Skip to main content
CVE-2026-29059 MEDIUM POC This Month

{workspace}/jobs_u/get_log_file/{filename})".

Path Traversal Windmill
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2018-25184 MEDIUM POC This Month

Surreal ToDo 0.6.1.2 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the content parameter. [CVSS 6.2 MEDIUM]

PHP Path Traversal
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25177 MEDIUM POC This Month

Data Center Audit 2.6.2 contains a cross-site request forgery vulnerability that allows attackers to reset administrator passwords without authentication by submitting crafted POST requests. [CVSS 5.3 MEDIUM]

PHP CSRF
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25174 MEDIUM POC This Month

ABC ERP 0.6.4 contains a cross-site request forgery vulnerability that allows attackers to modify administrator credentials by submitting forged requests to _configurar_perfil.php. [CVSS 5.3 MEDIUM]

PHP CSRF
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25198 MEDIUM POC This Month

eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying oversized input buffers. Attackers can create a payload file containing 255 bytes of data that triggers a buffer overflow condition when processed by the application. [CVSS 6.2 MEDIUM]

Buffer Overflow Denial Of Service Memory Corruption
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-30233 MEDIUM POC PATCH This Month

OliveTin prior to version 3000.11.1 fails to enforce view permission checks on dashboard and API endpoints, allowing authenticated users to enumerate action bindings, titles, IDs, icons, and argument metadata despite having restricted access. While command execution remains properly denied, this information disclosure enables attackers to map available actions and their configurations. Public exploit code exists for this medium-severity vulnerability, and a patch is available.

Information Disclosure Olivetin Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28685 MEDIUM POC PATCH This Month

Kimai versions prior to 2.51.0 lack proper customer-level access controls in the invoice API endpoint, allowing any user with the TEAMLEAD role to enumerate and read all invoices across the entire system regardless of customer ownership. Public exploit code exists for this authorization bypass vulnerability, which can lead to unauthorized disclosure of sensitive financial and customer data. A patch is available in version 2.51.0 and should be applied immediately.

Authentication Bypass Kimai
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25877 MEDIUM POC This Month

Chartbrew versions before 4.8.1 fail to validate chart ownership during modification operations, allowing authenticated users to read, modify, or delete charts from other projects they shouldn't access. An attacker with valid credentials to any project can exploit this authorization bypass to manipulate arbitrary charts across the application. Public exploit code exists for this vulnerability, and no patch is currently available.

Authentication Bypass Chartbrew
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27605 MEDIUM POC This Month

Chartbrew versions prior to 4.8.4 allow authenticated users to upload arbitrary files by bypassing file type validation, enabling stored XSS attacks through malicious HTML files served from the uploads directory. An attacker can exploit this to steal authentication tokens stored in localStorage and achieve account takeover. Public exploit code exists for this vulnerability, and no patch is currently available.

XSS Chartbrew
NVD GitHub
CVSS 3.1
6.3
EPSS
0.1%
CVE-2026-26017 MEDIUM POC PATCH This Month

CoreDNS versions prior to 1.14.2 allow authenticated attackers to bypass DNS access controls through a Time-of-Check Time-of-Use race condition in the plugin execution chain, where the rewrite plugin processes requests after security plugins like ACL have already validated them. An attacker with network access can exploit this logical flaw to access DNS records that should be restricted by configured access control policies. No patch is currently available for affected deployments.

Coredns Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-69652 MEDIUM POC PATCH This Month

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. [CVSS 6.2 MEDIUM]

Memory Corruption Denial Of Service Binutils Red Hat Suse
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-30238 MEDIUM POC This Month

Reflected cross-site scripting in GroupOffice versions before 6.8.155, 25.0.88, and 26.0.10 allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious code through the Base64-encoded f parameter. The vulnerability exists in the external/index flow where user input is decoded and inserted into inline JavaScript without proper sanitization. Public exploit code exists for this vulnerability.

XSS Group Office
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-29038 MEDIUM POC PATCH This Month

Reflected XSS in changedetection.io versions prior to 0.54.4 allows unauthenticated remote attackers to inject malicious JavaScript through the /rss/tag/ endpoint via an unescaped tag_uuid parameter, enabling session hijacking or credential theft when victims visit crafted links. The vulnerability requires user interaction to trigger and affects the Flask-based application with public exploit code available. Users should upgrade to version 0.54.4 or later immediately.

Flask XSS Changedetection
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-30237 MEDIUM POC This Month

Reflected cross-site scripting in GroupOffice installer versions prior to 6.8.155, 25.0.88, and 26.0.10 allows unauthenticated attackers to inject arbitrary scripts through the license parameter in install/license.php. Public exploit code exists for this vulnerability, enabling attackers to execute malicious JavaScript in users' browsers with moderate impact to confidentiality and integrity. The vulnerability requires user interaction and affects the web-accessible installation endpoint.

PHP XSS Group Office
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-30227 MEDIUM POC PATCH This Month

Mimekit versions up to 4.15.1 contains a vulnerability that allows attackers to embed \r\n into the SMTP envelope address local-part (when the local-part is a q (CVSS 5.3).

Command Injection Mimekit
NVD GitHub
CVSS 3.1
5.3
EPSS
1.7%
CVE-2025-69651 MEDIUM POC PATCH This Month

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain partially uninitialized. [CVSS 5.5 MEDIUM]

Memory Corruption Denial Of Service Binutils Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-30224 MEDIUM POC PATCH This Month

OliveTin prior to version 3000.11.1 fails to invalidate server-side sessions upon user logout, allowing attackers with a stolen session cookie to maintain authenticated access even after the legitimate user logs out. The vulnerability persists because browser cookies are cleared while the corresponding server session remains valid for approximately one year by default. Public exploit code exists for this session management bypass.

Authentication Bypass Olivetin Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-30225 MEDIUM POC PATCH This Month

OliveTin versions prior to 3000.11.1 contain an authentication bypass in RestartAction that allows authenticated users to execute shell commands beyond their assigned permissions. The vulnerability stems from improper request context handling that causes the system to fall back to guest user privileges, which may have broader access than the authenticated caller. Public exploit code exists for this medium-severity flaw that enables privilege escalation and unauthorized command execution.

Privilege Escalation Olivetin Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2018-25168 MEDIUM POC This Month

Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. [CVSS 4.3 MEDIUM]

CSRF File Upload
NVD Exploit-DB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2018-25200 MEDIUM POC This Month

OOP CMS BLOG 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by crafting malicious POST requests. [CVSS 5.3 MEDIUM]

PHP CSRF Php Oop Cms Blog
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2018-25190 MEDIUM POC This Month

Easyndexer 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative accounts by submitting forged POST requests. [CVSS 5.3 MEDIUM]

PHP CSRF
NVD Exploit-DB VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2018-25186 MEDIUM POC This Month

Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. [CVSS 5.3 MEDIUM]

CSRF
NVD Exploit-DB VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-27764 MEDIUM This Month

WebSocket session handling in charging station backends allows multiple connections to use identical session identifiers, enabling attackers to hijack active sessions and impersonate legitimate stations without authentication. An adversary can intercept backend commands intended for a target charging station or launch denial-of-service attacks by flooding the backend with spoofed session requests. This vulnerability affects any system relying on this WebSocket implementation and currently lacks an available patch.

Authentication Bypass Mobiliti E Mobi Hu
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-20748 MEDIUM This Month

WebSocket session management in charging station backends allows multiple connections using identical session identifiers, enabling attackers to hijack legitimate sessions and intercept commands or impersonate authorized stations. Unauthenticated remote attackers can exploit this predictable identifier scheme to displace active connections, redirect backend communications, or launch denial-of-service attacks against the charging infrastructure. The vulnerability affects any deployment relying on this WebSocket backend without an available patch.

Authentication Bypass Api Everon Io
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-24912 MEDIUM This Month

WebSocket session handling in charging station backends accepts duplicate session identifiers, allowing attackers to hijack active sessions and intercept commands intended for legitimate stations or impersonate authenticated users. An unauthenticated remote attacker can exploit this predictable session management to displace legitimate connections, redirect backend communications, or launch denial-of-service attacks by flooding the system with valid session requests. No patch is currently available.

Authentication Bypass Epower Ie
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-28801 MEDIUM This Month

Natro Macro versions prior to 1.1.0 execute arbitrary AutoHotkey code embedded in shared pattern and path files, allowing attackers to achieve code execution with the privileges of the logged-in user. Since these configuration files are commonly distributed among users, malicious actors can inject code that executes silently in the background alongside legitimate macro functionality. The vulnerability affects users who load untrusted pattern or path files from external sources.

RCE Code Injection Natro Macro
NVD GitHub
CVSS 3.1
6.6
EPSS
0.0%
CVE-2026-27777 MEDIUM This Month

Charging station authentication credentials are exposed through publicly accessible web-based mapping platforms, allowing unauthenticated remote attackers to obtain valid authentication identifiers. An attacker with these credentials could gain unauthorized access to charging station networks and potentially manipulate charging operations or access connected infrastructure. No patch is currently available for this vulnerability.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-27770 MEDIUM This Month

Charging station authentication credentials are exposed through public web-based mapping platforms, allowing unauthenticated remote attackers to obtain sensitive authentication identifiers. This exposure enables attackers to potentially gain unauthorized access to charging infrastructure and associated systems. No patch is currently available for this vulnerability.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-27027 MEDIUM This Month

Charging station authentication credentials are exposed through publicly accessible web-based mapping platforms, allowing unauthenticated remote attackers to obtain sensitive authentication identifiers. An attacker with these credentials could potentially gain unauthorized access to charging infrastructure management systems or perform unauthorized operations on affected stations. No patch is currently available for this vulnerability.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25962 MEDIUM This Month

Unrestricted zip file extraction in MarkUs prior to version 2.9.4 allows authenticated users to trigger denial of service through resource exhaustion by uploading specially crafted archives with excessive file counts or sizes. Instructors and students can exploit this during assignment configuration uploads or submission handling to consume server resources and impact system availability. No patch is currently available for affected installations.

Information Disclosure Markus
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28715 MEDIUM This Month

Improper authorization checks in Acronis Cyber Protect 17 (Linux and Windows) before build 41186 allow authenticated users to access sensitive information they should not have permission to view. An attacker with valid credentials can exploit this vulnerability to disclose confidential data without performing any additional actions. No patch is currently available for this medium-severity issue.

Linux Windows Information Disclosure Cyber Protect
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-30847 MEDIUM PATCH This Month

Wekan is an open source kanban tool built with Meteor. [CVSS 6.5 MEDIUM]

React Wekan
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-30843 MEDIUM PATCH This Month

Wekan versions 8.32 and 8.33 allow authenticated users to modify custom fields across any board due to insufficient access validation in the custom fields API endpoints. An attacker with access to one board can exploit this Insecure Direct Object Reference vulnerability to manipulate custom fields on other boards by supplying foreign field IDs. A patch is available to address this authorization bypass.

Authentication Bypass Wekan
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-69653 MEDIUM This Month

A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 (2025-12-11), in file gc_decref_child in quickjs.c, when executed with the qjs interpreter using the -m option. [CVSS 6.5 MEDIUM]

Denial Of Service Quickjs
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28800 MEDIUM This Month

Natro Macro versions prior to 1.1.0 allow any user with message permissions in a Discord channel where Remote Control is enabled to execute arbitrary commands on affected systems, including keyboard and mouse control and unrestricted file access. The vulnerability stems from improper access controls on the remote control feature when configured in non-private channels. No patch is currently available for affected versions.

Path Traversal Natro Macro
NVD GitHub
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-28682 MEDIUM PATCH This Month

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. [CVSS 6.4 MEDIUM]

Information Disclosure Gokapi Suse
NVD GitHub
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-28509 MEDIUM This Month

LangBot is a global IM bot platform designed for LLMs. versions up to 4.8.7 is affected by cross-site scripting (xss) (CVSS 6.3).

XSS AI / ML Langbot
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-28712 MEDIUM This Month

Acronis Cyber Protect 17 for Windows before build 41186 is vulnerable to local privilege escalation through DLL hijacking, allowing authenticated attackers to escalate privileges on affected systems. An attacker with local access and low privileges can exploit this vulnerability to gain higher-level permissions without user interaction. No patch is currently available for this vulnerability.

Windows Privilege Escalation Cyber Protect
NVD
CVSS 3.0
6.3
EPSS
0.0%
CVE-2026-28711 MEDIUM This Month

Acronis Cyber Protect 17 before build 41186 on Windows is vulnerable to local privilege escalation through DLL hijacking, allowing authenticated users to gain elevated system privileges. An attacker with local access and low privileges can exploit this weakness to execute code with higher permissions. No patch is currently available for this issue.

Windows Privilege Escalation Cyber Protect
NVD
CVSS 3.0
6.3
EPSS
0.0%
CVE-2026-2830 MEDIUM This Month

Reflected cross-site scripting in WP All Import plugin versions up to 4.0.0 allows unauthenticated attackers to inject malicious scripts through the 'filepath' parameter due to improper input validation and output encoding. Successful exploitation requires tricking users into clicking a specially crafted link, after which arbitrary JavaScript executes in their browser session. A patch is not currently available.

WordPress XSS Code Injection Google RCE
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-27142 MEDIUM PATCH This Month

HTML meta tags with http-equiv="refresh" attributes fail to properly escape URLs inserted through certain actions, enabling cross-site scripting (XSS) attacks against applications using this functionality. An unauthenticated attacker can exploit this to execute arbitrary JavaScript in users' browsers by crafting malicious URLs. No patch is currently available, though a GODEBUG setting (htmlmetacontenturlescape=0) can be configured as a temporary mitigation.

XSS Go
NVD VulDB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-29048 MEDIUM PATCH This Month

Cross-site scripting in HumHub 1.18.0's Button component allows unauthenticated attackers to inject and execute malicious scripts in users' browsers through inconsistent output encoding. Affected users could have their sessions compromised or be redirected to malicious content without any user interaction beyond visiting a crafted page. A patch is available in version 1.18.1.

XSS Humhub
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-30231 MEDIUM This Month

Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to version 1.7.2, the raw and direct file routes only block unauthenticated users from accessing private files. Any authenticated, non‑owner user who knows the file URL can retrieve the content, which is inconsistent with stricter checks used by other endpoints. This issue has been patched...

Authentication Bypass Red Hat
NVD GitHub
CVSS 4.0
6.0
EPSS
0.1%
CVE-2024-35644 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2. [CVSS 5.9 MEDIUM]

XSS
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-27138 MEDIUM PATCH This Month

DNS certificate verification can crash in systems handling X.509 certificate chains when processing certificates with empty DNS names paired with excluded name constraints, affecting applications performing direct certificate validation or using TLS. This denial of service condition requires no authentication or user interaction but depends on specific certificate chain configurations. No patch is currently available for this vulnerability.

Denial Of Service Go
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-69646 MEDIUM PATCH This Month

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. [CVSS 5.5 MEDIUM]

Denial Of Service Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-69645 MEDIUM PATCH This Month

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. [CVSS 5.5 MEDIUM]

Denial Of Service Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-28725 MEDIUM This Month

Acronis Cyber Protect 17 on Linux and Windows (before build 41186) exposes sensitive information through insecure headless browser configuration, allowing local authenticated users to read confidential data without modifying or disrupting system operations. The vulnerability requires local access and valid credentials but poses a direct confidentiality risk to organizations using affected versions. No patch is currently available.

Information Disclosure Cyber Protect Windows
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2025-59540 MEDIUM This Month

Chamilo is a learning management system. Prior to version 1.11.34, a stored XSS vulnerability exists in Chamilo LMS that allows a staff account to execute arbitrary JavaScript in the browser of higher-privileged admin users. [CVSS 5.4 MEDIUM]

XSS Chamilo Lms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-29061 MEDIUM PATCH This Month

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. [CVSS 5.4 MEDIUM]

Privilege Escalation Gokapi Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy