can be exploited by sending specially crafted HTTP packets over an existing VPN connection. No patch is currently available for this HIGH severity issue (CVSS 7.7).

Cisco Denial Of Service Buffer Overflow
NVD VulDB
CVSS 3.1
7.7
EPSS
0.2%
CVE-2026-20049 HIGH This Week

Denial of service in Cisco ASA and FTD devices processing GCM-encrypted IKEv2 IPsec traffic results from inadequate memory allocation, allowing authenticated remote attackers to trigger device reloads by sending specially crafted encrypted packets. An attacker with valid VPN credentials can exploit this vulnerability to render affected firewalls unavailable. No patch is currently available.

Cisco Denial Of Service Microsoft
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2026-20014 HIGH This Week

Memory exhaustion in Cisco Secure Firewall ASA and FTD IKEv2 implementations allows authenticated remote attackers with valid VPN credentials to trigger device reloads by sending crafted packets, disrupting firewall availability and downstream network services. The vulnerability stems from improper IKEv2 packet processing that fails to constrain memory allocation. No patch is currently available.

Cisco Information Disclosure
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2026-20105 HIGH This Week

Denial of service in Cisco Secure Firewall ASA and FTD Remote Access SSL VPN functionality allows authenticated attackers to exhaust device memory by sending specially crafted packets, forcing a device reload. The vulnerability stems from insufficient input validation on user-supplied data and requires valid VPN credentials to exploit. No patch is currently available.

Cisco Denial Of Service
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2026-0847 HIGH PATCH GHSA This Week

Path traversal in NLTK (Natural Language Toolkit) versions ≤3.9.2 allows remote unauthenticated attackers to read arbitrary files from the server hosting NLP applications. Multiple CorpusReader classes (WordListCorpusReader, TaggedCorpusReader, BracketParseCorpusReader) fail to sanitize file paths, enabling directory traversal to access sensitive files including SSH keys, API tokens, and system configurations. This poses critical risk in machine learning APIs, chatbots, and NLP pipelines that process user-controlled file inputs. EPSS score of 0.25% (48th percentile) suggests low widespread exploitation probability despite public disclosure via huntr.com bounty, though the unauthenticated network vector (AV:N/PR:N) and zero attack complexity make this readily exploitable once targets are identified.

RCE Path Traversal Authentication Bypass Nltk
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy