Skip to main content
CVE-2026-30855 HIGH POC PATCH This Week

Insufficient authorization checks in WeKnora's tenant management endpoints allow any authenticated user to read, modify, or delete arbitrary tenants, with public exploit code available. Since the application allows open registration, unauthenticated attackers can register an account and exploit this flaw to perform cross-tenant account takeover and data destruction. No patch is currently available for this high-severity vulnerability affecting WeKnora AI/ML framework versions prior to 0.3.2.

Authentication Bypass AI / ML Weknora Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3677 HIGH POC This Week

Stack overflow in Tenda FH451 firmware's setcfm function allows authenticated remote attackers to achieve complete system compromise through malicious funcname or funcpara1 parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects firmware version 1.0.0.9 and enables remote code execution with high impact to confidentiality, integrity, and availability.

Buffer Overflow Stack Overflow Fh451 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3679 HIGH POC This Week

Remote code execution in Tenda FH451 firmware via stack-based buffer overflow in the QuickIndex function allows unauthenticated attackers to execute arbitrary code by sending crafted requests with oversized PPPOEPassword parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires network access and affects firmware version 1.0.0.9 and potentially other versions.

Buffer Overflow Stack Overflow F451 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3678 HIGH POC This Week

Remote code execution in Tenda FH451 firmware via stack-based buffer overflow in the WAN configuration endpoint allows unauthenticated attackers to achieve full system compromise through malicious wanmode or PPPOEPassword parameters. Public exploit code exists for this vulnerability, and no patch is currently available. Stack Overflow products are also reported as affected.

Buffer Overflow Stack Overflow Fh451 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-30820 HIGH POC PATCH This Week

Privilege escalation in Flowise versions prior to 3.0.13 allows authenticated users to bypass API authorization by spoofing an internal request header, granting access to sensitive administrative functions including API key and credential management. Public exploit code exists for this vulnerability, and an attacker with valid tenant credentials can escalate to administrative privileges without additional authentication. No patch is currently available for affected deployments.

Authentication Bypass AI / ML Flowise
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-30840 HIGH POC PATCH This Week

Server-side request forgery in Wallos versions before 4.6.2 allows authenticated attackers to conduct arbitrary network requests through the notification tester functionality. An attacker with user privileges can exploit this to access internal services, retrieve sensitive data, or interact with backend systems on behalf of the server. Public exploit code exists for this vulnerability, though a patch is available in version 4.6.2.

SSRF Wallos
NVD GitHub
CVSS 3.0
8.8
EPSS
0.0%
CVE-2026-30823 HIGH POC PATCH This Week

Flowise versions up to 3.0.13 is affected by authorization bypass through user-controlled key (CVSS 8.8).

Authentication Bypass AI / ML Flowise
NVD GitHub
CVSS 3.0
8.8
EPSS
0.0%
CVE-2026-29786 HIGH POC PATCH This Week

Arbitrary file overwrite in node-tar before 7.5.10 lets a malicious tar archive write files outside the intended extraction directory on Windows by embedding a hardlink whose target uses a drive-relative path such as 'C:../target.txt'. The flaw triggers during ordinary tar.x() extraction, so any Node.js application that unpacks untrusted archives on Windows is exposed. Publicly available exploit code exists via the GitHub Security Advisory, though EPSS exploitation probability is very low (0.02%) and it is not listed in CISA KEV.

Node.js Tar Path Traversal
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-30851 HIGH POC PATCH This Week

Caddy versions 2.10.0 through 2.11.1 fail to strip client-supplied headers in the forward_auth copy_headers directive, enabling authenticated attackers to inject identity headers and escalate privileges. This authentication bypass vulnerability affects deployments relying on Caddy for request forwarding and has public exploit code available. The vulnerability requires valid authentication credentials but allows complete privilege elevation within affected systems.

TLS Privilege Escalation Caddy Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-30822 HIGH POC PATCH This Week

Flowise versions up to 3.0.13 is affected by improperly controlled modification of dynamically-determined object attributes (CVSS 7.7).

Code Injection AI / ML Flowise
NVD GitHub
CVSS 3.0
7.7
EPSS
0.1%
CVE-2026-30828 HIGH POC PATCH This Week

Path traversal in Wallos subscription tracker versions prior to 4.6.2 allows unauthenticated remote attackers to read arbitrary files from the hosting system via a malicious url parameter. Public exploit code exists for this vulnerability, which has a high severity CVSS score of 7.5. The vulnerability is patched in version 4.6.2 and later.

Path Traversal Wallos
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-30834 HIGH POC PATCH This Week

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. [CVSS 7.5 HIGH]

SSRF Pinchtab Chrome Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-30852 HIGH POC PATCH This Week

{env.DATABASE_URL} or {file./etc/passwd} into request headers, an unauthenticated attacker can leak sensitive system information. Public exploit code exists for this vulnerability, which is fixed in version 2.11.2.

TLS Caddy Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-30827 HIGH POC PATCH This Week

express-rate-limit versions 8.0.0 through 8.3.0 (excluding patched versions) collapse all IPv4 client traffic into a single rate-limit bucket due to incorrect IPv6 subnet masking of IPv4-mapped addresses, allowing any client to trigger denial of service for all other IPv4 users by exhausting the shared limit. Public exploit code exists for this vulnerability, affecting Node.js applications using the vulnerable middleware versions. Organizations should upgrade to versions 8.0.2, 8.1.1, 8.2.2, or 8.3.0 immediately.

Node.js Express Rate Limit Red Hat
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24281 HIGH POC PATCH This Week

Hostname verification bypass in Apache ZooKeeper's ZKTrustManager allows attackers with a valid certificate trusted by the server to impersonate ZooKeeper nodes by exploiting fallback to reverse DNS validation when IP SAN checks fail. An attacker controlling or spoofing PTR records can intercept and forge communications between ZooKeeper servers and clients, compromising confidentiality and integrity of the cluster. No patch is currently available; mitigation requires upgrading to ZooKeeper 3.8.6 or 3.9.5 or disabling reverse DNS lookup via configuration.

Apache Zookeeper Information Disclosure
NVD VulDB GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-29778 HIGH POC PATCH GHSA This Week

Path traversal in pyLoad versions 0.5.0b3.dev13 through 0.5.0b3.dev96 allows authenticated attackers to manipulate package folder locations through insufficient sanitization of the pack_folder parameter, bypassing directory traversal protections with recursive sequences. An attacker can exploit this to write files outside intended directories, causing data integrity issues and potential denial of service. Public exploit code exists for this vulnerability and no patch is currently available.

Python Pyload Ng
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-8899 HIGH This Week

The Paid Videochat Turnkey Site - HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisper_register_form() function not restricting user roles that can be set during registration. This makes it possible for authenticated attackers, with Author-level access and above, to create posts/pages with the registration form and administrator set as the role and subsequently use that form to register an a...

WordPress Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-29771 HIGH PATCH This Week

Denial of service in Gravitl Netmaker prior to 1.2.0 allows any remote unauthenticated attacker to terminate the server process by calling the unprotected /api/server/shutdown endpoint, which issues a SIGINT to the running process. Because the service restarts in roughly three seconds, attackers can loop the request to sustain a cyclic outage of the WireGuard-based overlay network. No public exploit identified at time of analysis and EPSS is low (0.04%), but the trivial nature of the request makes opportunistic abuse plausible once exposure is known.

Denial Of Service Netmaker
NVD GitHub
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-29193 HIGH PATCH This Week

ZITADEL is an open source identity management platform. [CVSS 8.2 HIGH]

Authentication Bypass Zitadel Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-29194 HIGH PATCH This Week

Netmaker versions prior to 1.5.0 fail to properly validate host JWT tokens during authorization, allowing any attacker with knowledge of target object identifiers to bypass access controls and read, modify, or delete resources across different hosts. The vulnerability affects critical operations including node management, host deletion, and failover configurations, requiring only a valid host token and network access to exploit. Update to version 1.5.0 or later to remediate.

Wireguard Netmaker Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-28678 HIGH PATCH This Week

DSA Study Hub stores JWT authentication tokens in unencrypted HTTP cookies, allowing attackers to extract and replay user credentials to gain unauthorized access to accounts. An unauthenticated remote attacker can intercept these tokens through network traffic analysis or client-side inspection to impersonate legitimate users. A patch is available in commit d527fba and should be applied immediately.

Information Disclosure Dsa Study Hub
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-29067 HIGH PATCH This Week

ZITADEL versions 4.0.0-rc.1 through 4.7.0 are vulnerable to open redirect attacks through improper validation of the Forwarded and X-Forwarded-Host headers used in password reset links. An attacker can craft a malicious request to redirect users to an attacker-controlled domain when they click password reset confirmation links, enabling credential harvesting or phishing attacks. The vulnerability affects all deployments using affected versions and has been patched in version 4.7.1.

Open Redirect Zitadel
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-29192 HIGH PATCH This Week

Account takeover in Zitadel versions 4.0.0 through 4.11.1 is possible through improper redirect URI validation in the login V2 interface, allowing attackers with high privileges to compromise user accounts. This cross-site scripting vulnerability affects organizations using the vulnerable Zitadel identity management platform and has been resolved in version 4.12.0.

XSS Zitadel Suse
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-25071 HIGH This Week

Unauthenticated remote attackers can download sensitive configuration files from ZikeStor SKS8310-8X network switches (firmware 1.04.B07 and earlier) via an unprotected /switch_config.src endpoint, exposing VLAN settings and IP addressing details without requiring credentials. This HIGH severity vulnerability (CVSS 7.5) affects confidentiality of device configurations and currently has no available patch.

Authentication Bypass Zikestor Sks8310 8x Firmware
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-2020 HIGH This Week

PHP object injection in the JS Archive List WordPress plugin (versions up to 6.1.7) allows authenticated contributors and above to deserialize untrusted data through the shortcode 'included' parameter. While no direct exploitation path exists in the plugin itself, attackers could leverage gadget chains from other installed plugins or themes to achieve arbitrary file deletion, information disclosure, or remote code execution. A patch is not currently available.

WordPress PHP Deserialization Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-14353 HIGH This Week

ZIP Code Based Content Protection (WordPress plugin) versions up to 1.0.2 is affected by sql injection (CVSS 7.5).

WordPress SQLi
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-29779 HIGH PATCH This Week

UptimeFlare's configuration management fails to segregate server-only sensitive data from client-side code, causing the workerConfig object containing confidential settings to be exposed in the JavaScript bundle delivered to all website visitors. This information disclosure allows attackers to view sensitive configuration details without authentication. The vulnerability affects UptimeFlare instances prior to commit 377a596 and has been patched.

Information Disclosure Uptimeflare
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-29784 HIGH PATCH This Week

Cross-site request forgery (CSRF) in Ghost CMS versions 5.101.6 through 6.19.2 permits attackers to reuse one-time codes across different login sessions via the /session/verify endpoint, potentially enabling account takeover through phishing attacks. The vulnerability affects Ghost deployments on Node.js and related platforms, requiring no user authentication but relying on user interaction. A patch is available in Ghost version 6.19.3 and later.

Node.js CSRF Ghost
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24308 HIGH PATCH This Week

Apache ZooKeeper 3.8.5 and 3.9.4 improperly log sensitive client configuration data at INFO level, allowing unauthenticated remote attackers to extract credentials and other confidential information from application logfiles. The vulnerability affects all platforms and requires no user interaction or special privileges to exploit. No patch is currently available, leaving vulnerable deployments exposed until upgrades to versions 3.8.6 or 3.9.5 are deployed.

Apache Zookeeper Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-2219 HIGH PATCH This Week

dpkg-deb fails to properly validate zstd-compressed .deb archives during decompression, allowing unauthenticated remote attackers to trigger infinite loops that exhaust CPU resources on Debian systems. This denial of service condition affects the package management system without requiring user interaction or elevated privileges. No patch is currently available for this vulnerability.

Debian Denial Of Service
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-14675 HIGH PATCH This Week

The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_delete_file' function in all versions up to, and including, 5.11.1. [CVSS 7.2 HIGH]

WordPress PHP RCE Path Traversal
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2026-1074 HIGH This Week

Unauthenticated attackers can inject malicious scripts into WordPress sites running the WP App Bar plugin (versions up to 1.5) through the 'app-bar-features' parameter due to missing input validation and authorization checks. When site administrators access the plugin's settings page, the stored payload executes in their browser, enabling credential theft or unauthorized actions. No patch is currently available for this vulnerability.

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-3352 HIGH This Week

Arbitrary PHP code execution in the Easy PHP Settings WordPress plugin through versions 1.0.4 allows authenticated administrators to inject malicious code via inadequately sanitized memory limit configuration parameters that bypass quote filtering in wp-config.php. An attacker with administrator privileges can exploit insufficient input validation in the `update_wp_memory_constants()` method to break out of PHP string context and execute arbitrary commands that execute on every page request. No patch is currently available for this high-severity vulnerability.

WordPress PHP Code Injection RCE
NVD
CVSS 3.1
7.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy