Skip to main content
CVE-2026-26022 HIGH POC PATCH This Week

Stored XSS in Gogs prior to version 0.14.2 allows authenticated users to execute arbitrary JavaScript in comments and issue descriptions by exploiting the HTML sanitizer's allowance of data: URI schemes. This affects all users viewing malicious content within the same Gogs instance and could enable session hijacking or credential theft. Public exploit code exists for this vulnerability, though a patch is available in version 0.14.2 and later.

XSS Gogs Suse
NVD GitHub
CVSS 3.1
8.7
EPSS
0.0%
CVE-2026-28442 HIGH POC This Week

ZimaOS 1.5.2-beta3 fails to validate filesystem paths in its API delete endpoint, allowing authenticated users to bypass UI restrictions and remove critical system files and directories. Public exploit code exists for this vulnerability, and the lack of input validation on path parameters enables attackers with API access to potentially render the system unbootable or cause denial of service. No patch is currently available.

Authentication Bypass Zimaos
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-30798 HIGH POC This Week

Remote denial-of-service in RustDesk Client through 1.4.5 allows network-positioned attackers to disrupt the remote-access agent by manipulating heartbeat synchronization traffic, abusing weak authenticity checks in the hbbs_http/sync.rs heartbeat loop to trigger the stop-service handler. Publicly available exploit code exists, but EPSS is very low (0.02%, 5th percentile) and there is no public exploit identified at time of analysis being tracked as actively exploited (not in CISA KEV).

Rustdesk Microsoft Google Apple Information Disclosure
NVD VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-29121 HIGH POC This Week

The setuid bit on the /sbin/ip utility in IDC SFX2100 satellite receiver firmware allows local users to execute privileged operations as root, enabling unauthorized file reads and potential privilege escalation attacks. Public exploit code exists for this vulnerability, and affected users have no available patch. This vulnerability impacts any local user with access to the device.

Privilege Escalation Sfx2100 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-29126 HIGH POC This Week

Sfx2100 Firmware versions up to - is affected by incorrect permission assignment for critical resource (CVSS 7.8).

Privilege Escalation Sfx2100 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-70616 HIGH POC This Week

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. [CVSS 7.8 HIGH]

Linux Buffer Overflow Denial Of Service Privilege Escalation Wnbios64.Sys
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-29124 HIGH POC This Week

Sfx2100 Satellite Receiver firmware contains multiple SUID root binaries in predictable locations that allow local privilege escalation from the monitor user to root. Public exploit code exists for this vulnerability, enabling any local user with monitor privileges to gain complete system control. A patch is not currently available, leaving affected devices vulnerable to privilege escalation attacks.

Privilege Escalation Sfx2100 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-29123 HIGH POC This Week

Local privilege escalation in IDC SFX2100 firmware affects Linux systems through a SUID binary vulnerable to PATH hijacking, symlink abuse, and shared object hijacking. A local attacker can exploit this to gain root-level privileges, and public exploit code is available. No patch is currently available to address this HIGH severity vulnerability.

Linux Privilege Escalation Sfx2100 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-29127 HIGH POC This Week

Local privilege escalation in IDC SFX2100 Satellite Receiver firmware occurs due to overly permissive file system permissions (0777) on a privileged user's home directory, allowing any local user to read, write, and execute files within it. An attacker with local access can leverage highly privileged processes and binaries in this directory to escalate their privileges on the system. Public exploit code exists for this vulnerability, and no patch is currently available.

Privilege Escalation Sfx2100 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-28342 HIGH POC PATCH This Week

OliveTin versions prior to 3000.10.2 are vulnerable to unauthenticated denial of service through the PasswordHash API endpoint, which lacks request throttling or authentication controls and allows attackers to trigger excessive memory allocation via concurrent hashing requests. An attacker can exhaust container memory by sending multiple parallel requests, causing service degradation or complete outage. Public exploit code exists for this vulnerability, and a patch is available in version 3000.10.2 and later.

Denial Of Service Olivetin Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-28789 HIGH POC PATCH This Week

OliveTin versions prior to 3000.10.3 are vulnerable to unauthenticated denial-of-service attacks when OAuth2 authentication is enabled, allowing remote attackers to crash the application by sending concurrent requests to the login endpoint. The vulnerability stems from unsynchronized access to shared state during OAuth2 processing, triggering a Go runtime panic. Public exploit code exists for this high-severity flaw, which is patched in version 3000.10.3 and later.

Golang Denial Of Service Olivetin Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-28790 HIGH POC PATCH This Week

OliveTin versions prior to 3000.11.0 suffer from broken access control allowing unauthenticated users to invoke the KillAction RPC endpoint and terminate running shell command executions, bypassing authentication restrictions. Public exploit code exists for this vulnerability, enabling remote denial of service attacks against legitimate administrative actions. The vulnerability affects OliveTin deployments regardless of authentication settings and has been remediated in version 3000.11.0 and later.

Denial Of Service Olivetin Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-69411 HIGH POC This Week

Robert Seyfriedsberger ionCube tester plus ioncube-tester-plus is affected by path traversal (CVSS 7.5).

Path Traversal
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-45691 HIGH POC PATCH GHSA This Week

An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs. [CVSS 7.5 HIGH]

Path Traversal Ragas
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-28448 HIGH POC PATCH This Week

OpenClaw versions before 2026.2.1 fail to properly validate access controls in the Twitch plugin when role restrictions are not configured, allowing unauthenticated remote attackers to trigger agent dispatch through Twitch chat mentions. Public exploit code exists for this vulnerability, enabling attackers to invoke the agent pipeline and potentially cause unintended actions or resource exhaustion. Organizations running affected versions with the Twitch plugin enabled should apply the available patch immediately.

Denial Of Service Authentication Bypass AI / ML Openclaw
NVD GitHub
CVSS 3.1
7.3
EPSS
0.1%
CVE-2026-26194 HIGH POC PATCH This Week

Gogs prior to version 0.14.2 contains a command injection vulnerability in release deletion functionality where improper handling of user-controlled tag names allows git options to be injected into git commands. An authenticated attacker with UI interaction can exploit this to achieve integrity and availability impacts. Public exploit code exists for this vulnerability.

Code Injection Gogs Suse
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-70614 HIGH CISA Act Now

OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control vulnerability in the web-based control panel allowing authenticated low-privileged attackers to gain to access to arbitrary SMS messages via a crafted company or tenant identifier parameter. [CVSS 8.1 HIGH]

Authentication Bypass Ussd Gateway
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-3047 HIGH PATCH This Week

Keycloak's SAML identity provider broker fails to enforce client disabled status during IdP-initiated SSO flows, allowing attackers with valid credentials to establish authenticated sessions and access other enabled clients without re-authentication. An authenticated remote attacker can exploit this authentication bypass to gain unauthorized access to protected resources across the Keycloak ecosystem. No patch is currently available.

Authentication Bypass Build Of Keycloak Keycloak
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-70995 HIGH This Week

An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. [CVSS 8.8 HIGH]

RCE Code Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2026-30784 HIGH This Week

Unauthenticated attackers can abuse missing authorization controls in RustDesk Server's rendezvous and relay modules (hbbs/hbbr) to gain unauthorized privileges through exposed critical functions like punch hole requests and peer registration. This vulnerability affects RustDesk Server versions through 1.7.5 and 1.1.15, enabling remote privilege escalation over the network with no authentication required. No patch is currently available.

Authentication Bypass Suse
NVD VulDB
CVSS 4.0
8.8
EPSS
0.1%
CVE-2026-28287 HIGH This Week

Unauthenticated command injection in FreePBX recordings module (versions 16.0.17.2-16.0.19 and 17.0.2.4-17.0.4) allows authenticated attackers to execute arbitrary system commands with full system privileges. The vulnerability stems from improper input validation in the recordings functionality, enabling complete compromise of affected FreePBX installations. No patch is currently available.

Command Injection Freepbx
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-29610 HIGH PATCH This Week

Arbitrary command execution in OpenClaw prior to version 2026.2.14 stems from improper PATH validation during node-host execution and project bootstrapping, allowing authenticated attackers or those with local filesystem access to substitute malicious binaries for legitimate commands. An attacker can exploit this to bypass allowlisted command restrictions and achieve code execution with the privileges of the OpenClaw process. A patch is available for versions 2026.2.14 and later.

Privilege Escalation Openclaw
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-27390 HIGH This Week

designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon contains a security vulnerability (CVSS 8.8).

Authentication Bypass
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-27379 HIGH This Week

NextScripts NextScripts social-networks-auto-poster-facebook-twitter-g is affected by deserialization of untrusted data (CVSS 8.8).

Deserialization
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-27338 HIGH This Week

Object injection through unsafe deserialization in AivahThemes Car Zone up to version 3.7 allows authenticated attackers to execute arbitrary code with network access and no user interaction required. With a CVSS score of 8.8 indicating high severity, this vulnerability poses a significant risk to affected installations, though no patch is currently available. Attackers with valid credentials can exploit this flaw to gain complete system compromise including confidentiality, integrity, and availability impact.

Deserialization
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-23798 HIGH This Week

blubrry PowerPress Podcasting powerpress is affected by deserialization of untrusted data (CVSS 8.8).

Deserialization
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-22473 HIGH This Week

Object injection through unsafe deserialization in designthemes Dental Clinic version 3.7 and earlier allows authenticated attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability. An attacker with valid credentials can exploit this CWE-502 weakness to inject malicious objects during the deserialization process, potentially compromising the entire application. No patch is currently available for this vulnerability.

Deserialization
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-28210 HIGH This Week

Unauthenticated SQL injection in the FreePBX CDR module (versions before 16.0.49 and 17.0.7) allows authenticated users to execute arbitrary SQL commands and potentially compromise the entire database. An attacker with valid credentials can exploit this vulnerability to read sensitive call records, modify system data, or escalate privileges within the FreePBX system. No patch is currently available, leaving affected installations at high risk until upgrades are deployed.

SQLi Freepbx
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-22471 HIGH This Week

maximsecudeal Secudeal Payments for Ecommerce secudeal-payments-for-ecommerce is affected by deserialization of untrusted data (CVSS 8.6).

Deserialization
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-1720 HIGH This Week

WowOptin: Next-Gen Popup Maker plugin for WordPress versions up to 1.4.24 fails to validate user permissions on plugin installation functions, allowing authenticated subscribers to install and activate arbitrary plugins. This privilege escalation vulnerability enables low-privileged attackers to execute remote code with full WordPress permissions. No patch is currently available.

WordPress Authentication Bypass
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-26416 HIGH This Week

Privilege escalation in Cognix Platform v3.0 permits authenticated users to bypass authorization controls and assume higher-privileged roles through specially crafted requests. This vulnerability affects all users with valid credentials and could allow attackers to gain unauthorized administrative access. No patch is currently available.

Privilege Escalation Cognix Platform
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-28284 HIGH This Week

SQL injection in the FreePBX logfiles module allows authenticated attackers to manipulate database queries and potentially extract sensitive data or modify system records. Versions prior to 16.0.10 and 17.0.5 are vulnerable, and attackers with valid FreePBX credentials can exploit this weakness to achieve high-impact unauthorized access to confidential information and system integrity. No patch is currently available for affected deployments.

SQLi Freepbx
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25048 HIGH PATCH This Week

Denial of service in the mlc-ai xgrammar structured-generation library (versions prior to 0.1.32) allows remote attackers to crash the host process via deeply multi-level nested grammar syntax that triggers a segmentation fault (core dump). Because xgrammar is typically embedded in LLM inference servers to constrain model output, an attacker who can influence the grammar/schema passed to the engine can take the service offline. No public exploit identified at time of analysis, and EPSS exploitation probability is very low (0.06%), but the issue is fixed and has been picked up in multiple Red Hat advisories.

Information Disclosure Xgrammar
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-30795 HIGH This Week

RustDesk Client through version 1.4.5 transmits sensitive preset address book credentials in cleartext during heartbeat synchronization, enabling network eavesdropping attacks across Windows, macOS, Linux, iOS, and Android platforms. An attacker positioned to intercept network traffic can capture authentication credentials by sniffing the unencrypted JSON payload. No patch is currently available for this high-severity vulnerability (CVSS 8.7).

Apple Information Disclosure Microsoft Google Android +2
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-3598 HIGH This Week

RustDesk Server Pro through version 1.7.5 uses weak cryptographic algorithms in configuration string generation and web console export functions, enabling attackers to extract sensitive embedded data from exported configurations. This vulnerability affects Windows, macOS, and Linux deployments and requires no authentication or user interaction to exploit. No patch is currently available.

Information Disclosure Apple Microsoft Windows macOS
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-26125 HIGH PATCH This Week

Payment Orchestrator Service Elevation of Privilege Vulnerability [CVSS 8.6 HIGH]

Authentication Bypass Payment Orchestrator Service
NVD VulDB
CVSS 3.1
8.6
EPSS
0.1%
CVE-2026-22460 HIGH This Week

Path traversal in wpWax FormGent plugin versions up to 1.4.2 enables unauthenticated remote attackers to access files outside intended directories. The vulnerability requires no user interaction and can be exploited over the network to cause denial of service or potentially disclose sensitive information. No patch is currently available for this high-severity issue.

Path Traversal
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2026-28463 HIGH PATCH This Week

OpenClaw's exec-approvals feature validates command allowlists before shell expansion but fails to account for expansion during actual execution, enabling authorized users or attackers performing prompt injection to read arbitrary files through glob patterns and environment variables. This arbitrary file disclosure affects systems with host execution enabled in allowlist mode, potentially exposing sensitive data accessible to the gateway or node process. A patch is available to address this command injection vulnerability.

Command Injection Openclaw
NVD GitHub
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-28134 HIGH This Week

Remote code execution in Crocoblock JetEngine versions 3.7.2 and earlier allows authenticated attackers to execute arbitrary code through improper handling of code generation. An attacker with valid credentials can leverage this code injection vulnerability to achieve remote code inclusion and gain full control over affected WordPress installations. No patch is currently available, leaving all users of vulnerable JetEngine versions at risk.

Code Injection RCE
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2026-28133 HIGH This Week

Arbitrary file upload in Filr WordPress plugin versions ≤1.2.12 allows authenticated attackers with low privileges to upload web shells, achieving remote code execution with changed scope (S:C). Despite high CVSS 8.5, exploitation requires authentication and moderately complex conditions (AC:H). EPSS probability remains very low at 0.03% (10th percentile), and no active exploitation or public proof-of-concept has been identified. Patchstack disclosure indicates this is a targeted vulnerability requiring specific WordPress role permissions rather than mass-exploitable issue.

File Upload
NVD
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-27428 HIGH This Week

Eagle Booking plugin versions 1.3.4.3 and earlier contain an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries over the network. An attacker with user-level privileges can exploit this to extract sensitive data from the database or potentially modify application data, though no patch is currently available.

SQLi
NVD
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-27373 HIGH This Week

Essekia Tablesome versions up to 1.2.3 contain a blind SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries through improper input sanitization. An attacker with valid credentials can exploit this to extract sensitive data from the database, though no patch is currently available. The vulnerability has a CVSS score of 8.5 and requires network access with low attack complexity.

SQLi
NVD
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-28485 HIGH PATCH This Week

Openclaw versions up to 2026.2.12 is affected by missing authentication for critical function (CVSS 8.4).

Authentication Bypass RCE Openclaw
NVD GitHub
CVSS 3.1
8.4
EPSS
0.1%
CVE-2026-30792 HIGH This Week

Configuration tampering in RustDesk Client through 1.4.5 allows a network-positioned attacker to manipulate Application API messages exchanged between the client and its rendezvous/sync server, altering client strategy and configuration options. The flaw spans every supported platform (Windows, macOS, Linux, iOS, Android, WebClient) and stems from insecure handling in the Strategy merge loop and Config::set_options(), giving an MitM attacker the ability to silently rewrite client behavior. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.05% (16th percentile).

Apple Information Disclosure Microsoft Google Rustdesk
NVD VulDB
CVSS 4.0
8.3
EPSS
0.1%
CVE-2026-28451 HIGH PATCH This Week

OpenClaw versions before 2026.2.14 contain unprotected server-side request forgery flaws in the Feishu extension that enable remote attackers to access internal services and exfiltrate data without authentication. Attackers can exploit the sendMediaFeishu function and markdown image processing through direct manipulation or prompt injection to force the application to fetch attacker-controlled URLs and re-upload responses as Feishu media. A patch is available to remediate this network-accessible vulnerability affecting AI/ML deployments.

SSRF AI / ML Openclaw
NVD GitHub
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-28135 HIGH This Week

WP Royal Royal Elementor Addons royal-elementor-addons is affected by inclusion of functionality from untrusted control sphere (CVSS 8.2).

Information Disclosure
NVD VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-30790 HIGH This Week

Password brute-forcing weakness in RustDesk Server Pro through 1.7.5 and RustDesk Server (OSS) through 1.1.15 allows remote attackers to attack the peer authentication and API login modules without triggering rate limiting, while the SHA256(SHA256(pwd+salt)+challenge) construction provides insufficient computational cost to resist offline guessing. The flaw combines CWE-307 (missing throttling of authentication attempts) with weak password hashing on Windows, macOS, and Linux deployments, and no public exploit has been identified at time of analysis.

Information Disclosure Microsoft Apple Rustdesk Server
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-30785 HIGH This Week

RustDesk Client through version 1.4.5 on Windows, macOS, and Linux uses weak password hashing and improper object prototype handling in its password security and configuration encryption modules, allowing local authenticated attackers to extract embedded sensitive data including passwords and machine identifiers. The vulnerability affects critical cryptographic functions including symmetric_crypt() and decrypt_str_or_original(), enabling attackers with local access and valid credentials to compromise encrypted credentials and system identifiers. No patch is currently available.

Information Disclosure Microsoft Apple Windows macOS
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-3459 HIGH This Week

Unauthenticated attackers can upload arbitrary files to WordPress sites running the Drag and Drop Multiple File Upload - Contact Form 7 plugin through versions 1.3.7.3 due to insufficient file type validation when wildcard characters are configured in upload fields. Successful exploitation could enable remote code execution on the affected server. No patch is currently available.

WordPress RCE File Upload
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-28129 HIGH This Week

Local file inclusion in axiomthemes Little Birdies plugin version 1.3.16 and earlier enables unauthenticated remote attackers to read arbitrary files from the server through improper input validation on file inclusion parameters. An attacker can exploit this vulnerability to access sensitive configuration files, source code, or other data without authentication. No patch is currently available for this vulnerability.

PHP LFI Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.2%
Page 1 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy