Skip to main content
CVE-2026-31892 HIGH POC PATCH This Week

Authorization bypass in Argo Workflows (2.9.0 through 4.0.1 and 3.7.x before 3.7.11) lets any user permitted to submit Workflows override admin-defined WorkflowTemplate security controls by attaching a podSpecPatch to their submission. Because podSpecPatch is merged with Workflow-spec precedence and applied to the pod with no security validation, even controllers locked down with templateReferencing: Strict can be circumvented to run arbitrary pod settings such as privileged: true. Publicly available exploit code exists, but EPSS is low (0.04%) and it is not in CISA KEV.

Kubernetes Authentication Bypass Argo Workflows
NVD GitHub VulDB
CVSS 4.0
8.9
EPSS
0.0%
CVE-2019-25486 HIGH POC This Week

Varient 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_id parameter. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB VulDB
CVSS 4.0
8.8
EPSS
0.2%
CVE-2019-25465 HIGH POC This Week

Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin directory. [CVSS 7.5 HIGH]

Path Traversal
NVD Exploit-DB VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2019-25480 HIGH POC This Week

ARMBot contains an unrestricted file upload vulnerability in upload.php that allows unauthenticated attackers to upload arbitrary files by manipulating the file parameter with path traversal sequences. [CVSS 7.5 HIGH]

PHP RCE Path Traversal File Upload
NVD Exploit-DB VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2019-25478 HIGH POC This Week

GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service Memory Corruption
NVD Exploit-DB VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2019-25470 HIGH POC This Week

eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. [CVSS 7.5 HIGH]

Authentication Bypass
NVD Exploit-DB VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2019-25466 HIGH POC This Week

Easy File Sharing Web Server 7.2 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by creating a malicious username. [CVSS 8.4 HIGH]

Buffer Overflow Memory Corruption RCE
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2019-25483 HIGH POC This Week

Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $( ). [CVSS 8.4 HIGH]

Authentication Bypass
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2019-25467 HIGH POC This Week

Verypdf docPrint Pro 8.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized alphanumeric encoded payload in the User Password or Master Password fields. [CVSS 8.4 HIGH]

Buffer Overflow Memory Corruption RCE
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-2413 HIGH POC This Week

Unauthenticated attackers can extract sensitive database information from WordPress sites running the Ally plugin (versions up to 4.0.3) through SQL injection in the URL parameter handling of the Remediation module. The vulnerability exists because user input is insufficiently sanitized before being concatenated into SQL queries, allowing time-based blind SQL injection attacks despite URL escaping being applied. No patch is currently available.

WordPress SQLi
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-3805 HIGH POC PATCH This Week

Curl's SMB implementation contains a use-after-free vulnerability that causes denial of service when processing consecutive requests to the same host, as the library incorrectly dereferences freed memory on subsequent connections. Public exploit code exists for this vulnerability affecting Curl installations. An attacker can crash Curl-based applications or services by triggering multiple SMB requests, though remote code execution is not possible due to the nature of the memory corruption.

Use After Free Curl Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-28229 HIGH POC PATCH This Week

Information disclosure in Argo Workflows before 4.0.2 and 3.7.11 lets any unauthenticated client read WorkflowTemplates and ClusterWorkflowTemplates by sending a bogus 'Authorization: Bearer nothing' token, leaking embedded Secret manifests and other sensitive template content. The CVSS 3.1 base score is 7.5 (confidentiality-only, network, no privileges) and publicly available exploit code exists, though EPSS is very low (0.04%) and it is not in CISA KEV, indicating no confirmed widespread exploitation yet.

Kubernetes Authentication Bypass Argo Workflows
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2019-25472 HIGH POC This Week

IntelBras Telefone IP TIP200 and 200 LITE contain an unauthenticated arbitrary file read vulnerability in the dumpConfigFile function accessible via the cgiServer.exx endpoint. [CVSS 7.5 HIGH]

Information Disclosure
NVD Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-31889 HIGH PATCH This Week

Shopware versions before 6.6.10.15 and 6.7.8.1 contain an authentication bypass in the app registration flow that allows attackers to hijack the communication channel between a shop and third-party apps by re-registering with a controlled domain without domain ownership verification. An attacker with knowledge of the app secret can redirect app traffic and intercept API credentials intended for legitimate shops. This vulnerability affects all Shopware installations using the legacy app registration mechanism and currently has no available patch.

Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
8.9
EPSS
0.1%
CVE-2026-32060 HIGH PATCH This Week

OpenClaw versions before 2026.2.14 allow authenticated attackers to bypass filesystem restrictions in the apply_patch function through path traversal, enabling arbitrary file write and deletion operations outside the intended workspace. The vulnerability requires an authenticated user but no additional user interaction, and affects systems with apply_patch enabled without sandbox containment. No patch is currently available.

Path Traversal Openclaw
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-31857 HIGH PATCH This Week

Remote code execution in Craft CMS 5 allows authenticated Control Panel users with basic access (including non-admin roles like Author or Editor) to execute arbitrary code by injecting malicious Twig templates through condition rule parameters. The vulnerability exploits an unsandboxed template rendering function that bypasses all security hardening settings, affecting versions prior to 5.9.9 and 4.17.4. No patch is currently available for this HIGH severity vulnerability.

RCE Code Injection Craft Cms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-23814 HIGH This Week

Authenticated remote attackers can execute arbitrary commands through malformed parameters in AOS-CX CLI commands, achieving remote code execution with high integrity and confidentiality impact. The vulnerability affects low-privileged users on networked systems and requires no user interaction to exploit. No patch is currently available for this command injection flaw.

Command Injection
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-13067 HIGH This Week

Royal Addons for Elementor (WordPress plugin) versions up to 1.7.1049. is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress PHP RCE File Upload
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-32097 HIGH This Week

Authenticated users in PingPong versions prior to 7.27.2 can access and delete files beyond their authorization scope, potentially exposing or removing private user files and model outputs. An attacker with valid credentials and thread access can exploit improper access controls to retrieve or delete sensitive data belonging to other users. No patch is currently available for this high-severity vulnerability affecting the AI/ML teaching platform.

Authentication Bypass AI / ML Pingpong
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-1992 HIGH This Week

Arbitrary plugin installation and remote code execution in ExactMetrics WordPress plugin versions 8.6.0-9.0.2 allows authenticated users with report-viewing permissions to bypass administrative capability checks via parameter manipulation. An attacker can exploit an Insecure Direct Object Reference in the onboarding process to install malicious plugins and execute arbitrary code on vulnerable WordPress installations. This vulnerability requires the site administrator to have previously granted non-admin users report access permissions.

WordPress RCE Authentication Bypass Google
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-32059 HIGH PATCH This Week

OpenClaw version 2026.2.22-2 versions up to 2026.2.23 is affected by incorrect authorization (CVSS 8.8).

Authentication Bypass Openclaw
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-31854 HIGH This Week

Cursor is a code editor built for programming with AI. versions up to 2.0 is affected by os command injection.

Command Injection Cursor
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-31861 HIGH PATCH This Week

Arbitrary OS command execution in Cloud CLI versions prior to 1.24.0 allows authenticated users to inject malicious commands through improperly sanitized git configuration parameters passed to shell execution functions. The /api/user/git-config endpoint fails to properly escape bash metacharacters like backticks and $() substitutions, enabling attackers to execute arbitrary operating system commands with application privileges. No patch is currently available for affected deployments.

RCE Code Injection Cloud Cli
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-1993 HIGH This Week

Privilege escalation in ExactMetrics WordPress plugin versions 7.1.0-9.0.2 allows authenticated users with the `exactmetrics_save_settings` capability to modify any plugin configuration without restrictions, potentially escalating themselves to administrative access. An attacker could exploit the missing input validation in the `update_settings()` function to grant plugin permissions to arbitrary user roles, including subscribers, effectively bypassing intended access controls. No patch is currently available for this vulnerability.

WordPress Privilege Escalation Google
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3926 HIGH PATCH This Week

Out of bounds read in V8 in Google Chrome versions up to 146.0.7680.71 is affected by out-of-bounds read (CVSS 8.8).

Information Disclosure Buffer Overflow Chrome Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3922 HIGH PATCH This Week

Use after free in MediaStream in Google Chrome versions up to 146.0.7680.71 is affected by use after free (CVSS 8.8).

Google Use After Free Denial Of Service Memory Corruption Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3921 HIGH PATCH This Week

Use after free in TextEncoding in Google Chrome versions up to 146.0.7680.71 is affected by use after free (CVSS 8.8).

Google Use After Free Denial Of Service Memory Corruption Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3917 HIGH PATCH This Week

Use after free in Agents in Google Chrome versions up to 146.0.7680.71 is affected by use after free (CVSS 8.8).

Google Use After Free Denial Of Service Memory Corruption Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-20040 HIGH This Week

Insufficient CLI argument validation in Cisco IOS XR Software enables authenticated local attackers to achieve root-level code execution through crafted commands. An attacker with low-privileged account access can exploit this vulnerability to bypass privilege restrictions and execute arbitrary commands on the affected device's underlying operating system. No patch is currently available for this high-severity vulnerability.

Cisco Apple Command Injection Ios Xr
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3936 HIGH PATCH This Week

Use after free in WebView in Google Chrome on Android versions up to 146.0.7680.71 is affected by use after free (CVSS 8.8).

Google Use After Free Memory Corruption Denial Of Service Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3931 HIGH PATCH This Week

Heap buffer overflow in Skia in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Buffer Overflow Heap Overflow Chrome Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3923 HIGH PATCH This Week

Use after free in WebMIDI in Google Chrome versions up to 146.0.7680.71 is affected by use after free (CVSS 8.8).

Google Use After Free Denial Of Service Memory Corruption Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3920 HIGH PATCH This Week

Out of bounds memory access in WebML in Google Chrome versions up to 146.0.7680.71 is affected by out-of-bounds read (CVSS 8.8).

Google Information Disclosure Buffer Overflow AI / ML Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3918 HIGH PATCH This Week

Use after free in WebMCP in Google Chrome versions up to 146.0.7680.71 is affected by use after free (CVSS 8.8).

Google Use After Free Denial Of Service Memory Corruption Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3914 HIGH PATCH This Week

Integer overflow in WebML in Google Chrome versions up to 146.0.7680.71 contains a security vulnerability (CVSS 8.8).

Google Buffer Overflow AI / ML Chrome Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3915 HIGH PATCH This Week

Heap buffer overflow in WebML in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Google Buffer Overflow Heap Overflow AI / ML Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3913 HIGH PATCH This Week

Heap buffer overflow in WebML in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Google Buffer Overflow Heap Overflow AI / ML Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-32127 HIGH This Week

OpenEMR versions prior to 8.0.0.1 contain a SQL injection vulnerability in the ajax graphs library that allows authenticated users to execute arbitrary database queries, potentially leading to complete compromise of patient health records and system data. The vulnerability stems from insufficient input validation and requires valid credentials to exploit, but poses a critical risk given the sensitive nature of healthcare data stored in OpenEMR systems. No patch is currently available for affected versions.

SQLi Openemr
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-31895 HIGH This Week

WeGIA is a web manager for charitable institutions. versions up to 3.6.6 is affected by sql injection (CVSS 8.8).

PHP SQLi Wegia
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-31858 HIGH PATCH This Week

SQL injection in Craft CMS ElementSearchController allows authenticated control panel users to execute arbitrary SQL queries and extract complete database contents through the criteria[where] and criteria[orderBy] parameters. The vulnerability exists because a previous SQL injection fix applied to ElementIndexesController was never implemented in this endpoint. An attacker with any control panel user account can exploit this via boolean-based blind injection without requiring administrative privileges.

SQLi Craft Cms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-20046 HIGH This Week

Cisco IOS XR Software contains a task group mapping flaw in a specific CLI command that allows authenticated local attackers to bypass privilege checks and gain full administrative access to affected devices. An attacker with low-privileged credentials can exploit this misconfiguration to execute unauthorized administrative actions without proper authorization validation. No patch is currently available.

Cisco Apple Privilege Escalation Ios Xr
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-67037 HIGH This Week

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "tunnel" parameter when killing a tunnel connection. [CVSS 8.8 HIGH]

Code Injection RCE Eds5032 Firmware Eds5008 Firmware Eds5016 Firmware
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-67036 HIGH This Week

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. [CVSS 8.8 HIGH]

Code Injection RCE Eds5032 Firmware Eds5008 Firmware Eds5016 Firmware
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-67034 HIGH This Week

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials through the management interface. [CVSS 8.8 HIGH]

Code Injection RCE Eds5032 Firmware Eds5008 Firmware Eds5016 Firmware
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-31979 HIGH PATCH This Week

Local privilege escalation in Himmelblau prior to versions 3.1.0 and 2.3.8 allows authenticated local users to exploit insecure Kerberos cache file handling in the root-running himmelblaud-tasks daemon through symlink attacks. The vulnerability stems from the removal of PrivateTmp protections, exposing /tmp operations to symlink-based file overwrite and ownership manipulation attacks. An attacker with local access can leverage this flaw to achieve arbitrary file modification and full system compromise.

Privilege Escalation Microsoft Himmelblau Suse
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-68623 HIGH This Week

In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. [CVSS 8.8 HIGH]

Microsoft Privilege Escalation
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3919 HIGH PATCH This Week

Use after free in Extensions in Google Chrome versions up to 146.0.7680.71 is affected by use after free (CVSS 8.8).

Google Use After Free Denial Of Service Memory Corruption Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3013 HIGH This Week

Coppermine Photo Gallery in versions 1.6.09 through 1.6.27 is vulnerable to path traversal.

Path Traversal
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-32062 HIGH PATCH This Week

OpenClaw versions2026.2.21-2 versions up to 2026.2.22 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Denial Of Service Openclaw Openclaw Voice Call
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-31958 HIGH PATCH GHSA This Week

In versions of Tornado prior to 6.5.5, the only limit on the number of parts in `multipart/form-data` is the `max_body_size` setting (default 100MB). Since parsing occurs synchronously on the main thread, this creates the possibility of denial-of-service due to the cost of parsing very large multipart bodies with many parts. Tornado 6.5.5 introduces new limits on the size and complexity of multipart bodies, including a default limit of 100 parts per request. These limits are configurable if needed; see `tornado.httputil.ParseMultipartConfig`. It is also now possible to disable `multipart/form-data` parsing entirely if it is not required for the application.

Python Denial Of Service Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy