Skip to main content
CVE-2026-21365 MEDIUM This Month

Memory disclosure in Substance 3D Painter 11.1.2 and earlier allows attackers to read sensitive data from process memory through an out-of-bounds read vulnerability. Exploitation requires user interaction, as victims must open a specially crafted malicious file. No patch is currently available for this vulnerability.

Buffer Overflow Information Disclosure Substance 3d Painter
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-27281 MEDIUM This Month

DNG SDK versions 1.7.1 and earlier contain an integer overflow vulnerability that allows local attackers to crash affected applications through specially crafted files. Exploitation requires user interaction, as victims must open a malicious file to trigger the denial-of-service condition. No patch is currently available for this vulnerability.

Integer Overflow Denial Of Service Dng Software Development Kit
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-27218 MEDIUM This Month

Substance 3D Painter versions 11.1.2 and earlier contain a null pointer dereference that allows local attackers to crash the application by tricking users into opening malicious files. This denial-of-service vulnerability requires user interaction but requires no elevated privileges to exploit. No patch is currently available for this medium-severity issue.

Null Pointer Dereference Denial Of Service Substance 3d Painter
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-27217 MEDIUM This Month

Substance 3D Painter versions 11.1.2 and earlier contain a null pointer dereference that enables local denial-of-service attacks when users open specially crafted files. An attacker can crash the application to disrupt workflow, though exploitation requires user interaction and no patch is currently available. The vulnerability has a moderate CVSS score of 5.5 with zero percent estimated exploitation probability.

Null Pointer Dereference Denial Of Service Substance 3d Painter
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-27215 MEDIUM This Month

Substance 3D Painter versions 11.1.2 and earlier contain a null pointer dereference vulnerability that allows local attackers to crash the application by convincing users to open a malicious file. This denial-of-service impact disrupts application availability, though no patch is currently available. User interaction is required for exploitation, and the vulnerability affects local attack scenarios only.

Null Pointer Dereference Denial Of Service Substance 3d Painter
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-27214 MEDIUM This Month

Denial-of-service in Substance 3D Painter 11.1.2 and earlier stems from improper null pointer handling that crashes the application when processing malicious files. An attacker can trigger this crash by tricking a user into opening a specially crafted file, temporarily disrupting the victim's workflow. No patch is currently available to address this vulnerability.

Null Pointer Dereference Denial Of Service Substance 3d Painter
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21364 MEDIUM This Month

Denial-of-service crashes in Adobe Substance 3D Painter versions 11.1.2 and earlier stem from a null pointer dereference vulnerability triggered when users open specially crafted files. An attacker can exploit this flaw to force application crashes and disrupt user workflows, though no patch is currently available. Exploitation requires social engineering to convince victims to open a malicious file.

Null Pointer Dereference Denial Of Service Substance 3d Painter
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21363 MEDIUM This Month

Substance 3D Painter versions 11.1.2 and earlier contain a null pointer dereference vulnerability that allows local attackers to crash the application by tricking users into opening a malicious file. This denial-of-service condition disrupts workflow for affected users, though no patch is currently available. The vulnerability requires user interaction and does not enable code execution or data compromise.

Null Pointer Dereference Denial Of Service Substance 3d Painter
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-30986 MEDIUM This Month

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by out-of-bounds read (CVSS 5.5).

Buffer Overflow Information Disclosure Iccdev
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-31826 MEDIUM PATCH This Month

pypdf is a free and open-source pure-python PDF library. versions up to 6.8.0 is affected by allocation of resources without limits or throttling.

Python Denial Of Service Pypdf Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-30936 MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur.

Buffer Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-31794 MEDIUM This Month

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by out-of-bounds read (CVSS 5.5).

Denial Of Service Buffer Overflow Information Disclosure Iccdev
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-31793 MEDIUM This Month

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by out-of-bounds read (CVSS 5.5).

Denial Of Service Buffer Overflow Information Disclosure Iccdev
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-30980 MEDIUM This Month

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by stack-based buffer overflow (CVSS 5.5).

Stack Overflow Buffer Overflow Iccdev
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-31802 MEDIUM PATCH This Month

node-tar is a full-featured Tar for Node.js.

Node.js Path Traversal Tar Red Hat
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-2266 MEDIUM This Month

DOM-based XSS in GitHub Enterprise Server prior to version 3.20 allows authenticated attackers to execute arbitrary JavaScript in other users' browsers by injecting malicious HTML through task list content in issues and pull requests. The vulnerability stems from improper input neutralization in the task list rendering logic, which fails to re-encode user-supplied content before display. An attacker with repository access could exploit this to steal session tokens or perform actions on behalf of other users.

Github XSS Enterprise Server
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-31832 MEDIUM PATCH This Month

Umbraco CMS versions 14.0.0 through 16.5.0 and 17.0.0-17.2.1 contain an authorization bypass in a backoffice API endpoint that allows authenticated editors to assign domain configurations to content nodes they lack permission to access. An attacker with valid credentials could exploit this to modify domain settings on restricted content, potentially affecting content visibility or routing. The vulnerability affects Umbraco deployments without patches 16.5.1 or 17.2.2 applied.

Authentication Bypass Umbraco Cms
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-36226 MEDIUM This Month

IBM Aspera Faspex 5 5.0.0 through 5.0.14.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. [CVSS 5.4 MEDIUM]

IBM XSS Aspera Faspex
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-13213 MEDIUM This Month

Aspera Orchestrator versions up to 4.1.2 contains a vulnerability that allows attackers to conduct various attacks against the vulnerable system, including cross-site scri (CVSS 5.4).

IBM XSS Aspera Orchestrator
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-36227 MEDIUM This Month

Aspera Faspex versions up to 5.0.14.3 contains a vulnerability that allows attackers to conduct various attacks against the vulnerable system, including cross-site scri (CVSS 5.4).

IBM XSS Aspera Faspex
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-30964 MEDIUM PATCH This Month

The webauthn-lib PHP library before version 5.2.4 incorrectly validates origin restrictions by comparing only hostname components, allowing attackers to bypass authentication policies that rely on scheme or port differentiation. This enables an attacker to authenticate from origins that should be blocked, such as using HTTP instead of HTTPS or non-standard ports. Applications using this library with strict origin policies are affected until they upgrade to the patched version.

PHP Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-30948 MEDIUM PATCH This Month

Parse Server versions prior to 9.5.2-alpha.4 and 8.6.17 allow authenticated users to upload SVG files containing malicious JavaScript that executes in the server's origin context due to missing content security headers, enabling attackers to steal session tokens and compromise user accounts. All deployments with file upload enabled for authenticated users are vulnerable by default, as the file extension filter blocks HTML but not SVG files. A patch is available in the specified versions.

Node.js XSS Parse Server
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-30927 MEDIUM PATCH This Month

Unauthorized event participation manipulation in Admidio prior to 5.0.6 allows authenticated users to register or cancel participation for other users by manipulating the user_uuid parameter in event functions. Any user with event participation privileges can exploit this to modify another user's event enrollment status without authorization. The vulnerability requires authentication and affects confidentiality through unauthorized modifications.

PHP Authentication Bypass Admidio
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2742 MEDIUM PATCH This Month

Authentication bypass in Vaadin framework (14.0.0-14.14.0, 23.0.0-23.6.x, and other ranges). The web application framework fails to properly enforce authentication on certain routes.

Authentication Bypass Java Red Hat
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2026-25185 MEDIUM PATCH This Month

Windows Shell Link Processing leaks sensitive information over the network in Windows Server 2012, 2019, and 2022, enabling remote spoofing attacks without authentication or user interaction. An unauthenticated attacker can exploit this information disclosure to conduct spoofing attacks against affected systems. No patch is currently available.

Information Disclosure Microsoft Windows Server 2022 23h2 Windows Server 2012 Windows Server 2022 +12
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-30885 MEDIUM PATCH This Month

WWBN AVideo is an open source video platform. versions up to 25.0 is affected by missing authentication for critical function.

PHP Authentication Bypass Avideo
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-48840 MEDIUM This Month

An authentication bypass by spoofing vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.8, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote unauthenticated attacker to bypass hostname restrictions via a specially crafted request. [CVSS 5.3 MEDIUM]

Fortinet Authentication Bypass Fortiweb
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-31821 MEDIUM PATCH This Month

Sylius eCommerce framework's cart API endpoint fails to validate cart ownership, allowing unauthenticated attackers to add items to other customers' shopping carts if they possess a valid cart token value. This integrity flaw affects registered users whose carts can be manipulated by external threat actors, potentially leading to fraudulent transactions or operational disruption. The vulnerability is unpatched in versions prior to 2.0.16, 2.1.12, and 2.2.3.

Authentication Bypass Sylius
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-30938 MEDIUM PATCH This Month

Parse Server versions prior to 8.6.12 and 9.5.1-alpha.1 allow attackers to bypass the requestKeywordDenylist security control by nesting prohibited keywords within objects or arrays in request payloads, enabling injection of restricted data into applications. This logic flaw affects all Parse Server deployments since the denylist is enabled by default, and custom keyword restrictions configured by developers are equally vulnerable to the same bypassing technique. Attackers can exploit this to inject malicious content or bypass access controls on any Parse Server instance.

Node.js Parse Server
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-31808 MEDIUM PATCH This Month

Denial of service in file-type library versions prior to 21.3.1 allows remote attackers to hang Node.js event loops by submitting malformed ASF (WMV/WMA) files that trigger infinite loops during file type detection. Applications using file-type to analyze untrusted input are vulnerable, with a minimal 55-byte payload sufficient to stall processing. No patch is currently available for affected Node.js and File Type products.

Node.js Denial Of Service File Type Red Hat
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28687 MEDIUM PATCH This Month

Heap use-after-free in ImageMagick's MSL decoder (versions before 7.1.2-16 and 6.9.13-41) allows remote attackers to trigger memory access violations via specially crafted MSL files, resulting in denial of service. The vulnerability requires no authentication or user interaction and affects systems processing untrusted image files. No patch is currently available for this MEDIUM severity issue.

Use After Free Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1920 MEDIUM This Month

The Booktics plugin for WordPress versions up to 1.0.16 lacks proper permission validation in its Extension_Controller function, allowing unauthenticated attackers to install arbitrary addon plugins and modify site data. This network-accessible vulnerability affects WordPress installations using the vulnerable plugin without requiring user interaction. No patch is currently available for this medium-severity vulnerability.

WordPress Authentication Bypass
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1919 MEDIUM This Month

Booktic versions up to 1.0.16. is affected by missing authentication for critical function (CVSS 5.3).

WordPress Authentication Bypass Information Disclosure
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-31815 MEDIUM PATCH This Month

Unicorn adds modern reactive component functionality to your Django templates. versions up to 0.67.0 is affected by improper access control (CVSS 5.3).

Python Authentication Bypass Unicorn
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-31825 MEDIUM PATCH This Month

Sylius eCommerce Framework versions prior to 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, and 2.2.3 are vulnerable to DQL injection through the ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter API endpoints, which fail to validate user-supplied order direction parameters before passing them to Doctrine. An unauthenticated remote attacker can inject arbitrary DQL queries to read sensitive data from the application database. No patch is currently available for this medium-severity vulnerability.

SQLi Sylius
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-70129 MEDIUM This Month

If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. [CVSS 5.3 MEDIUM]

Information Disclosure Pluxml
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-41711 MEDIUM This Month

An unauthenticated remote attacker can use firmware images to extract password hashes and brute force plaintext passwords of accounts with limited access. [CVSS 5.3 MEDIUM]

Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22628 MEDIUM This Month

Fortinet FortiSwitchAXFixed versions 1.0.0 through 1.0.1 contain an access control flaw that allows authenticated administrators to execute arbitrary system commands by uploading a malicious SSH configuration file. The vulnerability requires local access and valid admin credentials but poses a risk to organizations where admin accounts may be compromised or where insider threats are a concern. No patch is currently available.

Fortinet Authentication Bypass
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-23907 MEDIUM PATCH This Month

Apache PDFBox versions 2.0.24-2.0.35 and 3.0.0-3.0.6 contain a path traversal vulnerability in the ExtractEmbeddedFiles example that allows attackers to write files outside the intended extraction directory by manipulating embedded file names. Organizations that have integrated this example code into production systems are at risk of unauthorized file writes on the host system. No patch is currently available, requiring developers to manually implement path validation to ensure extracted files remain within the designated directory.

Apache Path Traversal Pdfbox Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-26330 MEDIUM This Month

Envoy proxy versions prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13 can be crashed by an authenticated attacker through improper state cleanup in the rate limit filter when both request and response phase limiting are enabled. When a response phase rate limit request fails, the gRPC client reuses stale internal state from the prior request phase, leading to a use-after-free condition that crashes the proxy. An attacker with network access and valid credentials can exploit this to cause a denial of service against Envoy instances.

Denial Of Service Envoy
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-23868 MEDIUM PATCH This Month

Giflib's image processing functions are vulnerable to denial of service through a double-free memory corruption flaw triggered during shallow copy operations in GifMakeSavedImage with improper error handling. Local attackers with crafted image files can crash applications using affected Giflib versions, though exploitation requires specific and difficult-to-achieve conditions. No patch is currently available.

Information Disclosure Giflib
NVD VulDB
CVSS 3.1
5.1
EPSS
0.0%
CVE-2026-24317 MEDIUM This Month

SAP GUI for Windows improperly loads DLL files from user-accessible directories, enabling arbitrary code execution when GuiXT is enabled. An attacker can exploit this by tricking a user into downloading a malicious DLL to a predictable location, resulting in code execution with the victim's privileges. No patch is currently available for this medium-severity vulnerability.

SAP Windows
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-27688 MEDIUM This Month

Unauthorized access to Database Analyzer Log Files in SAP NetWeaver Application Server for ABAP allows authenticated users to read sensitive database logs through an unprotected RFC function module. An attacker with standard user privileges and access to execute the affected module can bypass authorization checks to disclose confidential information, though system integrity and availability remain unaffected. No patch is currently available to remediate this authorization bypass vulnerability.

SAP Authentication Bypass Information Disclosure
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-24313 MEDIUM This Month

SAP Solution Tools Plug-In (ST-PI) exposes system information to authenticated users due to missing authorization validation in a function module. An attacker with valid credentials can bypass access controls to retrieve sensitive information about the SAP system without requiring user interaction.

SAP
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-28692 MEDIUM PATCH This Month

Heap over-read in ImageMagick's MAT decoder prior to versions 7.1.2-16 and 6.9.13-41 results from incorrect arithmetic parenthesization, allowing remote attackers to leak sensitive memory contents and cause denial of service through crafted MAT image files. The vulnerability requires no authentication or user interaction and affects systems using vulnerable ImageMagick versions for image processing. No patch is currently available, leaving users dependent on upgrading to patched versions when released.

Buffer Overflow Information Disclosure Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-53608 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated privileged attacker to execute code via crafted requests. [CVSS 4.8 MEDIUM]

Fortinet XSS Fortisandbox
NVD VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-31823 MEDIUM PATCH This Month

Stored XSS vulnerabilities in Sylius allow authenticated attackers with high privileges to inject malicious scripts through unsanitized entity names (taxons, products) that are rendered as raw HTML in breadcrumbs and admin interfaces. An attacker could craft malicious product or category names to execute arbitrary JavaScript in the browsers of shop visitors and administrators, potentially leading to session hijacking or credential theft. No patch is currently available for this medium-severity vulnerability.

XSS Sylius
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-29176 MEDIUM PATCH This Month

Stored XSS in Craft Commerce versions before 5.5.3 allows authenticated users with product editing permissions to inject malicious JavaScript through the Inventory Locations Name field, which executes when administrators view affected product variants. An attacker with these privileges can steal session tokens, modify product data, or perform other administrative actions within the application. A patch is available in version 5.5.3.

XSS Craft Commerce
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-3862 MEDIUM This Month

Cross-site Scripting (XSS) allows an attacker to submit specially crafted data to the application which is returned unaltered in the resulting web page.

XSS Symantec Siteminder
NVD VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-30974 MEDIUM PATCH This Month

Copyparty versions before 1.20.11 fail to apply the nohtml security restriction to SVG files, allowing authenticated users with write permissions to upload SVG images containing malicious JavaScript that executes when opened by other users. This cross-site scripting vulnerability bypasses the intended protection against JavaScript execution in user-uploaded content. The vulnerability has been patched in version 1.20.11.

XSS Copyparty
NVD GitHub VulDB
CVSS 3.1
4.6
EPSS
0.0%
Prev Page 7 of 8 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy