Skip to main content
CVE-2026-29081 MEDIUM This Month

Frappe versions prior to 14.100.1 and 15.100.0 contain a SQL injection vulnerability in an endpoint that allows authenticated attackers to extract sensitive information from the database. An attacker with valid credentials can craft malicious requests to bypass query protections and access confidential data without modifying or disrupting system availability. No patch is currently available for affected deployments.

SQLi Frappe
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27362 MEDIUM This Month

kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon is affected by missing authorization (CVSS 6.5).

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27354 MEDIUM This Month

WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product is affected by cross-site scripting (xss) (CVSS 6.5).

WordPress XSS
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23546 MEDIUM This Month

RadiusTheme Classified Listing plugin through version 5.3.4 exposes sensitive data in sent communications due to improper information handling. An authenticated attacker can retrieve embedded sensitive information from network traffic without modifying data or disrupting service. No patch is currently available for this vulnerability.

Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-69343 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress theatre allows Stored XSS.This issue affects Theater for WordPress: from n/a through <= 0.19. [CVSS 6.5 MEDIUM]

WordPress XSS
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28481 MEDIUM PATCH This Month

OpenClaw versions 2026.1.30 and earlier leak authentication bearer tokens to untrusted domains when the optional MS Teams attachment downloader extension is enabled, due to overly permissive suffix-based domain allowlisting during download retries. An attacker could harvest these tokens from allowed domains to compromise authenticated sessions. No patch is currently available, affecting users of the vulnerable versions.

Information Disclosure Openclaw
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2893 MEDIUM This Month

SQL injection in WordPress Page and Post Clone plugin up to version 6.3 allows authenticated contributors and above to extract sensitive database information through a second-order injection via the meta_key parameter. The vulnerability stems from insufficient input escaping and query preparation in the content_clone() function, with malicious payloads stored as post metadata and executed during the clone operation. No patch is currently available.

WordPress SQLi
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28038 MEDIUM This Month

Brainstorm_Force Ultimate Addons for WPBakery Page Builder ultimate_vc_addons is affected by missing authorization (CVSS 6.5).

Authentication Bypass
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23799 MEDIUM This Month

Themeum Tutor LMS through version 3.9.5 contains an authorization bypass that allows authenticated users to modify content they should not have access to due to improper access control validation. An attacker with valid credentials can exploit this vulnerability to alter course materials and settings without proper permission checks. No patch is currently available for this medium-severity issue.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28552 MEDIUM This Month

Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.5 MEDIUM]

Buffer Overflow Harmonyos Emui
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-7375 MEDIUM This Month

A denial-of-service (DoS) vulnerability was identified in Omada EAP610 v3. An attacker with adjacent network access can send crafted requests to cause the device’s HTTP service to crash. [CVSS 6.5 MEDIUM]

Denial Of Service Omada Eap610 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28343 MEDIUM PATCH This Month

CKEditor 5 versions before 47.6.0 contain a stored XSS vulnerability in the General HTML Support feature that allows attackers to execute arbitrary JavaScript by injecting malicious markup into documents processed by vulnerable editor instances. This vulnerability affects users relying on unsafe General HTML Support configurations, potentially enabling session hijacking, credential theft, or malware distribution. No patch is currently available for affected deployments.

XSS RCE Ckeditor5
NVD GitHub VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-3034 MEDIUM This Month

OoohBoi Steroids for Elementor (WordPress plugin) is affected by cross-site scripting (xss) (CVSS 6.4).

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-2593 MEDIUM This Month

Stored Cross-Site Scripting in the Greenshift page builder plugin for WordPress (versions up to 12.8.5) allows authenticated users with Contributor privileges or higher to inject malicious scripts through the `_gspb_post_css` post meta and `dynamicAttributes` block attributes due to inadequate input sanitization. When other users access affected pages, the injected scripts execute in their browsers, potentially compromising their sessions or stealing sensitive data. No patch is currently available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-28036 MEDIUM This Month

SkatDesign Ratatouille versions up to 1.2.6 contain a server-side request forgery vulnerability that allows authenticated attackers to make arbitrary HTTP requests from the affected system. An attacker with valid credentials can leverage this flaw to access internal services, retrieve sensitive information, or perform actions on behalf of the server across different security domains. No patch is currently available for this medium-severity vulnerability.

SSRF
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-28395 MEDIUM PATCH This Month

OpenClaw Chrome extension relay server versions prior to 2026.2.12 improperly bind to all network interfaces when wildcard cdpUrl values are configured, enabling remote attackers to discover service endpoints and port information. An attacker can exploit this exposure to conduct denial-of-service attacks and brute-force attempts against the relay token authentication mechanism without requiring local access.

Google Information Disclosure Chrome
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.2%
CVE-2026-28476 MEDIUM PATCH This Month

OpenClaw versions before 2026.2.14 fail to validate base URLs in the Tlon Urbit extension, allowing attackers to trigger server-side request forgery attacks that direct the gateway to arbitrary hosts, including internal systems. This network-accessible vulnerability requires no authentication and can result in information disclosure and service disruption. No patch is currently available.

SSRF Openclaw
NVD GitHub
CVSS 4.0
6.3
EPSS
0.1%
CVE-2026-28071 MEDIUM This Month

Unauthorized access in PixFort Core through version 3.2.22 allows authenticated attackers to bypass access control restrictions and modify system data due to improper authorization checks. An attacker with valid credentials could exploit this vulnerability to access or modify resources they should not have permission to interact with. No patch is currently available for this vulnerability.

Authentication Bypass
NVD
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-28544 MEDIUM This Month

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.2 MEDIUM]

Race Condition Harmonyos
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-28539 MEDIUM This Month

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. [CVSS 6.2 MEDIUM]

Information Disclosure Harmonyos
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-28222 MEDIUM PATCH This Month

Stored XSS in Wagtail's TableBlock allows authenticated users with page editing permissions to inject malicious class attributes that execute arbitrary JavaScript when pages are viewed by other users. An attacker could exploit this to perform administrative actions or steal credentials from higher-privileged users viewing the compromised content. The vulnerability affects Wagtail versions prior to 6.3.8, 7.0.6, 7.2.3, and 7.3.1, with patches now available.

Django XSS Wagtail
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-28223 MEDIUM PATCH This Month

Stored XSS in Wagtail's simple_translation module allows authenticated admin users to inject malicious JavaScript through specially-crafted page titles that executes when other admins perform translation actions, potentially compromising their credentials. The vulnerability affects Wagtail versions prior to 6.3.8, 7.0.6, 7.2.3, and 7.3.1, and requires admin-level access to exploit, limiting exposure to internal threats. Patches are available for all affected versions.

Django XSS Wagtail
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-29052 MEDIUM This Month

HumHub Calendar module versions prior to 1.8.11 contain a stored XSS vulnerability in Event Types that allows attackers to inject malicious scripts viewed by users accessing events created by administrative accounts. An attacker with event creation privileges can execute arbitrary JavaScript in the browsers of users viewing affected events, potentially compromising session tokens or sensitive information. No patch is currently available for affected installations.

XSS Calendar
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-26195 MEDIUM PATCH This Month

Stored cross-site scripting in Gogs prior to version 0.14.2 allows unauthenticated attackers to inject malicious scripts through template rendering of user-controlled data, potentially affecting all users viewing compromised content. The vulnerability exploits unsafe handling of data URLs combined with permissive sanitization, enabling attackers to steal session cookies, deface pages, or perform actions on behalf of victims. A patch is available in version 0.14.2 and later.

XSS Gogs Suse
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-27982 MEDIUM PATCH This Month

Allauth versions up to 65.14.1 is affected by url redirection to untrusted site (open redirect) (CVSS 6.1).

Django Open Redirect Allauth Red Hat
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-28486 MEDIUM PATCH This Month

OpenClaw versions 2026.1.16 through 2026.2.13 allow local attackers to write arbitrary files outside intended directories by supplying malicious archives to the skills, hooks, plugins, or signal installation commands. Successful exploitation enables attackers to achieve code execution or establish persistence on affected systems. A patch is available for affected users.

Path Traversal Openclaw
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-28457 MEDIUM PATCH This Month

OpenClaw versions before 2026.2.14 allow local attackers to write arbitrary files outside the sandbox directory through path traversal sequences in crafted skill package names when sandbox skill mirroring is enabled. An attacker can exploit this by providing a malicious skill package with traversal patterns like ../ or absolute paths in the frontmatter name parameter, potentially compromising system integrity. A patch is available to remediate this vulnerability.

Path Traversal Openclaw
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-28464 MEDIUM PATCH This Month

OpenClaw versions before 2026.2.12 are vulnerable to timing-based token extraction attacks due to non-constant-time string comparison in hook authentication. A network-based attacker can exploit this side-channel vulnerability to gradually recover the hook validation token through repeated timing measurements across multiple requests. The vulnerability requires repeated probing but poses a confidentiality risk to systems using vulnerable versions.

Information Disclosure Openclaw
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-28465 MEDIUM PATCH This Month

OpenClaw voice-call plugin versions before 2026.2.3 allow remote attackers to forge webhook events by exploiting improper authentication in reverse-proxy environments where forwarded headers are implicitly trusted. An unauthenticated attacker can manipulate Forwarded or X-Forwarded-* headers to bypass webhook verification and spoof legitimate events. A patch is available to address this authentication bypass vulnerability.

Authentication Bypass Openclaw
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-29613 MEDIUM PATCH This Month

Openclaw versions up to 2026.2.12 is affected by missing authentication for critical function (CVSS 5.9).

React Openclaw
NVD GitHub
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-27344 MEDIUM This Month

Inseri Core versions up to 1.0.5 contain an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data through improperly configured access controls. The vulnerability has a CVSS score of 5.3 and currently lacks a patch, putting deployments at risk until remediation is available.

Authentication Bypass
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-28546 MEDIUM This Month

Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 5.9 MEDIUM]

Buffer Overflow Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-28545 MEDIUM This Month

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 5.9 MEDIUM]

Race Condition Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-28538 MEDIUM This Month

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 5.9 MEDIUM]

Path Traversal Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2024-43035 MEDIUM PATCH This Month

Fonoster 0.5.5 before 0.6.1 allows ../ directory traversal to read arbitrary files via the /sounds/:file or /tts/:file VoiceServer endpoint. This occurs in serveFiles in mods/voice/src/utils.ts. [CVSS 5.8 MEDIUM]

Path Traversal
NVD GitHub
CVSS 3.1
5.8
EPSS
0.2%
CVE-2025-68515 MEDIUM This Month

Insertion of Sensitive Information Into Sent Data vulnerability in Roland Murg WP Booking System wp-booking-system allows Retrieve Embedded Sensitive Data.This issue affects WP Booking System: from n/a through <= 2.0.19.12. [CVSS 5.8 MEDIUM]

Information Disclosure
NVD
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-30789 MEDIUM This Month

Authentication bypass in RustDesk Client through 1.4.5 across Windows, macOS, Linux, iOS, and Android allows remote attackers to replay captured session IDs and login proofs to impersonate legitimate peers without knowing the original credentials. The flaw stems from insufficient computational effort in the hash_password() routine combined with reusable session identifiers in the login proof construction, enabling capture-replay attacks against the peer authentication module. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.04% (12th percentile).

Authentication Bypass Google Microsoft Apple Rustdesk
NVD VulDB
CVSS 4.0
5.7
EPSS
0.0%
CVE-2026-28452 MEDIUM PATCH This Month

Openclaw versions up to 2026.2.14 is affected by allocation of resources without limits or throttling (CVSS 5.5).

Denial Of Service Openclaw
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2026-29612 MEDIUM PATCH This Month

Openclaw versions up to 2026.2.14 is affected by allocation of resources without limits or throttling (CVSS 5.5).

Denial Of Service Openclaw
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-27411 MEDIUM This Month

The SiteGuard WP Plugin for WordPress through version 1.7.9 contains a guessable CAPTCHA implementation that allows attackers to bypass security protections without authentication. This vulnerability enables attackers to circumvent the plugin's functionality controls and potentially gain unauthorized access to protected resources or perform actions that should be restricted.

Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-64166 MEDIUM PATCH This Month

Mercurius is a GraphQL adapter for Fastify. Prior to version 16.4.0, a cross-site request forgery (CSRF) vulnerability was identified. The issue arises from incorrect parsing of the Content-Type header in requests. Specifically, requests with Content-Type values such as application/x-www-form-urlencoded, multipart/form-data, or text/plain could be misinterpreted as application/json. This misint...

CSRF Mercurius
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-28471 MEDIUM PATCH This Month

OpenClaw versions 2026.1.14-1 through 2026.2.1 with the Matrix plugin enabled fail to validate homeserver identity when checking direct message allowlists, allowing remote attackers to impersonate authorized users by spoofing display names or local identifiers from different homeservers. This bypass enables unauthorized access to routing and agent pipelines for authenticated Matrix users on remote servers. A patch is available in version 2026.2.2 and later.

Authentication Bypass Openclaw
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-26196 MEDIUM PATCH This Month

Gogs versions prior to 0.14.2 expose authentication tokens in URL parameters, allowing credentials to be captured through server logs, browser history, and HTTP referrer headers. This information disclosure vulnerability affects self-hosted Gogs instances and could enable attackers to gain unauthorized API access if tokens are leaked through these channels. A patch is available in version 0.14.2 and later.

Information Disclosure Gogs Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28413 MEDIUM PATCH This Month

Products.isurlinportal is a replacement for isURLInPortal method in Plone. versions up to 2.1.0 is affected by url redirection to untrusted site (open redirect) (CVSS 5.3).

Open Redirect Isurlinportal
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28537 MEDIUM This Month

Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 5.1 MEDIUM]

Information Disclosure Harmonyos
NVD
CVSS 3.1
5.1
EPSS
0.0%
CVE-2026-27023 MEDIUM This Month

Twenty CRM versions prior to 1.18 allow authenticated users to bypass SSRF protections by exploiting unvalidated HTTP redirect targets, enabling access to private IP addresses through attacker-controlled intermediaries. An attacker with control over webhook endpoints or image URLs can leverage this vulnerability to reach restricted internal resources that would normally be blocked.

SSRF Twenty
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-3523 MEDIUM This Month

SQL injection in the Apocalypse Meow WordPress plugin up to version 22.1.0 allows authenticated administrators to execute arbitrary SQL queries due to a flawed validation check combined with improper quote escaping. An authenticated attacker with administrator privileges can exploit this via the 'type' parameter to extract sensitive database information. No patch is currently available.

WordPress PHP SQLi
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2026-28078 MEDIUM This Month

Stylemix uListing versions 2.2.0 and earlier contain a path traversal vulnerability that allows authenticated users with high privileges to access files outside the intended directory structure and read sensitive information. The vulnerability requires valid credentials and does not enable file modification or system disruption, limiting its impact to unauthorized information disclosure.

Path Traversal
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2026-30783 MEDIUM This Month

Privilege escalation in RustDesk Client through version 1.4.5 on Windows, macOS, Linux, iOS, and Android allows unauthenticated remote attackers to abuse API sync and configuration management functions. The vulnerability in the rendezvous mediator and HTTP sync modules enables attackers to gain elevated privileges without user interaction. No patch is currently available for affected users.

Information Disclosure Google Apple Microsoft Rustdesk
NVD VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2026-28475 MEDIUM PATCH This Month

OpenClaw versions before 2026.2.13 are vulnerable to timing side-channel attacks on hook token validation due to use of non-constant-time string comparison. Remote attackers can exploit this weakness by measuring response times across multiple requests to gradually recover authentication tokens for the hooks endpoint. This affects confidentiality and integrity of OpenClaw deployments accessible over the network.

Information Disclosure Openclaw
NVD GitHub
CVSS 3.1
4.8
EPSS
0.1%
Prev Page 9 of 10 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy