THREAT ALERT

ACT NOW CVE-2026-3910 8.8 Chrome's V8 JavaScript engine contains an inappropriate implementation (CVE-2026-3910, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox via crafted HTML pages. KEV-listed with public PoC, this V8 vulnerability affects all Chromium-based browsers and enables drive-by exploitation through any web page containing malicious JavaScript. | ACT NOW CVE-2026-3909 8.8 Google Chrome's Skia graphics library contains an out-of-bounds write (CVE-2026-3909, CVSS 8.8) enabling remote attackers to perform memory corruption through crafted HTML pages. KEV-listed with public PoC and patches available, this vulnerability in the core graphics rendering engine affects all Chromium-based browsers. | ACT NOW CVE-2025-14558 7.2 The rtsol(8) and rtsold(8) programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf(8) unmodified. resolvconf(8) is a shell script which does not validate its input. [CVSS 7.2 HIGH] | EMERGENCY CVE-2026-20131 10.0 Cisco Secure Firewall Management Center (FMC) contains a critical unauthenticated Java deserialization vulnerability (CVE-2026-20131, CVSS 10.0) in its web interface that enables remote code execution as root. KEV-listed with public PoC, this vulnerability allows complete compromise of the central management platform that controls all Cisco firewalls in the organization, enabling attackers to modify security policies, disable protections, and access all network traffic. | EMERGENCY CVE-2026-27971 9.8 RCE in Qwik JavaScript framework <= 1.19.0 via unsafe deserialization in server$ Runtime. EPSS 13.4% with PoC available. | ACT NOW CVE-2026-21385 7.8 A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memory allocation, enabling local privilege escalation to kernel level. KEV-listed and patched, this vulnerability affects Qualcomm-based mobile devices and embedded systems, potentially impacting billions of Android devices globally. | ACT NOW CVE-2026-22719 8.1 VMware Aria Operations contains a command injection vulnerability (CVE-2026-22719, CVSS 8.1) that allows unauthenticated remote attackers to execute arbitrary commands during support-assisted product migration. KEV-listed with patches available, this vulnerability targets the infrastructure monitoring platform that has visibility into the entire virtualized environment. | EMERGENCY CVE-2026-20127 10.0 Cisco Catalyst SD-WAN Controller and Manager contain a critical authentication bypass (CVE-2026-20127, CVSS 10.0) in the peering authentication mechanism that allows unauthenticated remote attackers to obtain full administrative privileges. The vulnerability exists because peering authentication does not properly validate credentials, enabling any attacker with network access to take over the SD-WAN management plane and control the entire WAN fabric. | EMERGENCY CVE-2026-27180 9.8 MajorDoMo home automation platform is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin() method without authentication due to improper use of gr() (which reads from $_REQUEST), allowing attackers to redirect update URLs and push malicious code packages. | EMERGENCY CVE-2026-27175 9.8 Unauthenticated OS command injection in MajorDoMo via rc/index.php. EPSS 41.7% — the $param variable is passed unsanitized to shell commands. PoC available. | EMERGENCY CVE-2026-27174 9.8 MajorDoMo home automation platform allows unauthenticated remote code execution through the admin panel's PHP console. An include order bug in panel.class.php causes execution to continue past a redirect() call that lacks an exit statement, allowing unauthenticated requests to reach the PHP code execution functionality in inc_panel_ajax.php. | ACT NOW CVE-2026-22769 10.0 Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) that allow unauthenticated remote attackers with knowledge of the credentials to gain root-level access to the underlying operating system. KEV-listed, this vulnerability exposes disaster recovery infrastructure to complete compromise, potentially affecting the integrity of backup and replication data. | ACT NOW CVE-2026-2441 8.8 Google Chrome's CSS engine contains a use-after-free vulnerability (CVE-2026-2441, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox through crafted HTML pages. KEV-listed with public PoC, this vulnerability enables drive-by exploitation when users visit malicious or compromised websites. | ACT NOW CVE-2026-25108 8.8 FileZen contains an OS command injection vulnerability (CVE-2026-25108, CVSS 8.8) that allows authenticated users to execute arbitrary commands when the Antivirus Check Option is enabled. KEV-listed with EPSS 18.6%, this vulnerability in the Japanese file-sharing appliance has been actively exploited in campaigns targeting organizations in Japan and Asia-Pacific. | ACT NOW CVE-2026-20700 7.8 Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CVE-2026-20700, CVSS 7.8) that allows attackers with memory write capability to execute arbitrary code at the kernel level. KEV-listed with Apple confirming reports of sophisticated in-the-wild exploitation, this represents an active zero-day targeting the Apple ecosystem at its most fundamental security boundary. |

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — March 13, 2026

305 CVEs tracked today. 15 Critical, 92 High, 185 Medium, 9 Low.

CVE-2026-32746 CRITICAL CVSS 9.8
OOB write in GNU inetutils telnetd through 2.7 via LINEMODE SLC handler.

Buffer Overflow
CVE-2026-32640 CRITICAL CVSS 9.8
Code injection in SimpleEval when objects with dangerous attrs are passed. PoC available.

Code Injection RCE
CVE-2026-32626 CRITICAL CVSS 9.6
XSS in AnythingLLM 1.11.1 and earlier.

XSS RCE AI / ML Anything Llm
CVE-2026-32621 CRITICAL CVSS 9.9
Prototype pollution in Apollo Federation before multiple versions.

Information Disclosure Code Injection Gateway Federation Internals Query Planner
CVE-2026-32367 CRITICAL CVSS 9.1
RCE via code injection in Modal Dialog WordPress plugin.

Code Injection RCE Modal Dialog
CVE-2026-32306 CRITICAL CVSS 9.9
SQL injection in OneUptime telemetry API before 10.0.23.

RCE SQLi Oneuptime
CVE-2026-32304 CRITICAL CVSS 9.8
create_function() sandbox bypass via unsanitized args passed to Function constructor. PoC available.

Node.js RCE PHP Code Injection
CVE-2026-32301 CRITICAL CVSS 9.3
SSRF in Centrifugo real-time messaging before 6.7.0.

SSRF Centrifugo
CVE-2026-31886 CRITICAL CVSS 9.1
Path traversal via dagRunId in DAG execution endpoints.

Python Authentication Bypass Denial Of Service Path Traversal Docker
CVE-2026-31806 CRITICAL CVSS 9.8
Heap overflow in FreeRDP gdi_surface_bits() before 3.24.0.

Buffer Overflow Heap Overflow Freerdp
CVE-2026-26954 CRITICAL CVSS 10.0
SandboxJS sandbox escape before 0.8.34 via Function access through arrays. CVSS 10.0.

RCE Code Injection Sandboxjs
CVE-2026-25823 CRITICAL CVSS 9.8
Stack overflow in HMS Networks Ewon Flexy/Cosy+ firmware.

RCE Buffer Overflow Denial Of Service Stack Overflow
CVE-2026-25818 CRITICAL CVSS 9.1
Weak encryption in HMS Networks Ewon Flexy/Cosy+ firmware.

Information Disclosure
CVE-2026-3910 HIGH CVSS 8.8
Chrome's V8 JavaScript engine contains an inappropriate implementation (CVE-2026-3910, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox via crafted HTML pages. KEV-listed with public PoC, this V8 vulnerability affects all Chromium-based browsers and enables drive-by exploitation through any web page containing malicious JavaScript.

Google RCE Buffer Overflow Chrome
CVE-2026-3909 HIGH CVSS 8.8
Google Chrome's Skia graphics library contains an out-of-bounds write (CVE-2026-3909, CVSS 8.8) enabling remote attackers to perform memory corruption through crafted HTML pages. KEV-listed with public PoC and patches available, this vulnerability in the core graphics rendering engine affects all Chromium-based browsers.

Buffer Overflow Memory Corruption Google Chrome
CVE-2026-3891 CRITICAL CVSS 9.8
Arbitrary file upload in Pix for WooCommerce WordPress plugin.

File Upload RCE WordPress Pix For Woocommerce
CVE-2026-2493 HIGH CVSS 7.5
IceWarp collaboration platform contains an unauthenticated directory traversal vulnerability that allows remote attackers to read sensitive files from the server. The flaw exists in HTTP request handling, enabling access to configuration files, user data, and potentially email contents stored on the server.

Path Traversal Information Disclosure Icewarp
CVE-2025-15060 CRITICAL CVSS 9.8
Command injection RCE in claude-hovercraft tool. EPSS 1.3%.

Command Injection RCE AI / ML Claude Hovercraft
CVE-2026-32729 HIGH CVSS 8.1
Critical authentication bypass vulnerability in Runtipi (versions prior to 4.8.1), a personal homeserver orchestrator, where attackers with stolen credentials can brute-force TOTP codes due to missing rate limiting. The vulnerability allows complete bypass of two-factor authentication in approximately 33 minutes, effectively compromising account security. While not currently in CISA KEV or showing high EPSS scores, the vulnerability has a CVSS 8.1 rating and a patch is available in version 4.8.1.

Authentication Bypass Runtipi
CVE-2026-32720 HIGH
A misconfigured NetworkPolicy in Kubernetes deployments allows attackers to perform unauthorized lateral movement between namespaces, breaking namespace isolation security boundaries. This vulnerability affects Kubernetes environments with improperly configured inter-namespace NetworkPolicies, specifically those with 'inter-ns' prefixed policies in monitoring namespaces. An attacker who compromises any component can pivot to access resources in other namespaces, potentially accessing sensitive data or systems they shouldn't have access to.

Kubernetes Information Disclosure
CVE-2026-32708 HIGH CVSS 7.8
Stack overflow vulnerability in PX4 autopilot drone flight control software (versions prior to 1.17.0-rc2) where the Zenoh uORB subscriber fails to validate incoming payload sizes, allowing remote attackers to crash the Zenoh bridge task. No active exploitation (not in KEV), no known POC, and the local attack vector (CVSS AV:L) limits real-world impact despite the high 7.8 CVSS score.

Buffer Overflow Stack Overflow Px4 Autopilot
CVE-2026-32706 HIGH CVSS 7.1
Buffer overflow vulnerability in PX4 autopilot drone firmware versions before 1.17.0-rc2 that allows adjacent network attackers to crash the system by sending oversized CRSF packets. The vulnerability requires the CRSF receiver protocol to be enabled on a serial port and can cause memory corruption leading to denial of service. No active exploitation (not in KEV) or public POC has been reported.

Buffer Overflow Px4 Autopilot
CVE-2026-32635 HIGH CVSS 8.6
A Cross-Site Scripting (XSS) vulnerability in Angular's runtime and compiler allows attackers to bypass built-in sanitization when internationalization (i18n) is enabled on security-sensitive attributes like href, src, and action. The vulnerability affects Angular versions before 19.2.20, 20.3.18, 21.2.4, and 22.0.0-next.3, enabling attackers with low privileges to execute arbitrary JavaScript in users' browsers for session hijacking, data theft, and unauthorized actions. With a CVSS score of 8.6 and no current evidence of active exploitation or public POCs, this represents a serious but not yet weaponized threat to Angular applications using i18n features with user-controlled data.

XSS RCE Google Angular Information Disclosure
CVE-2026-32628 HIGH CVSS 7.7
SQL injection in AnythingLLM versions 1.11.1 and earlier enables authenticated users to execute arbitrary SQL commands against connected PostgreSQL, MySQL, and MSSQL databases through the built-in SQL Agent plugin. The vulnerability stems from unsafe string concatenation of table names in the getTableSchemaSql() method across all three database connectors, bypassing proper parameterization. Any user with access to invoke the SQL Agent can exploit this to read, modify, or delete sensitive database contents.

SQLi PostgreSQL MySQL Mssql Information Disclosure
CVE-2026-32627 HIGH CVSS 8.7
cpp-httplib versions before 0.37.2 silently disable TLS certificate validation when following HTTPS redirects through a proxy, allowing attackers to intercept encrypted connections without detection. This affects any application using cpp-httplib as an HTTP client with proxy and redirect following enabled. No active exploitation (not in KEV) or public POC has been reported, with low EPSS probability indicating minimal current threat activity.

Information Disclosure Cpp Httplib
CVE-2026-32617 HIGH CVSS 7.1
AnythingLLM versions 1.11.1 and earlier contain an authentication bypass vulnerability on default installations where the application's HTTP endpoints and WebSocket connections lack proper authentication and accept requests from any origin. While rated CVSS 7.1, exploitation is limited to attackers on the same local network due to browser Private Network Access (PNA) protections, making this a medium-priority issue for most deployments.

Information Disclosure Google Mozilla AI / ML Anything Llm
CVE-2026-32616 HIGH CVSS 8.2
Host header injection vulnerability in Pigeon (a message board/blog system) versions prior to 1.0.201 that allows attackers to manipulate email verification URLs, potentially leading to account takeover. The vulnerability has a high CVSS score of 8.2 but requires user interaction (clicking a malicious link), and there is no indication of active exploitation in the wild or inclusion in CISA KEV.

Information Disclosure Pigeon
CVE-2026-32614 HIGH CVSS 7.5
Cryptographic authentication bypass vulnerability in the SM9 implementation of the Go gmsm library (github.com/emmansun/gmsm) that allows attackers to forge valid ciphertexts without knowing any secret keys. An attacker who only knows a target user's ID can craft malicious ciphertexts that decrypt successfully to attacker-controlled plaintext, completely bypassing cryptographic integrity checks. A proof-of-concept exploit is publicly available, and while not currently in CISA KEV, the vulnerability has a CVSS score of 7.5 (High).

Authentication Bypass
CVE-2026-32600 HIGH CVSS 8.2
Critical authentication bypass vulnerability in the simplesamlphp/xml-security library (versions before 2.3.1) that affects XML encryption using AES-GCM modes. Attackers can exploit missing authentication tag validation to brute-force decryption keys, decrypt sensitive XML data, and forge arbitrary ciphertexts without knowing encryption keys. No active exploitation detected (not in KEV), but the high CVSS score (8.2) and network-based attack vector make this a priority for organizations using affected SAML/XML security implementations.

Information Disclosure Xml Security
CVE-2026-32597 HIGH CVSS 7.5
PyJWT versions before 2.12.0 fail to validate the 'crit' (Critical) header parameter in JSON Web Signatures (JWS), accepting tokens with unrecognized critical extensions instead of rejecting them as required by RFC 7515. This allows attackers to potentially bypass security mechanisms by injecting malicious critical extensions that the library ignores, leading to integrity compromise. With an EPSS score of only 0.01% and no KEV listing, this represents a low real-world exploitation risk despite the high CVSS score.

Information Disclosure Python
CVE-2026-32594 HIGH CVSS 7.3
Parse Server versions prior to 8.6.40 and 9.6.0-alpha.14 contain an authentication bypass vulnerability in their GraphQL WebSocket subscription endpoint that circumvents Express middleware security controls. An unauthenticated attacker can connect directly to the WebSocket endpoint to execute arbitrary GraphQL operations, perform schema introspection despite disabled public introspection, and send complex queries that bypass rate limiting and complexity validation. This is a network-accessible vulnerability requiring no authentication that exposes sensitive schema information and enables potential denial-of-service attacks.

Authentication Bypass Node.js Parse Server
CVE-2026-32459 HIGH CVSS 8.5
Blind SQL injection in UpsellWP checkout plugin versions 2.2.4 and earlier allows authenticated attackers to execute arbitrary SQL queries with network access and without user interaction. The vulnerability affects the checkout-upsell-and-order-bumps functionality and could enable data exfiltration or database manipulation. No patch is currently available for this high-severity flaw.

SQLi Upsellwp
CVE-2026-32458 HIGH CVSS 7.6
SQL injection vulnerability in the RealMag777 WOLF bulk-editor WordPress plugin (versions up to 1.0.8.7) that allows authenticated administrators to execute blind SQL injection attacks. With a low EPSS score of 0.02% and no KEV listing, this vulnerability requires high privileges to exploit and is not currently being actively exploited in the wild.

SQLi Wolf
CVE-2026-32433 HIGH CVSS 8.5
CP Contact Form with Paypal through version 1.3.61 contains a blind SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries with network access. An attacker with user-level privileges can exploit this flaw to extract sensitive database information, though no patch is currently available.

SQLi Cp Contact Form With Paypal
CVE-2026-32426 HIGH CVSS 7.5
A PHP remote file inclusion vulnerability exists in themelexus Medilazar Core WordPress plugin that allows attackers to include arbitrary PHP files from local or remote sources, potentially leading to remote code execution. The vulnerability affects all versions of Medilazar Core prior to 1.4.7 and requires low privileges but high attack complexity to exploit. While not currently listed in CISA KEV or showing high EPSS scores, the potential for code execution makes this a serious concern for WordPress sites using this medical/healthcare theme framework.

Information Disclosure PHP Lfi Medilazar Core
CVE-2026-32422 HIGH CVSS 8.5
WP EasyCart versions 5.8.13 and earlier are vulnerable to blind SQL injection, allowing authenticated attackers to execute arbitrary SQL queries through improper input sanitization. This vulnerability could enable attackers to extract or manipulate sensitive database information, though code execution is not possible. No patch is currently available for this high-severity vulnerability (CVSS 8.5).

SQLi Wp Easycart
CVE-2026-32418 HIGH CVSS 7.6
Blind SQL injection in Meow Gallery up to version 5.4.4 allows high-privileged attackers to extract sensitive data from the application database through specially crafted SQL queries. An authenticated administrator with high privileges can exploit this vulnerability without user interaction to perform unauthorized database queries, potentially exposing confidential information. No patch is currently available for affected installations.

SQLi Meow Gallery
CVE-2026-32414 HIGH CVSS 7.2
A code injection vulnerability in ILLID Advanced Woo Labels WordPress plugin (versions up to 2.36) allows authenticated administrators to execute arbitrary code through improper input validation, potentially leading to full site compromise. The vulnerability requires high privileges to exploit (CVSS 7.2), has no known active exploitation in the wild (not in CISA KEV), and carries a very low EPSS score of 0.00043 (0.043%), indicating minimal real-world exploitation likelihood despite the high CVSS score.

Code Injection RCE Advanced Woo Labels
CVE-2026-32401 HIGH CVSS 7.2
Sprout Invoices Client Invoicing versions 20.8.9 and earlier contain a local file inclusion vulnerability in PHP that allows authenticated attackers with high privileges to read arbitrary files on the affected server. An attacker exploiting this vulnerability could access sensitive configuration files, source code, or other confidential data without requiring user interaction. No patch is currently available for this vulnerability.

Information Disclosure Lfi PHP Client Invoicing By Sprout Invoices
CVE-2026-32400 HIGH CVSS 7.5
A PHP remote file inclusion vulnerability exists in the ThemetechMount Boldman theme that allows attackers to include arbitrary local files, potentially leading to remote code execution. The vulnerability affects all Boldman theme versions up to and including version 7.7, enabling authenticated attackers with low privileges to compromise the system through malicious file inclusion. While not currently listed in CISA's KEV catalog, the vulnerability has a moderate CVSS score of 7.5 and requires some attack complexity to exploit successfully.

Lfi PHP Information Disclosure Boldman
CVE-2026-32399 HIGH CVSS 8.5
Blind SQL injection in Media Library Assistant through version 3.32 allows authenticated attackers to execute arbitrary SQL queries over the network, potentially leading to unauthorized data access and service disruption. The vulnerability requires valid user credentials but no user interaction, making it exploitable by internal or compromised accounts with minimal effort. No patch is currently available for affected installations.

SQLi Media Library Assistant
CVE-2026-32393 HIGH CVSS 7.5
Greenly Theme Addons for PHP versions prior to 8.2 contain a local file inclusion vulnerability in filename handling that allows authenticated attackers to read arbitrary files on the affected server. An attacker with valid credentials can exploit improper input validation to include and execute local files, potentially leading to information disclosure or code execution. No patch is currently available for this vulnerability.

Information Disclosure Lfi PHP Greenly Theme Addons
CVE-2026-32392 HIGH CVSS 7.5
Local file inclusion in Greenly through version 8.1 allows authenticated attackers to read arbitrary files on the server due to improper input validation in file inclusion functions. The vulnerability requires valid credentials but no user interaction, enabling attackers with PHP access to potentially escalate privileges or extract sensitive data. No patch is currently available for this high-severity vulnerability affecting the PHP-based Greenly application.

Information Disclosure Lfi PHP Greenly
CVE-2026-32384 HIGH CVSS 7.5
WpBookingly plugin versions 1.2.9 and earlier contain a local file inclusion vulnerability in their service-booking-manager component that allows authenticated attackers to read arbitrary files from the affected server. An attacker with valid credentials can exploit improper filename validation in PHP include/require statements to access sensitive information on the system. No patch is currently available for this vulnerability.

Information Disclosure Lfi PHP Wpbookingly
CVE-2026-32369 HIGH CVSS 7.5
Medilink-Core versions before 2.0.7 contain a local file inclusion vulnerability in PHP that allows authenticated attackers to read arbitrary files on the affected system through improper handling of file inclusion statements. An attacker with valid credentials can exploit this weakness to access sensitive information without requiring user interaction. No patch is currently available for this vulnerability.

Information Disclosure Lfi PHP Medilink Core
CVE-2026-32368 HIGH CVSS 8.5
Blind SQL injection in Geo to Lat versions up to 1.0.19 allows authenticated attackers to execute arbitrary SQL queries over the network with no user interaction required. An attacker with valid credentials can exploit this vulnerability to extract or manipulate database contents, potentially leading to unauthorized data access and system disruption. No patch is currently available for this vulnerability.

SQLi Geo To Lat
CVE-2026-32366 HIGH CVSS 8.5
A blind SQL injection vulnerability exists in the WordPress Collapsing Categories plugin (versions up to 3.0.9) that allows authenticated attackers with low privileges to execute arbitrary SQL queries against the database. The vulnerability enables extraction of sensitive data including user credentials, though it does not allow direct data modification. With a CVSS score of 8.5 and no current exploitation in the wild (not in KEV), this represents a serious but not critical risk for WordPress sites using this plugin.

SQLi Collapsing Categories
CVE-2026-32365 HIGH CVSS 8.5
Blind SQL injection in Collapsing Archives versions up to 3.0.7 allows authenticated attackers to execute arbitrary SQL queries through improper input sanitization. An attacker with user-level access can exploit this vulnerability to extract sensitive data from the database, though the impact is partially mitigated by the requirement for prior authentication. No patch is currently available for this vulnerability.

SQLi Collapsing Archives
CVE-2026-32364 HIGH CVSS 7.5
Turbo Manager versions below 4.0.8 contain a local file inclusion vulnerability in PHP file handling that allows authenticated attackers to include and execute arbitrary files on the system. An attacker with valid credentials can leverage improper filename validation to access sensitive files or achieve code execution. No patch is currently available, and exploitation requires network access with valid authentication credentials.

Information Disclosure Lfi PHP Turbo Manager
CVE-2026-32358 HIGH CVSS 7.6
Booking Calendar versions 10.14.15 and earlier contain a blind SQL injection vulnerability in database query handling that allows high-privileged authenticated users to execute arbitrary SQL commands. An attacker with administrative credentials could exploit this to extract sensitive database information and potentially disrupt service availability. A patch is not currently available, requiring users to implement alternative mitigations or limit administrative access.

SQLi Booking Calendar
CVE-2026-32355 HIGH CVSS 8.8
Crocoblock JetEngine versions below 3.8.4.1 are vulnerable to unsafe deserialization of untrusted data, enabling authenticated attackers to inject malicious objects and achieve arbitrary code execution. An attacker with user-level access can exploit this vulnerability without user interaction to fully compromise the affected system. No patch is currently available for this vulnerability.

Deserialization Jetengine
CVE-2026-32314 HIGH CVSS 8.7
Rust Yamux prior to version 0.13.10 is vulnerable to denial of service when processing specially crafted inbound stream frames that combine the SYN flag with oversized body lengths, causing the connection handler to panic due to improper state cleanup. An unauthenticated remote attacker can trigger this panic over any normal Yamux session without special privileges, crashing affected applications. No patch is currently available for this high-severity vulnerability.

Rust Denial Of Service Rust Yamux
CVE-2026-32313 HIGH CVSS 8.2
Critical cryptographic vulnerability in the xmlseclibs PHP library (versions before 3.1.5) that fails to validate authentication tag lengths in AES-GCM encrypted XML nodes. Attackers can exploit this remotely without authentication to brute-force encryption keys, decrypt sensitive data, and forge ciphertexts. While not currently in CISA's KEV catalog, the vulnerability has a high CVSS score of 8.2 and affects a widely-used XML security library.

PHP Information Disclosure Xmlseclibs
CVE-2026-32308 HIGH CVSS 7.6
Cross-site scripting (XSS) vulnerability in OneUptime monitoring platform versions prior to 10.0.23, where the Markdown viewer component renders Mermaid diagrams with insecure settings that allow arbitrary JavaScript execution. An authenticated attacker with low privileges can inject malicious JavaScript through any markdown field (incident descriptions, status pages, monitor notes), potentially compromising other users' sessions. With an EPSS score of only 0.03% and no KEV listing, this appears to be a theoretical risk with no observed exploitation in the wild.

XSS Oneuptime
CVE-2026-31944 HIGH CVSS 7.6
LibreChat versions 0.8.2 through 0.8.2-rc3 contain an authentication bypass vulnerability in the Model Context Protocol (MCP) OAuth callback endpoint that allows attackers to steal OAuth tokens by tricking victims into completing an OAuth flow, resulting in account takeover of the victim's MCP-linked services like Atlassian and Outlook. No active exploitation is known (not in KEV), no POC is publicly available, and EPSS data is not yet available for this newly disclosed vulnerability.

Atlassian Authentication Bypass Microsoft AI / ML Librechat
CVE-2026-31922 HIGH CVSS 8.5
Fox LMS versions 1.0.6.3 and earlier are vulnerable to blind SQL injection attacks through improper input sanitization, allowing authenticated attackers to execute arbitrary SQL queries and potentially exfiltrate sensitive database information. The vulnerability requires user authentication but can be exploited remotely with no user interaction needed, and carries a high CVSS score of 8.5. No patch is currently available for affected organizations.

SQLi Fox Lms
CVE-2026-31917 HIGH CVSS 8.5
SQL injection vulnerability in the weDevs WP ERP WordPress plugin affecting all versions up to and including 1.16.10, allowing authenticated attackers with low privileges to extract sensitive database information. With an EPSS score of 0.02% (5th percentile), this vulnerability has a very low probability of real-world exploitation and is not listed in CISA KEV, indicating it's not actively exploited in the wild.

SQLi Wp Erp
CVE-2026-31899 HIGH CVSS 7.5
Denial of service vulnerability in CairoSVG (Python SVG rendering library) caused by exponential amplification through recursive <use> SVG elements without depth limits. An attacker can cause 100% CPU exhaustion indefinitely with a tiny 1,411-byte SVG file, affecting any service that processes SVG input (thumbnails, PDFs, avatars). A working proof-of-concept is publicly available, patches have been released, and while not in KEV, the vulnerability has a 7.5 CVSS score with network-based, unauthenticated exploitation.

Denial Of Service Python
CVE-2026-31882 HIGH CVSS 7.5
CVE-2026-31882 is an authentication bypass vulnerability in Dagu workflow automation engine v2.2.3 and earlier when configured with HTTP Basic authentication, allowing unauthenticated attackers to access all Server-Sent Events (SSE) endpoints and read sensitive workflow data including execution logs, configurations, and potentially exposed credentials. A working proof-of-concept is included in the advisory, and the vendor has released patch v2.2.4 to address the issue.

Information Disclosure Authentication Bypass
CVE-2026-31814 HIGH CVSS 8.7
Integer overflow in Rust's Yamux implementation allows unauthenticated remote attackers to crash target nodes by sending specially crafted WindowUpdate frames that trigger arithmetic overflow in stream send-window accounting. An attacker can establish a Yamux session and transmit malicious frames without authentication, causing a panic in the connection state machine and resulting in denial of service. A patch is available to address this high-severity vulnerability.

Denial Of Service Integer Overflow Rust
CVE-2026-30914 HIGH CVSS 8.1
SFTPGo versions prior to 2.7.1 contain a path normalization vulnerability (CWE-22: Improper Limitation of a Pathname to a Restricted Directory) that allows authenticated attackers to bypass folder-level permissions and escape Virtual Folder boundaries through crafted file paths. An attacker with valid credentials can exploit this authorization bypass to access files and directories beyond their intended scope. The vulnerability has been patched in version 2.7.1 with strict edge-level path normalization, and while no public POC or KEV status has been disclosed, the CVSS 5.3 (network-accessible, low complexity) and requirement for prior authentication suggest this is a real but moderate-priority issue.

Canonical Path Traversal
CVE-2026-29079 HIGH CVSS 7.5
Denial of service in Lexbor prior to version 2.7.0 results from a type-confusion vulnerability in the HTML fragment parser that corrupts memory and causes a null pointer dereference. An unauthenticated remote attacker can exploit this by sending malformed HTML to crash applications using the vulnerable Lexbor library. No patch is currently available.

Information Disclosure Memory Corruption Lexbor
CVE-2026-29078 HIGH CVSS 7.5
The ISO-2022-JP encoder in Lexbor before version 2.7.0 contains an integer underflow vulnerability that allows unauthenticated remote attackers to read from stack memory and write to heap memory by crafting malicious DOM tree content. The flaw stems from a failure to reset a size variable between iterations, causing an out-of-bounds memcpy operation with a wrapped SIZE_MAX value. No patch is currently available for affected systems.

Information Disclosure Integer Overflow Lexbor
CVE-2026-26133 HIGH CVSS 7.1
CVE-2026-26133 is an AI command injection vulnerability in Microsoft 365 Copilot and multiple Microsoft mobile/desktop applications that allows remote attackers to disclose sensitive information through crafted AI prompts. The vulnerability affects numerous Microsoft products across iOS, Android, and macOS platforms, requires user interaction, and has a patch available from Microsoft with no current evidence of active exploitation (not in KEV).

Command Injection
CVE-2026-25819 HIGH CVSS 7.5
CVE-2026-25819 is an unauthenticated denial of service vulnerability affecting HMS Networks Ewon industrial IoT gateways (Flexy and Cosy+ models) that allows remote attackers to reboot devices through specially crafted HTTP requests to the web GUI. With a CVSS score of 7.5 (High) but low EPSS score (0.02%), this vulnerability has not been added to CISA KEV and shows minimal exploitation activity in the wild.

Denial Of Service
CVE-2026-25817 HIGH CVSS 8.8
HMS Networks' industrial IoT gateways (Ewon Flexy and Cosy+) contain a command injection vulnerability that allows authenticated attackers to execute arbitrary OS commands remotely. This affects Flexy devices before firmware 15.0s4 and Cosy+ devices before 22.1s6 (22.x branch) or 23.0s3 (23.x branch). With a CVSS score of 8.8 but low EPSS of 0.06%, this vulnerability requires valid credentials but enables full system compromise.

RCE Command Injection Code Injection
CVE-2026-25076 HIGH CVSS 7.3
CVE-2026-25076 is an SQL injection vulnerability in the GraphQL Reports API of Anchore Enterprise versions before 5.25.1, allowing authenticated attackers to execute arbitrary SQL commands and modify database contents. With a CVSS score of 7.3 and low EPSS score (0.02%), this vulnerability requires authentication and adjacent network access, making it a moderate priority for organizations using Anchore Enterprise in their container security infrastructure.

SQLi
CVE-2026-23941 HIGH CVSS 7.0
A critical HTTP Request Smuggling vulnerability exists in Erlang OTP's inets httpd module that allows attackers to desynchronize front-end and back-end servers by exploiting inconsistent Content-Length header parsing. The vulnerability affects Erlang OTP versions from 17.0 through 28.4.0 (inets 5.10 through 9.6.0) and enables attackers to bypass security controls, potentially poisoning web caches or accessing unauthorized resources. While not currently listed in CISA KEV or showing high EPSS scores, the vulnerability has a CVSS 4.0 score of 7.0 and could lead to significant security boundary violations in production environments using affected Erlang-based web services.

Information Disclosure Apache Nginx Request Smuggling Suse
CVE-2026-23940 HIGH CVSS 7.1
An uncontrolled resource consumption vulnerability in the Hex.pm package manager allows authenticated attackers to cause denial of service by uploading oversized packages that exhaust server memory during extraction. The vulnerability affects hexpm versions before commit 495f01607d3eae4aed7ad09b2f54f31ec7a7df01 and hex.pm installations before March 10, 2026, with a CVSS 4.0 score of 7.1 indicating high availability impact. No active exploitation has been reported (not in KEV), no public proof-of-concept exists, and EPSS data is not available.

Denial Of Service
CVE-2026-22202 HIGH CVSS 8.1
High severity vulnerability in wpDiscuz (WordPress plugin). wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers to delete all comments associated with an email address by crafting a malicious GET request with a valid HMAC key. Attackers can embed the deletecomments action URL in image tags or other resources to trigger permanent deletion of comments without user confirmation or POST-based CSRF protection.

CSRF Wpdiscuz
CVE-2026-22193 HIGH CVSS 8.1
High severity vulnerability in wpDiscuz (WordPress plugin). wpDiscuz before 7.6.47 contains an SQL injection vulnerability in the getAllSubscriptions() function where string parameters lack proper quote escaping in SQL queries. Attackers can inject malicious SQL code through email, activation_key, subscription_date, and imported_from parameters to manipulate database queries and extract sensitive information.

SQLi Wpdiscuz
CVE-2026-22182 HIGH CVSS 7.5
High severity vulnerability in wpDiscuz (WordPress plugin). wpDiscuz before 7.6.47 contains an unauthenticated denial of service vulnerability that allows anonymous users to trigger mass notification emails by exploiting the checkNotificationType() function. Attackers can repeatedly call the wpdiscuz-ajax.php endpoint with arbitrary postId and comment_id parameters to flood subscribers with notifications, as the handler lacks nonce verification, authent...

PHP Authentication Bypass Denial Of Service Wpdiscuz
CVE-2026-4111 HIGH CVSS 7.5
A remote code execution vulnerability in A flaw (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Denial Of Service
CVE-2026-4092 HIGH CVSS 8.7
Remote code execution in Clasp versions below 3.2.0 allows unauthenticated attackers to execute arbitrary code by uploading Google Apps Script projects with specially crafted filenames that exploit path traversal weaknesses. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires minimal user interaction and affects Google's Clasp tooling across all configurations.

Path Traversal RCE Google Clasp
CVE-2026-3999 HIGH CVSS 8.8
A broken access control vulnerability in JetBrains Datalore allows authenticated users to escalate privileges horizontally, accessing resources of other users at the same permission level. The vulnerability affects Datalore versions prior to 2026.1 but only impacts specific configurations. With a CVSS score of 8.8 and high EPSS score of 0.36942, this represents a significant risk, though no active exploitation or proof-of-concept code has been reported publicly.

Privilege Escalation Id Server
CVE-2026-3873 HIGH CVSS 7.2
High severity vulnerability in Avantra. Use of Hard-coded Credentials vulnerability in Avnatra Avantra allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Avantra: before 25.3.0.

Authentication Bypass Avantra
CVE-2026-3839 HIGH CVSS 7.3
Critical authentication bypass vulnerability in Unraid's auth-request.php file that allows remote attackers to gain unauthorized access without credentials through path traversal exploitation. The vulnerability affects all versions of Unraid (CPE indicates no version restrictions) and can be exploited over the network with low complexity, potentially compromising system confidentiality, integrity, and availability. No KEV listing or EPSS data was provided, suggesting this may be a recently disclosed vulnerability without known active exploitation.

Authentication Bypass PHP Path Traversal Unraid
CVE-2026-3838 HIGH CVSS 8.8
Critical path traversal vulnerability in Unraid's update.php file that allows authenticated remote attackers to execute arbitrary code as root. The vulnerability affects all versions of Unraid (per CPE data) and was discovered by Zero Day Initiative (ZDI-CAN-28951). With a CVSS score of 8.8 and requiring only low privileges, this represents a severe risk for Unraid installations.

PHP Path Traversal RCE Unraid
CVE-2026-3561 HIGH CVSS 8.0
Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers to execute arbitrary code through malformed PUT requests to the HomeKit Accessory Protocol (HAP) characteristics endpoint. While authentication is normally required, the advisory notes the authentication mechanism can be bypassed, effectively allowing unauthenticated remote code execution. No EPSS score or KEV listing is available, suggesting this is not currently being exploited in the wild.

Buffer Overflow RCE Heap Overflow Hue Bridge
CVE-2026-3560 HIGH CVSS 8.8
Heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows unauthenticated network-adjacent attackers to execute arbitrary code. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restrictions) through the hk_hap_pair_storage_put function on TCP port 8080. No EPSS data or KEV listing is available, and while ZDI has published an advisory, no public POC or active exploitation has been reported.

Buffer Overflow RCE Heap Overflow Hue Bridge
CVE-2026-3559 HIGH CVSS 8.1
CVE-2026-3559 is an authentication bypass vulnerability in Philips Hue Bridge devices affecting the HomeKit Accessory Protocol implementation, where a static nonce in the SRP authentication mechanism allows network-adjacent attackers to gain unauthorized access without credentials. With a CVSS score of 8.1 and requiring only local network access, attackers can achieve high confidentiality and integrity impact on the affected smart home infrastructure. No active exploitation (not in KEV), POC availability, or EPSS data is currently available.

Authentication Bypass Hue Bridge
CVE-2026-3558 HIGH CVSS 8.1
The Philips Hue Bridge HomeKit Accessory Protocol (HAP) service on TCP port 8080 lacks authentication in transient pairing mode, allowing network-adjacent attackers to bypass authentication and gain unauthorized access without requiring credentials (CVE-2026-3558, CVSS 8.1). This vulnerability affects all versions of Philips Hue Bridge and has been tracked as ZDI-CAN-28374. Real-world risk is elevated due to the low attack complexity, network-adjacent accessibility, and high impact on confidentiality and integrity of the smart lighting system.

Authentication Bypass Hue Bridge
CVE-2026-3557 HIGH CVSS 8.0
Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers with authentication (which can be bypassed) to achieve remote code execution as root. The vulnerability affects the HomeKit Accessory Protocol (HAP) implementation on TCP port 8080 and has a high CVSS score of 8.0, though no active exploitation or public PoC has been reported.

Buffer Overflow RCE Heap Overflow Hue Bridge
CVE-2026-3556 HIGH CVSS 8.8
Critical heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows network-adjacent attackers to execute arbitrary code without authentication. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restriction) and stems from improper input validation in the hk_hap_pair_storage_put function. No active exploitation (not in KEV) or EPSS score is reported, but the high CVSS score (8.8) and RCE capability make this a significant threat for local network attackers.

Buffer Overflow RCE Heap Overflow Hue Bridge
CVE-2026-3555 HIGH CVSS 8.0
Heap-based buffer overflow vulnerability in the Philips Hue Bridge's Zigbee stack that allows network-adjacent attackers to execute arbitrary code when users initiate device pairing. The vulnerability affects all versions of Philips Hue Bridge and has a CVSS score of 8.0, requiring physical proximity and user interaction to exploit. No EPSS data or KEV listing is available, suggesting this is not actively exploited in the wild.

Buffer Overflow RCE Heap Overflow Hue Bridge
CVE-2026-3227 HIGH CVSS 8.5
Authenticated attackers can achieve root-level command execution on TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 routers by uploading a malicious configuration file through the import function, exploiting improper input validation in the port-trigger processing logic. Successful exploitation grants complete control over the affected device, allowing full compromise of the router and any connected network. A patch is available for this high-severity vulnerability.

TP-Link Command Injection
CVE-2026-3086 HIGH CVSS 7.8
CVE-2026-3086 is an out-of-bounds write vulnerability in GStreamer's H.266 codec parser that allows remote code execution when processing malformed APS (Adaptation Parameter Set) units. The vulnerability affects all versions of GStreamer (CPE shows wildcard versioning) and requires user interaction to exploit, such as processing a malicious H.266 video file. No evidence of active exploitation (not in KEV), no public POC, and no EPSS score available yet.

Buffer Overflow RCE Memory Corruption Gstreamer
CVE-2026-3085 HIGH CVSS 8.8
Heap-based buffer overflow vulnerability in GStreamer's rtpqdm2depay component that allows remote attackers to execute arbitrary code when processing malformed X-QDM RTP payloads. The vulnerability affects all versions of GStreamer (CPE indicates no version restrictions) and requires user interaction to exploit, though attack vectors may vary based on implementation. No active exploitation is known (not in KEV), and no EPSS score is available to assess real-world exploitation probability.

Buffer Overflow RCE Heap Overflow Gstreamer
CVE-2026-3084 HIGH CVSS 7.8
CVE-2026-3084 is an integer underflow vulnerability in GStreamer's H.266 codec parser that allows remote code execution when processing malicious media files. The vulnerability affects all versions of GStreamer (CPE indicates wildcard versioning) and can be exploited through user interaction with specially crafted H.266 video content, allowing attackers to execute arbitrary code in the context of the application. No active exploitation (not in KEV) or public POC has been reported, and the relatively high CVSS score (7.8) is tempered by the local attack vector and user interaction requirement.

RCE Integer Overflow Gstreamer
CVE-2026-3083 HIGH CVSS 8.8
Critical out-of-bounds write vulnerability in GStreamer's rtpqdm2depay component that allows remote code execution when processing malformed X-QDM RTP payloads. The vulnerability affects all versions of GStreamer (CPE shows wildcard versioning) and requires user interaction, though attack vectors vary by implementation. With a CVSS score of 8.8 and active patch available, this represents a significant risk for applications using GStreamer for media processing.

Buffer Overflow RCE Gstreamer
CVE-2026-3082 HIGH CVSS 7.8
Heap-based buffer overflow vulnerability in the GStreamer multimedia framework's JPEG parser that allows remote code execution when processing malicious Huffman tables. The vulnerability affects all versions of GStreamer (CPE shows wildcard versioning) and requires user interaction to exploit, with a CVSS score of 7.8. No active exploitation in the wild has been reported (not in KEV), and no EPSS data is available.

Buffer Overflow RCE Heap Overflow Gstreamer
CVE-2026-3081 HIGH CVSS 7.8
Stack-based buffer overflow in GStreamer's H.266 codec parser that allows remote code execution when processing malicious video files. The vulnerability affects all versions of GStreamer (CPE shows wildcard versioning) and requires user interaction to trigger, such as opening a malicious media file. No active exploitation (not in KEV) or public PoC has been reported, with EPSS data unavailable.

Buffer Overflow RCE Stack Overflow Gstreamer
CVE-2026-3045 HIGH CVSS 7.5
High severity vulnerability in Simply Schedule Appointments (WordPress plugin). The Appointment Booking Calendar - Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up to and including 1.6.9.29. This is due to two compounding weaknesses: (1) a non-user-bound `public_nonce` is exposed to unauthenticated users through the public `/wp-json/ssa/v1/embed-inner` REST endpoint, and (2) the `get_item()` method ...

Authentication Bypass Information Disclosure WordPress
CVE-2026-2923 HIGH CVSS 7.8
CVE-2026-2923 is an out-of-bounds write vulnerability in GStreamer's DVB Subtitles handling that allows remote code execution when processing malformed subtitle coordinates. This vulnerability affects all versions of GStreamer (CPE indicates no version restrictions) and requires user interaction to exploit, though attack vectors may vary by implementation. No evidence of active exploitation (not in KEV), no public POC available, and no EPSS data provided.

Buffer Overflow RCE Memory Corruption Gstreamer
CVE-2026-2922 HIGH CVSS 7.8
Critical remote code execution vulnerability in GStreamer's RealMedia demuxer component, allowing attackers to execute arbitrary code via malformed video packets that trigger an out-of-bounds write. The vulnerability affects all versions of GStreamer (CPE indicates wildcard versioning) and requires user interaction to process malicious media files. While no active exploitation is reported (not in KEV), the availability of a vendor patch and ZDI advisory suggests this vulnerability has been responsibly disclosed and addressed.

Buffer Overflow RCE Memory Corruption Gstreamer
CVE-2026-2921 HIGH CVSS 7.8
CVE-2026-2921 is an integer overflow vulnerability in GStreamer's RIFF palette handling for AVI files that allows remote code execution with a CVSS score of 7.8. The vulnerability affects all versions of GStreamer (based on CPE wildcard) and requires user interaction to exploit, such as opening a malicious AVI file. No evidence of active exploitation (not in KEV), no public POC mentioned, and EPSS data not provided.

RCE Integer Overflow
CVE-2026-2920 HIGH CVSS 7.8
Heap-based buffer overflow vulnerability in GStreamer's ASF Demuxer component that allows remote attackers to execute arbitrary code when processing malicious ASF media files. The vulnerability requires user interaction (opening/processing a malicious file) and affects all versions of GStreamer based on the CPE data. No evidence of active exploitation (not in KEV) or public proof-of-concept exists, though Zero Day Initiative tracked it as ZDI-CAN-28843.

Buffer Overflow RCE Heap Overflow Gstreamer
CVE-2026-2890 HIGH CVSS 7.5
High severity vulnerability in Formidable Forms (WordPress plugin). The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all versions up to, and including, 6.28. This is due to the Stripe Link return handler (`handle_one_time_stripe_link_return_url`) marking payment records as complete based solely on the Stripe PaymentIntent status without comparing the intent's charged amount against the expected payment amount, and the `ve...

Authentication Bypass WordPress
CVE-2026-2673 HIGH CVSS 7.5
OpenSSL and Microsoft products using the 'DEFAULT' keyword in TLS 1.3 key exchange group configurations may negotiate weaker cryptographic groups than intended, allowing network-based attackers to potentially downgrade the security of encrypted connections without authentication or user interaction. This affects servers that combine default group lists with custom configurations, particularly impacting hybrid post-quantum key exchange implementations where clients defer group selection. A patch is available to remediate this high-severity confidentiality risk.

OpenSSL Information Disclosure Microsoft Redhat Suse
CVE-2026-1668 HIGH CVSS 7.7
Unauthenticated attackers can trigger out-of-bounds memory access in the web interface of multiple Omada switches through improper input validation, potentially achieving remote code execution or causing denial-of-service. Affected products include Sg2005p PD 1.x, Sg2008 4.2x/4.3x, and Sg2008p 3.2x/3.3x, which require only network access to the vulnerable interface. A patch is available to address this high-severity vulnerability (CVSS 7.7).

Buffer Overflow Information Disclosure RCE
CVE-2026-0957 HIGH CVSS 7.8
Memory corruption vulnerability in all versions of Digilent DASYLab that allows attackers to execute arbitrary code or steal information by tricking users into opening malicious files. The vulnerability has a CVSS score of 7.8 (High) and requires user interaction, with no evidence of active exploitation (not in KEV) or publicly available proof-of-concept code.

Buffer Overflow Information Disclosure RCE Memory Corruption Dasylab
CVE-2026-0956 HIGH CVSS 7.8
Memory corruption vulnerability in all versions of Digilent DASYLab data acquisition software that occurs when processing maliciously crafted files, potentially allowing attackers to leak sensitive information or execute arbitrary code. The vulnerability requires user interaction (opening a malicious file) and has a CVSS score of 7.8, with no current evidence of active exploitation or public proof-of-concept code.

Buffer Overflow Information Disclosure RCE Dasylab
CVE-2026-0955 HIGH CVSS 7.8
Memory corruption vulnerability in all versions of Digilent DASYLab software that allows attackers to achieve information disclosure or arbitrary code execution through specially crafted files. The vulnerability requires user interaction (opening a malicious file) and has a CVSS score of 7.8, with no current evidence of active exploitation (not in KEV) or public proof-of-concept code.

Buffer Overflow Information Disclosure RCE Dasylab
CVE-2026-0954 HIGH CVSS 7.8
Memory corruption vulnerability in all versions of Digilent DASYLab data acquisition software that allows attackers to achieve arbitrary code execution or information disclosure by tricking users into opening malicious .DSB files. With a CVSS score of 7.8 and requiring only user interaction, this out-of-bounds write vulnerability poses significant risk, though no active exploitation or public POCs have been reported.

Buffer Overflow Information Disclosure RCE Memory Corruption Dasylab
CVE-2025-71263 HIGH CVSS 7.4
A buffer overflow vulnerability exists in the 'su' command of UNIX Fourth Research Edition (v4) from 1973, allowing local users to gain root privileges by overflowing a 100-byte password buffer. While this has a high CVSS score (7.4), it affects an ancient operating system that is extremely unlikely to be in production use today, existing only in historical computing labs or museums. No evidence of active exploitation exists (not in KEV), and the vulnerability was discovered as part of historical security research.

Buffer Overflow
CVE-2025-13779 HIGH CVSS 8.3
Missing authentication vulnerability in ABB AWIN industrial gateways (GW100 rev.2 and GW120) that allows attackers on adjacent networks to access critical functions without credentials. With a CVSS score of 8.3 and no EPSS data or KEV listing, this appears to be a newly disclosed vulnerability with no evidence of active exploitation or public POC availability.

Authentication Bypass Abb Awin Gw120 Awin Gw100 Rev.2
CVE-2025-13777 HIGH CVSS 8.3
CVE-2025-13777 is an authentication bypass vulnerability in ABB AWIN Gateway devices (GW100 rev.2 and GW120) that allows attackers on adjacent networks to capture and replay authentication credentials without requiring privileges or user interaction. With a CVSS score of 8.3 and no evidence of active exploitation (not in KEV), this vulnerability enables attackers to gain unauthorized access and potentially compromise system confidentiality, integrity, and availability.

Authentication Bypass Abb Awin Gw100 Rev.2 Awin Gw120
CVE-2026-32745 MEDIUM CVSS 6.3
JetBrains Datalore versions before 2026.1 contain a session hijacking vulnerability (CVE-2026-32745) caused by missing secure attribute configuration on session cookies, allowing attackers on the same network to intercept and reuse session tokens. The vulnerability affects all Datalore versions prior to 2026.1 and requires adjacent network access combined with user interaction; while the CVSS score is moderate (6.3), the impact is high for confidentiality and enables unauthorized account access.

Information Disclosure
CVE-2026-32724 MEDIUM CVSS 5.3
PX4 Autopilot versions prior to 1.17.0-rc1 contain a heap-use-after-free vulnerability in the MavlinkShell::available() function caused by a race condition between the MAVLink receiver and telemetry sender threads. Remote attackers can trigger this vulnerability by sending crafted SERIAL_CONTROL messages (ID 126) via MAVLink, leading to denial of service of the flight control system. The vulnerability affects drone operators and systems accepting MAVLink telemetry from untrusted ground stations or networks.

Information Disclosure Memory Corruption Use After Free Px4 Autopilot
CVE-2026-32719 MEDIUM CVSS 4.2
AnythingLLM versions 1.11.1 and earlier contain a Zip Slip path traversal vulnerability in the community plugin import functionality that fails to validate file paths during ZIP extraction. An authenticated attacker with high privileges can craft a malicious ZIP file containing path traversal sequences that, when imported via the community hub, extract files outside the intended directory and achieve arbitrary code execution on the server. While the CVSS score is moderate (4.2) due to high privilege requirements and user interaction, the vulnerability enables code execution and should be addressed promptly.

Path Traversal RCE AI / ML Anything Llm
CVE-2026-32713 MEDIUM CVSS 4.3
PX4 Autopilot prior to version 1.17.0-rc2 contains a boolean logic error in MAVLink FTP session validation that uses AND (&&) instead of OR (||) operators, allowing attackers to bypass session isolation checks and execute file operations on invalid or closed file descriptors. An unauthenticated attacker on the adjacent network can exploit this vulnerability to destabilize the FTP subsystem, trigger denial-of-service conditions through invalid file descriptor operations, and potentially compromise the integrity of drone flight control systems. While the CVSS score of 4.3 indicates low to moderate severity with availability impact, the safety-critical nature of autopilot systems and the unauthenticated attack vector warrant immediate attention.

Authentication Bypass Px4 Autopilot
CVE-2026-32709 MEDIUM CVSS 5.4
An unauthenticated path traversal vulnerability in PX4 Autopilot's MAVLink FTP implementation (CWE-22) allows any MAVLink peer to read, write, create, delete, and rename arbitrary files on flight controller filesystems without authentication or privilege requirements. Affected versions are prior to 1.17.0-rc2, impacting both NuttX-based flight controllers and POSIX targets (Linux companion computers and SITL simulation environments). Attackers with network access to MAVLink communication channels can exploit this vulnerability to compromise flight controller integrity, extract sensitive configuration data, or inject malicious firmware.

Path Traversal Px4 Autopilot
CVE-2026-32707 MEDIUM CVSS 5.2
PX4 autopilot versions prior to 1.17.0-rc2 contain an unbounded memcpy vulnerability in the tattu_can module that allows stack memory corruption when processing specially crafted CAN frames. An attacker with CAN bus injection capability can trigger denial of service or memory corruption in drone systems where tattu_can is enabled, potentially compromising flight safety and system stability.

Buffer Overflow Stack Overflow Px4 Autopilot
CVE-2026-32705 MEDIUM CVSS 6.8
PX4 autopilot versions prior to 1.17.0-rc2 contain a stack overflow vulnerability in the BST telemetry probe driver that allows a malicious BST device to trigger a buffer overflow by reporting an oversized dev_name_len parameter without bounds checking. An attacker with physical access to inject a malicious BST device can crash the autopilot task or potentially achieve arbitrary code execution, impacting drone flight safety and control systems. No active KEV exploitation data or public POC is currently documented, but the vulnerability is patched in version 1.17.0-rc2.

RCE Stack Overflow Buffer Overflow Px4 Autopilot
CVE-2026-32704 MEDIUM CVSS 6.5
CVE-2026-32704 is a security vulnerability (CVSS 6.5). Risk factors: public PoC available.

Authentication Bypass Docker
CVE-2026-32702 MEDIUM CVSS 5.3
Cleanuparr versions 2.7.0 through 2.8.0 contain a timing-based username enumeration vulnerability in the /api/auth/login endpoint that allows unauthenticated remote attackers to discover valid usernames by analyzing response time differences. The flaw stems from password verification logic that performs expensive cryptographic hashing only after validating username existence, creating a measurable timing side-channel. This vulnerability is fixed in version 2.8.1 and presents a moderate information disclosure risk with a CVSS score of 6.9, though exploitation requires no special privileges or user interaction.

Information Disclosure Cleanuparr
CVE-2026-32630 MEDIUM CVSS 5.3
The file-type library's ZIP file type detection functions fail to limit decompression output for known-size inputs, allowing attackers to craft small compressed ZIP files that expand to hundreds of megabytes in memory during processing. Applications processing untrusted file uploads are vulnerable to denial-of-service attacks that cause excessive memory consumption and potential crashes. Public exploit code exists for this vulnerability, though a patch is available.

Denial Of Service
CVE-2026-32612 MEDIUM CVSS 5.4
Statamic CMS versions prior to 6.6.2 contain a stored cross-site scripting (XSS) vulnerability in the control panel color mode preference functionality that allows authenticated users to inject malicious JavaScript code. When a higher-privileged administrator impersonates or accesses the account of an authenticated user who has injected malicious code, the JavaScript executes in the administrator's browser session with their elevated privileges. This vulnerability is network-accessible and requires low privileges but user interaction from the victim, resulting in a CVSS score of 5.4 with potential for session hijacking, data theft, or further privilege escalation depending on the administrator's role and permissions.

XSS
CVE-2026-32598 MEDIUM CVSS 6.5
OneUptime versions prior to 10.0.24 contain a sensitive information exposure vulnerability where the password reset flow logs complete password reset URLs containing plaintext reset tokens at the INFO log level, which is enabled by default in production environments. Any actor with access to application logs-including log aggregation systems, Docker logs, or Kubernetes pod logs-can extract these tokens and perform account takeover on any user. The vulnerability is fixed in version 10.0.24.

Kubernetes Docker Information Disclosure Oneuptime
CVE-2026-32543 MEDIUM CVSS 5.3
A Missing Authorization vulnerability exists in CyberChimps Responsive Blocks responsive-block-editor-addons plugin through version 2.2.0, where incorrectly configured access control allows unauthenticated attackers to perform unauthorized actions. The vulnerability has a CVSS score of 5.3 with a network attack vector and no privileges required, meaning remote attackers can exploit this without authentication to modify content or settings. While the integrity impact is limited (CWE-862: Missing Authorization), the lack of authentication requirements and the plugin's wide deployment in WordPress environments present a moderate real-world risk.

Authentication Bypass Responsive Blocks
CVE-2026-32487 MEDIUM CVSS 5.3
The Lawyer Landing Page plugin through version 1.2.7 contains an authorization bypass vulnerability that allows unauthenticated attackers to modify data due to improper access control configuration. This network-accessible vulnerability could enable attackers to alter content or settings without proper authentication credentials. A patch is not currently available for affected installations.

Authentication Bypass Lawyer Landing Page
CVE-2026-32486 MEDIUM CVSS 5.3
Improper access control in wptravelengine Travel Booking versions up to 1.3.9 permits unauthenticated attackers to modify data through incorrectly configured authorization checks. An attacker can exploit this vulnerability to tamper with travel booking information without requiring valid credentials or user interaction. No patch is currently available for this medium-severity vulnerability.

Authentication Bypass Travel Booking
CVE-2026-32461 MEDIUM CVSS 5.3
Really Simple SSL versions 9.5.7 and earlier contain an authorization bypass flaw that allows unauthenticated remote attackers to modify security settings through improper access control mechanisms. The vulnerability has a medium severity rating with a CVSS score of 5.3 and currently lacks a publicly available patch. Organizations using affected versions should review their SSL security configurations and consider upgrading when patches become available.

Authentication Bypass Really Simple Ssl
CVE-2026-32460 MEDIUM CVSS 6.5
Stored cross-site scripting in Ultimate Addons for Contact Form 7 through version 3.5.36 allows authenticated attackers with improper access controls to inject malicious scripts that execute in other users' browsers. An attacker can exploit this vulnerability to steal session tokens, modify form data, or perform actions on behalf of victims. No patch is currently available for this vulnerability.

XSS Ultimate Addons For Contact Form 7
CVE-2026-32457 MEDIUM CVSS 5.3
Improper access control in Wombat Plugins Advanced Product Fields for WooCommerce through version 1.6.18 allows unauthenticated attackers to modify product addon data due to misconfigured authorization checks. This affects WooCommerce stores using the vulnerable plugin, enabling attackers to alter product information without proper permissions. No patch is currently available.

WordPress Authentication Bypass
CVE-2026-32456 MEDIUM CVSS 4.3
A Cross-Site Request Forgery (CSRF) vulnerability exists in Janis Elsts Admin Menu Editor plugin for WordPress, affecting versions up to and including 1.14.1. An attacker can forge requests to modify administrator menu configurations without explicit consent, potentially leading to unauthorized changes to the WordPress admin interface. The vulnerability has a CVSS score of 4.3 (Low-Medium severity) and requires user interaction (UI:R) but can be exploited by an unauthenticated attacker over the network.

CSRF Admin Menu Editor
CVE-2026-32455 MEDIUM CVSS 6.5
A DOM-Based Cross-Site Scripting (XSS) vulnerability exists in the RealMag777 MDTF (Meta Data Filter and Taxonomy Filter) WordPress plugin affecting versions up to and including 1.3.5. An authenticated attacker with low privileges can inject malicious scripts that execute in the context of other users' browsers, potentially leading to session hijacking, credential theft, or unauthorized actions. The vulnerability requires user interaction (UI:R) and is classified as moderate severity (CVSS 6.5), though its exploitability depends on plugin popularity and whether public proof-of-concept code becomes available.

XSS Mdtf
CVE-2026-32454 MEDIUM CVSS 6.5
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in ThemeFusion Avada Core plugin versions prior to 5.15.0, allowing authenticated users with low privileges to inject malicious scripts that execute in other users' browsers. The vulnerability requires user interaction (UI:R) and affects the confidentiality, integrity, and availability of affected WordPress installations. With an EPSS score of 0.03% (8th percentile), real-world exploitation probability is currently low, though the vulnerability is documented and patched.

XSS Avada Core
CVE-2026-32453 MEDIUM CVSS 5.3
This is a missing authorization vulnerability in ThemeFusion Avada Core (versions prior to 5.15.0) that allows unauthenticated attackers to modify data through incorrectly configured access control security levels. The vulnerability has a CVSS score of 5.3 with network attack vector and no privilege requirements, meaning any remote attacker can exploit it without authentication. While the integrity impact is limited (data modification rather than disclosure or system compromise), the lack of authentication requirements and network accessibility make this a practical security concern for websites using vulnerable Avada versions.

Authentication Bypass Avada Core
CVE-2026-32452 MEDIUM CVSS 5.3
This vulnerability is a missing authorization flaw in ThemeFusion Fusion Builder that allows unauthenticated attackers to exploit incorrectly configured access controls to modify content or settings. The issue affects Fusion Builder versions prior to 3.15.0, and the network-accessible nature combined with no authentication requirement means any remote attacker can exploit it without special privileges. While the CVSS score of 5.3 indicates moderate severity with integrity impact but no confidentiality or availability loss, the lack of authentication requirement elevates real-world risk for WordPress sites using affected versions.

Authentication Bypass Fusion Builder
CVE-2026-32451 MEDIUM CVSS 6.3
Fusion Builder, a WordPress plugin by ThemeFusion, contains a missing authorization vulnerability (CWE-862) that allows authenticated attackers with low privileges to bypass access controls and perform unauthorized actions. Versions prior to 3.15.0 are affected, and attackers can exploit incorrectly configured access control to read, modify, or delete sensitive data. The CVSS 6.3 score reflects moderate severity with network accessibility and low attack complexity, though no public evidence of active KEV inclusion or widespread exploitation has been documented at this time.

Authentication Bypass Fusion Builder
CVE-2026-32450 MEDIUM CVSS 6.5
A DOM-Based Cross-Site Scripting (XSS) vulnerability exists in the RealMag777 Active Products Tables for WooCommerce plugin (versions up to 1.0.7), allowing authenticated users with low privileges to inject malicious scripts that execute in other users' browsers. The vulnerability has a moderate CVSS score of 6.5 but carries a low exploitation probability (EPSS 0.03%, percentile 8%), indicating minimal real-world active exploitation risk despite the technical severity.

WordPress XSS Active Products Tables For Woocommerce
CVE-2026-32449 MEDIUM CVSS 6.5
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Themify Event Post WordPress plugin (versions up to 1.3.4) that allows authenticated users with low privileges to inject malicious scripts into web pages, which are then executed in the browsers of other site visitors. An attacker with login credentials can craft malicious input that persists in the database and affects all users viewing affected pages, potentially leading to session hijacking, credential theft, or website defacement. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), limiting but not eliminating real-world risk.

XSS Themify Event Post
CVE-2026-32448 MEDIUM CVSS 6.5
A cross-site scripting vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

WordPress XSS Podlove Podcast Publisher
CVE-2026-32447 MEDIUM CVSS 4.3
Atarim visual collaboration through version 4.3.2 contains an authorization bypass vulnerability that allows authenticated users to modify data they should not have access to due to incorrectly configured access controls. An attacker with valid credentials can exploit this misconfiguration to perform unauthorized modifications within the application. No patch is currently available for this vulnerability.

Authentication Bypass Atarim
CVE-2026-32446 MEDIUM CVSS 4.3
Inadequate authorization controls in WPForms Contact Form plugin version 1.9.9.3 and earlier permit authenticated users to bypass access restrictions and view sensitive form data. An attacker with low-privileged credentials could leverage misconfigured access controls to access information they should not be permitted to view. No patch is currently available for this vulnerability.

Authentication Bypass Contact Form By Wpforms
CVE-2026-32443 MEDIUM CVSS 6.5
A Cross-Site Request Forgery (CSRF) vulnerability exists in Josh Kohlbach's Product Feed PRO for WooCommerce plugin affecting versions up to 13.5.2, allowing unauthenticated attackers to perform unauthorized actions on behalf of authenticated administrators through malicious web requests. While the CVSS score is 6.5 (Medium), the EPSS score of 0.01% (1st percentile) indicates minimal real-world exploitation probability, suggesting this is a low-priority vulnerability despite the integrity impact. No KEV status or active exploitation evidence is documented.

WordPress CSRF Product Feed Pro For Woocommerce
CVE-2026-32442 MEDIUM CVSS 4.3
E2Pdf versions through 1.28.15 contain a missing authorization vulnerability that allows authenticated users to modify data they should not have access to due to incorrectly configured access control security levels. An attacker with low-level user privileges can exploit this via network access without user interaction to escalate their capabilities and modify unauthorized PDF-related resources. While the CVSS score of 4.3 is moderate and integrity impact is low, the vulnerability represents a classic authorization bypass that could allow privilege escalation or lateral movement within multi-user E2Pdf deployments.

Authentication Bypass E2pdf
CVE-2026-32440 MEDIUM CVSS 5.3
Inadequate access control in WP Food plugin versions below 2.7.1 allows unauthenticated remote attackers to modify data without proper authorization checks. This vulnerability affects WordPress installations using the vulnerable WP Food plugin and could enable attackers to alter plugin functionality or data integrity. No patch is currently available for this issue.

Authentication Bypass Wp Food
CVE-2026-32439 MEDIUM CVSS 5.3
WebGeniusLab BigHearts contains a missing authorization vulnerability (CWE-862) that allows unauthenticated attackers to modify data due to incorrectly configured access control security levels. All versions of BigHearts through 3.1.14 are affected, enabling an attacker to bypass authorization checks and perform unauthorized data modification without requiring authentication or user interaction. With a CVSS score of 5.3 and network-accessible attack surface, this vulnerability poses a moderate integrity risk requiring prompt patching.

Authentication Bypass Bighearts
CVE-2026-32438 MEDIUM CVSS 5.3
Improper access control in VW School Education through version 1.4.6 allows unauthenticated remote attackers to modify data by exploiting misconfigured security levels. The vulnerability enables integrity compromise without requiring authentication or user interaction, affecting educational institutions using affected versions.

Authentication Bypass Vw School Education
CVE-2026-32437 MEDIUM CVSS 5.3
Improper access control in VW Portfolio up to version 1.3.3 enables unauthenticated attackers to modify data through incorrectly configured security levels. The vulnerability allows integrity compromise without requiring authentication or user interaction, affecting all instances of the affected software versions. No patch is currently available.

Authentication Bypass Vw Portfolio
CVE-2026-32436 MEDIUM CVSS 5.3
Improper access control in VW Photography through version 1.3.8 permits unauthenticated attackers to modify application data due to missing authorization checks on sensitive functions. An attacker can exploit this vulnerability over the network without user interaction to alter content or settings, though confidentiality and availability are not impacted. No patch is currently available for this vulnerability.

Authentication Bypass Vw Photography
CVE-2026-32435 MEDIUM CVSS 5.3
VW Pet Shop through version 1.4.7 contains an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data due to improperly configured access controls. An attacker can exploit this to alter information within the application without requiring authentication or user interaction. Currently, no patch is available for this vulnerability.

Authentication Bypass Vw Pet Shop
CVE-2026-32434 MEDIUM CVSS 5.3
VW Fitness through version 4.3.4 contains an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data through improperly configured access controls. An attacker can exploit this to perform unauthorized actions without requiring authentication or user interaction. No patch is currently available for affected installations.

Authentication Bypass Vw Fitness
CVE-2026-32432 MEDIUM CVSS 5.3
WP Time Slots Booking Form through version 1.2.42 contains a missing authorization vulnerability that allows unauthenticated attackers to modify booking data through improperly configured access controls. An attacker can exploit this to alter time slot reservations and other critical booking information without authentication. No patch is currently available for this vulnerability.

Authentication Bypass Wp Time Slots Booking Form
CVE-2026-32431 MEDIUM CVSS 6.5
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the Brainstorm Force Astra Bulk Edit WordPress plugin through version 1.2.10, allowing authenticated attackers to inject malicious scripts that execute in the context of other users' browsers. An attacker with low-privilege account access (e.g., contributor or editor role) can craft malicious input that, when processed by the bulk edit functionality, results in arbitrary JavaScript execution affecting site administrators and other users. The vulnerability requires user interaction (UI:R) but can affect multiple users across the site due to its stored/DOM-based nature, making it a persistent attack vector for privilege escalation or data exfiltration.

XSS Astra Bulk Edit
CVE-2026-32430 MEDIUM CVSS 6.5
A Stored Cross-Site Scripting (XSS) vulnerability exists in PowerPack Addons for Elementor (powerpack-lite-for-elementor) versions up to 2.9.9, allowing authenticated attackers with limited privileges to inject malicious scripts that persist in the application and execute in other users' browsers. While the CVSS score is moderate (6.5) and EPSS exploitation probability is low (0.03%, percentile 8%), the vulnerability requires user interaction (UI:R) and authenticated access (PR:L), reducing real-world exploitability. No evidence of active exploitation (KEV status) or public proof-of-concept has been identified at this time.

XSS Powerpack Addons For Elementor
CVE-2026-32429 MEDIUM CVSS 6.5
A Stored Cross-Site Scripting (XSS) vulnerability exists in Magical Addons For Elementor, a WordPress plugin for the Elementor page builder, affecting versions up to and including 1.4.1. An authenticated attacker with low privileges can inject malicious JavaScript code that persists in the application and executes in the browsers of other users, potentially leading to session hijacking, credential theft, or defacement. This is a post-authentication vulnerability with user interaction required, making it moderately exploitable in real-world WordPress environments where multiple users collaborate on page design.

XSS Magical Addons For Elementor
CVE-2026-32428 MEDIUM CVSS 5.3
Popup Like Box versions 3.7.7 and earlier contain an authorization bypass vulnerability that allows unauthenticated attackers to modify content through improperly configured access controls. The vulnerability affects the ays-facebook-popup-likebox plugin and requires no user interaction to exploit. While no patch is currently available, the impact is limited to integrity violations without affecting confidentiality or availability.

Authentication Bypass Popup Like Box
CVE-2026-32427 MEDIUM CVSS 5.3
VW Education Lite versions 2.2.0 and earlier contain a missing authorization vulnerability (CWE-862) that allows unauthenticated attackers to modify data through incorrectly configured access control security levels. An attacker with network access can exploit this vulnerability without requiring authentication or user interaction to perform unauthorized modifications, resulting in integrity compromise but not confidentiality or availability impact. The CVSS 5.3 medium score reflects the network-accessible nature and lack of authentication requirements, though the integrity-only impact limits the overall severity.

Authentication Bypass Vw Education Lite
CVE-2026-32425 MEDIUM CVSS 5.3
Payment Gateway Pix For GiveWP versions 2.2.3 and earlier contain a missing authorization vulnerability that allows unauthenticated remote attackers to modify data through improper access control. An attacker can exploit this flaw to manipulate payment gateway functionality without proper authentication or user interaction. No patch is currently available for this vulnerability affecting GiveWP payment processing installations.

Authentication Bypass Payment Gateway Pix For Givewp
CVE-2026-32424 MEDIUM CVSS 6.5
BoldGrid Sprout Clients contains a Stored Cross-Site Scripting (XSS) vulnerability in web page generation that allows authenticated users to inject and execute arbitrary JavaScript. The vulnerability affects Sprout Clients version 3.2.2 and earlier, enabling attackers with login credentials to compromise other users viewing affected pages. While the CVSS score of 6.5 indicates medium severity with network accessibility and low attack complexity, the stored nature of the XSS and requirement for user interaction (UI:R) limits immediate widespread automated exploitation.

XSS Sprout Clients
CVE-2026-32423 MEDIUM CVSS 5.4
Authenticated users with insufficient access control restrictions in Admin and Site Enhancements (ASE) versions 8.4.0 and earlier can bypass authorization checks to read and modify sensitive data. The vulnerability stems from improperly configured access control levels that fail to enforce proper privilege boundaries. An attacker with valid credentials can exploit this to gain unauthorized access to protected functionality without elevated permissions.

Authentication Bypass
CVE-2026-32421 MEDIUM CVSS 5.3
Post Timeline versions 2.4.1 and earlier contain a missing authorization flaw that allows unauthenticated remote attackers to modify data by exploiting improperly configured access controls. The vulnerability enables integrity compromise without requiring user interaction or special privileges. No patch is currently available for this issue.

Authentication Bypass Post Timeline
CVE-2026-32420 MEDIUM CVSS 5.4
GamiPress versions 7.6.6 and earlier contain a Cross-Site Request Forgery (CSRF) vulnerability that allows unauthenticated attackers to perform unauthorized actions on behalf of authenticated users through maliciously crafted requests. An attacker can exploit this to modify plugin settings, create or delete gamification elements, or alter user data without the target user's knowledge or consent. The vulnerability requires user interaction (clicking a malicious link) but has no authentication requirement for the attack itself, making it a moderate-risk issue suitable for opportunistic exploitation against WordPress administrators.

CSRF Gamipress
CVE-2026-32419 MEDIUM CVSS 5.9
The List category posts WordPress plugin (versions through 0.93.1) contains a DOM-based cross-site scripting (XSS) vulnerability that allows authenticated attackers with high privileges to inject malicious scripts into web pages viewed by other users. An attacker can exploit this through improper input neutralization during web page generation, potentially leading to session hijacking, credential theft, or defacement. With a CVSS score of 5.9 and requiring high privileges plus user interaction, this represents a moderate-severity risk primarily to WordPress sites using this specific plugin.

XSS List Category Posts
CVE-2026-32417 MEDIUM CVSS 5.4
Pochipp versions below 1.18.9 contain an authorization bypass vulnerability that allows authenticated users to access resources or perform actions beyond their assigned permissions due to improper access control validation. An attacker with valid credentials could exploit this to view sensitive data or modify system configuration they should not have access to. No patch is currently available.

Authentication Bypass Pochipp
CVE-2026-32416 MEDIUM CVSS 5.4
bPlugins PDF Poster through version 2.4.0 contains an authorization bypass vulnerability that allows authenticated users to modify or disrupt PDF operations due to improperly configured access controls. An attacker with valid credentials could exploit this flaw to manipulate data integrity or cause service disruption without proper authorization checks.

Authentication Bypass Pdf Poster
CVE-2026-32415 MEDIUM CVSS 5.0
Squeeze versions 1.7.7 and earlier contain a path traversal vulnerability that allows authenticated attackers to access files outside the intended directory through manipulated file paths. An attacker with valid credentials could leverage this flaw to read sensitive files on the affected system, though code execution and data modification are not possible.

Path Traversal Squeeze
CVE-2026-32413 MEDIUM CVSS 5.3
Permalink Manager Lite versions prior to 2.5.3 lack proper authorization controls, allowing unauthenticated remote attackers to modify content through incorrectly configured access restrictions. This missing authorization check enables attackers to alter data without authentication, affecting the integrity of managed permalinks. No patch is currently available for this vulnerability.

Authentication Bypass Permalink Manager Lite
CVE-2026-32412 MEDIUM CVSS 5.4
A Server-Side Request Forgery (SSRF) vulnerability exists in Gift Up! Gift Cards for WordPress and WooCommerce plugin versions up to 3.1.7, allowing unauthenticated attackers to make arbitrary HTTP requests from the vulnerable server. This could enable attackers to access internal services, scan internal networks, or exfiltrate sensitive data from systems accessible only to the server. The vulnerability has a CVSS score of 5.4 (Medium) with network-based attack vector and low impact on confidentiality and integrity.

SSRF WordPress Gift Up Gift Cards For Wordpress And Woocommerce
CVE-2026-32411 MEDIUM CVSS 6.5
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Simpma Embed Calendly plugin (versions up to and including 4.4) that allows authenticated attackers to inject malicious scripts into web pages. An attacker with login privileges can craft malicious input that persists in the application and executes in the browsers of other users who view the affected content, potentially compromising session tokens, credentials, or sensitive data. While this vulnerability requires prior authentication (lowering immediate exposure), the stored nature means the payload affects multiple victims and persists across sessions.

XSS Embed Calendly
CVE-2026-32410 MEDIUM CVSS 5.3
The WBW Currency Switcher for WooCommerce plugin through version 2.2.5 contains an authorization bypass vulnerability that allows unauthenticated remote attackers to modify plugin settings and configurations without proper access controls. This vulnerability affects WordPress sites running the vulnerable plugin versions and could enable attackers to alter currency settings or manipulate store functionality. No patch is currently available for this vulnerability.

WordPress Authentication Bypass Wbw Currency Switcher For Woocommerce
CVE-2026-32409 MEDIUM CVSS 5.3
Forminator through version 1.50.2 contains an authorization bypass that allows unauthenticated attackers to modify data through incorrectly configured access controls. The vulnerability affects WordPress sites using the WPMU DEV Forminator plugin and requires no user interaction to exploit. No patch is currently available for this issue.

WordPress Authentication Bypass Forminator
CVE-2026-32408 MEDIUM CVSS 4.3
Brizy through version 2.7.23 contains a missing authorization flaw that allows authenticated users to access resources or perform actions beyond their assigned permissions due to improperly configured access controls. An attacker with valid credentials can exploit this vulnerability to view sensitive information from other users or accounts. No patch is currently available for this issue.

Authentication Bypass Brizy
CVE-2026-32407 MEDIUM CVSS 4.3
Improper access control in WPC Smart Wishlist for WooCommerce through version 5.0.8 permits authenticated users to modify wishlist data they should not have authorization to access. An attacker with valid WordPress credentials could exploit misconfigured permission checks to alter or manipulate wishlist information belonging to other users.

WordPress Authentication Bypass Wpc Smart Wishlist For Woocommerce
CVE-2026-32406 MEDIUM CVSS 4.3
WPC Product Bundles for WooCommerce versions through 8.4.5 contains a missing authorization flaw that allows authenticated users to exploit misconfigured access controls and access sensitive information. An attacker with valid WordPress credentials could leverage this vulnerability to view restricted data within the plugin. No patch is currently available for this medium-severity issue affecting WooCommerce installations.

WordPress Authentication Bypass Wpc Product Bundles For Woocommerce
CVE-2026-32405 MEDIUM CVSS 5.3
WoodMart versions 8.3.9 and earlier expose sensitive embedded system information to unauthorized parties through improper access controls, allowing remote attackers to retrieve confidential data without authentication. The vulnerability carries medium severity with a 5.3 CVSS score and currently lacks an available patch, affecting deployments of the affected WoodMart versions.

Information Disclosure Woodmart
CVE-2026-32404 MEDIUM CVSS 5.3
Studio99 WP Monitor versions through 1.0.3 contain a missing authorization vulnerability (CWE-862) that allows unauthenticated attackers to modify data or settings due to incorrectly configured access controls. The vulnerability has a CVSS score of 5.3 with a network attack vector requiring no privileges or user interaction, enabling integrity compromise without authentication. There is no indication of active exploitation in the wild or public proof-of-concept code at this time, though the low attack complexity and network accessibility make this a moderate priority for WordPress site administrators running this monitoring plugin.

Authentication Bypass Studio99 Wp Monitor
CVE-2026-32403 MEDIUM CVSS 6.5
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in Toocheke Companion browser extension versions through 1.194, allowing authenticated attackers to inject malicious scripts that execute in the context of a user's web session. An attacker with login credentials can craft malicious input that bypasses input sanitization during web page generation, enabling session hijacking, credential theft, or malware distribution. While no active KEV exploitation or public proof-of-concept has been disclosed for this CVE, the CVSS 6.5 score reflects moderate severity due to the requirement for user interaction and authenticated access.

XSS Toocheke Companion
CVE-2026-32402 MEDIUM CVSS 5.3
Image Slider By Ays versions 2.7.1 and earlier contain a missing authorization flaw that allows unauthenticated remote attackers to modify content through improper access control validation. The vulnerability affects the plugin's core functionality and could enable unauthorized changes to website content without proper authentication checks. No patch is currently available.

Authentication Bypass Image Slider By Ays
CVE-2026-32398 MEDIUM CVSS 5.3
TeraWallet for WooCommerce versions up to 1.5.15 contain a race condition in concurrent transaction handling that allows authenticated attackers to manipulate wallet integrity and perform unauthorized financial operations. An attacker with user-level access can exploit improper synchronization during simultaneous requests to bypass transaction controls and modify account balances. No patch is currently available for this vulnerability.

WordPress Information Disclosure Race Condition
CVE-2026-32397 MEDIUM CVSS 5.3
YMC Filter & Grids through version 3.5.1 contains an authorization bypass that allows unauthenticated remote attackers to modify data due to improperly configured access controls. The vulnerability affects the smart-filter component and could enable unauthorized alterations to filtered content or grid configurations without requiring user interaction or privileges.

Authentication Bypass
CVE-2026-32396 MEDIUM CVSS 5.3
RadiusTheme Team versions up to 5.0.13 contain an access control misconfiguration that allows unauthenticated remote attackers to modify data through improper authorization checks. The vulnerability enables integrity compromise without requiring authentication or user interaction, affecting all installations running the affected version range. No patch is currently available.

Authentication Bypass Team
CVE-2026-32395 MEDIUM CVSS 5.3
A Missing Authorization vulnerability (CWE-862) exists in Xpro Addons For Beaver Builder - Lite versions up to 1.5.6, allowing unauthenticated attackers to exploit incorrectly configured access control mechanisms and perform unauthorized modifications. The vulnerability has a CVSS score of 5.3 with a network attack vector requiring no privileges or user interaction, indicating an integrity impact without confidentiality or availability compromise. While the CVSS is moderate, the lack of authentication requirement and network accessibility make this a meaningful risk for WordPress sites using this plugin.

Authentication Bypass
CVE-2026-32394 MEDIUM CVSS 4.3
PublishPress Capabilities versions up to 2.31.0 contain an authorization bypass that allows authenticated users to exploit misconfigured access controls and gain unauthorized information disclosure. An attacker with valid credentials could leverage this vulnerability to access sensitive data they are not permitted to view. No patch is currently available for this vulnerability.

Authentication Bypass Publishpress Capabilities
CVE-2026-32391 MEDIUM CVSS 5.4
SmartFix by linethemes contains a missing authorization vulnerability (CWE-862) that allows authenticated users to access or modify resources they should not have permission to access due to incorrectly configured access control security levels. Affected versions are SmartFix prior to 1.2.4. An attacker with low-privilege credentials can exploit this network-accessible vulnerability without user interaction to gain unauthorized access to sensitive data or perform unauthorized modifications.

Authentication Bypass Smartfix
CVE-2026-32390 MEDIUM CVSS 5.4
Nanosoft versions prior to 1.3.2 contain an access control flaw that allows authenticated users to modify data and degrade system availability through improperly configured authorization checks. An attacker with valid credentials can exploit this vulnerability to perform unauthorized actions beyond their assigned privilege level. No patch is currently available for this vulnerability.

Authentication Bypass Nanosoft
CVE-2026-32388 MEDIUM CVSS 5.4
Insufficient access control in Linethemes GLB through version 1.2.2 allows authenticated users to bypass security restrictions and gain unauthorized access to restricted resources. An attacker with valid credentials could exploit misconfigured access controls to view or modify sensitive data they should not have permission to access. No patch is currently available for this vulnerability.

Authentication Bypass Glb
CVE-2026-32387 MEDIUM CVSS 5.3
Checkout for PayPal versions up to 1.0.46 contain an authorization bypass vulnerability allowing unauthenticated attackers to modify checkout data due to improper access control enforcement. An attacker can exploit this over the network without user interaction to tamper with payment transactions. Currently no patch is available for this vulnerability.

Authentication Bypass Checkout For Paypal
CVE-2026-32386 MEDIUM CVSS 5.4
Envo Extra through version 1.9.13 contains an authorization bypass that allows authenticated attackers to access or modify sensitive data due to improperly configured access controls. An attacker with valid credentials can exploit this vulnerability to perform unauthorized actions within the plugin. No patch is currently available, and the vulnerability has not been confirmed as actively exploited.

Authentication Bypass Envo Extra
CVE-2026-32385 MEDIUM CVSS 5.4
RegistrationMagic through version 6.0.7.6 contains a missing authorization vulnerability that allows authenticated users to modify data and cause service disruptions through improperly configured access controls. An attacker with valid credentials can bypass intended permission restrictions to perform unauthorized actions on form submissions and registration data. No patch is currently available for this vulnerability.

Authentication Bypass Registrationmagic
CVE-2026-32383 MEDIUM CVSS 5.3
Ridhi through version 1.1.2 contains a missing authorization vulnerability that allows unauthenticated remote attackers to modify data due to improper access control configuration. An attacker can exploit this flaw without authentication or user interaction to alter information in affected installations. No patch is currently available for this vulnerability.

Authentication Bypass Ridhi
CVE-2026-32382 MEDIUM CVSS 5.3
Improperly configured access controls in raratheme Digital Download through version 1.1.4 enable unauthenticated attackers to modify content without authorization. This missing authorization vulnerability allows remote attackers to alter data integrity in affected installations. No patch is currently available for this vulnerability.

Authentication Bypass Digital Download
CVE-2026-32381 MEDIUM CVSS 5.3
Improper access control in raratheme App Landing Page version 1.2.2 and earlier permits unauthenticated attackers to modify application data through exploitation of inadequately configured security levels. This network-accessible vulnerability requires no user interaction and could allow attackers to alter critical application content without authorization. No patch is currently available for affected installations.

Authentication Bypass App Landing Page
CVE-2026-32380 MEDIUM CVSS 5.3
Numinous theme versions up to 1.3.0 contain an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data through improperly configured access controls. The vulnerability affects the theme's security implementation and could enable unauthorized changes to application data without authentication. No patch is currently available for this issue.

Authentication Bypass Numinous
CVE-2026-32379 MEDIUM CVSS 5.3
Rara Academic theme versions up to 1.2.2 contain an authorization bypass vulnerability that allows unauthenticated remote attackers to modify content due to improper access control configuration. The vulnerability enables unauthorized data manipulation without requiring authentication or user interaction. No patch is currently available for affected installations.

Authentication Bypass Rara Academic
CVE-2026-32378 MEDIUM CVSS 5.3
Improper access control in raratheme Book Landing Page through version 1.2.7 permits unauthenticated attackers to modify content or data without proper authorization checks. The vulnerability stems from missing authentication validation on protected operations, allowing remote exploitation without user interaction. No patch is currently available.

Authentication Bypass Book Landing Page
CVE-2026-32377 MEDIUM CVSS 5.3
Pranayama Yoga version 1.2.2 and earlier contains a missing authorization flaw that allows unauthenticated remote attackers to modify application data by exploiting improper access control configurations. The vulnerability has no available patch and could enable unauthorized changes to yoga class information or user content without authentication. With a CVSS score of 5.3, this affects any Pranayama Yoga installation using the vulnerable versions.

Authentication Bypass Pranayama Yoga
CVE-2026-32376 MEDIUM CVSS 5.3
Improper access control in Kalon through version 1.2.9 enables unauthenticated remote attackers to modify data or configurations by exploiting misconfigured authorization checks. The vulnerability carries medium severity with a CVSS score of 5.3 and currently has no available patch.

Authentication Bypass Kalon
CVE-2026-32375 MEDIUM CVSS 5.3
Travel Diaries through version 1.2.4 contains an authorization bypass that allows unauthenticated attackers to modify application data due to improperly configured access controls. The vulnerability affects all installations of the plugin and requires no user interaction to exploit, enabling attackers to alter sensitive travel diary information without proper authentication.

Authentication Bypass Travel Diaries
CVE-2026-32374 MEDIUM CVSS 5.3
Improper access control in The Minimal WordPress theme versions up to 1.2.9 enables unauthenticated remote attackers to modify content or settings through incorrectly configured authorization checks. The vulnerability carries a medium severity rating with no available patch at this time.

Authentication Bypass The Minimal
CVE-2026-32373 MEDIUM CVSS 5.4
Cozy Vision SMS Alert Order Notifications through version 3.9.0 contains an authorization bypass that allows authenticated users to modify data and degrade service availability through improperly configured access controls. An attacker with valid credentials can exploit this vulnerability to perform unauthorized actions intended for higher-privileged users. No patch is currently available for this vulnerability.

Authentication Bypass Sms Alert Order Notifications
CVE-2026-32372 MEDIUM CVSS 5.3
The RadiusTheme ShopBuilder plugin for WordPress (versions up to 3.2.4) improperly exposes sensitive system information through its Elementor WooCommerce integration, allowing unauthenticated attackers to retrieve embedded sensitive data. This information disclosure has a low confidentiality impact with no authentication or user interaction required. No patch is currently available for affected installations.

WordPress Information Disclosure
CVE-2026-32371 MEDIUM CVSS 5.3
Elegant Pink theme versions up to 1.3.3 contain an access control flaw that allows unauthenticated remote attackers to modify data through incorrectly configured authorization checks. The vulnerability enables integrity compromise without requiring authentication, though no patch is currently available.

Authentication Bypass Elegant Pink
CVE-2026-32370 MEDIUM CVSS 5.3
Improper access control in raratheme Influencer through version 1.1.7 allows unauthenticated remote attackers to modify data or resources due to incorrectly configured authorization checks. The vulnerability requires no user interaction and can be exploited over the network, though no patch is currently available.

Authentication Bypass Influencer
CVE-2026-32363 MEDIUM CVSS 5.3
WPLifeCycle versions 3.3.1 and earlier contain an authorization bypass that allows unauthenticated remote attackers to modify data through improperly configured access controls. The vulnerability affects the free PHP version and could enable unauthorized changes to application data without requiring authentication or user interaction. A patch is not currently available for this issue.

Authentication Bypass Wplifecycle
CVE-2026-32362 MEDIUM CVSS 5.3
Insufficient access control in WP Sessions Time Monitoring Full Automatic version 1.1.3 and earlier permits unauthenticated attackers to modify data through improperly configured authorization checks. This vulnerability affects WordPress site administrators and users relying on the plugin to properly restrict access to session monitoring features. An attacker could exploit this to alter activity logs or session data without proper authentication.

Authentication Bypass Wp Sessions Time Monitoring Full Automatic
CVE-2026-32361 MEDIUM CVSS 6.5
Editorial Calendar through version 3.9.0 contains a DOM-based cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through improper input sanitization during web page generation. An attacker with user privileges can exploit this to execute arbitrary JavaScript in the context of other users' browsers, potentially leading to credential theft or unauthorized actions. No patch is currently available for this vulnerability.

XSS Editorial Calendar
CVE-2026-32360 MEDIUM CVSS 5.9
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Rich Showcase for Google Reviews widget (richplugins plugin) affecting versions through 6.9.4.3, where improper input neutralization during web page generation allows authenticated attackers with high privileges to inject malicious scripts that execute in users' browsers. An attacker with administrative or plugin configuration access can store XSS payloads that will be executed for any user viewing the affected widget, potentially leading to session hijacking, credential theft, or defacement. While the CVSS score of 5.9 indicates moderate severity and requires user interaction and high privileges to exploit, the stored nature of this vulnerability means the payload persists and affects multiple users passively.

XSS Google Rich Showcase For Google Reviews
CVE-2026-32359 MEDIUM CVSS 6.5
Stored XSS in bPlugins Icon List Block through version 1.2.3 allows authenticated attackers to inject malicious scripts that execute in other users' browsers. An attacker with user-level access can craft malicious input that persists in the application and compromises the confidentiality, integrity, and availability of affected systems. No patch is currently available for this vulnerability.

XSS Icon List Block
CVE-2026-32357 MEDIUM CVSS 6.4
Simple Blog Card versions 2.37 and earlier contain a Server-Side Request Forgery vulnerability that allows authenticated attackers to make arbitrary requests from the affected server. An attacker with login credentials can leverage this to access internal resources, interact with backend services, or potentially exfiltrate sensitive data. No patch is currently available for this vulnerability.

SSRF Simple Blog Card
CVE-2026-32356 MEDIUM CVSS 6.5
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in robosoft Robo Gallery through version 5.1.2, allowing authenticated attackers to inject malicious scripts into web pages generated by the application. An attacker with login credentials can craft malicious input that executes arbitrary JavaScript in the context of other users' browsers, potentially leading to session hijacking, credential theft, or malware distribution. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), which moderates but does not eliminate the threat.

XSS Robo Gallery
CVE-2026-32354 MEDIUM CVSS 5.3
WpEvently versions prior to 5.1.9 inadvertently expose sensitive information in transmitted data, allowing unauthenticated remote attackers to retrieve embedded secrets without user interaction. This information disclosure vulnerability affects the mage-eventpress plugin and could enable attackers to obtain credentials or other confidential data. No patch is currently available.

Information Disclosure Wpevently
CVE-2026-32353 MEDIUM CVSS 6.4
MailerPress through version 1.4.2 contains a server-side request forgery (SSRF) vulnerability that allows authenticated attackers to make arbitrary network requests from the affected server. An attacker with valid credentials could exploit this to access internal services, scan the network, or interact with backend systems. No patch is currently available for this vulnerability.

SSRF Mailerpress
CVE-2026-32352 MEDIUM CVSS 6.5
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in Elementor Website Builder through version 3.35.5, allowing authenticated attackers with low privileges to inject malicious scripts that execute in the context of other users' browsers. An attacker can exploit this via a crafted page or element to steal session cookies, redirect users, or perform actions on their behalf. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), but carries a moderate CVSS score of 6.5 with cross-site impact (S:C), indicating meaningful business risk despite not being unauthenticated.

XSS Elementor Website Builder
CVE-2026-32351 MEDIUM CVSS 5.9
Stored XSS in blubrry PowerPress Podcasting through version 11.15.13 permits authenticated administrators with high privileges to inject malicious scripts that persist in web pages and execute in other users' browsers. An attacker with admin credentials can inject arbitrary JavaScript to steal session tokens, modify content, or perform actions on behalf of victims. No patch is currently available for this vulnerability.

XSS Powerpress Podcasting
CVE-2026-32350 MEDIUM CVSS 5.3
Improper access control in Chocolate House through version 1.1.5 allows unauthenticated remote attackers to modify data by bypassing authorization checks. The vulnerability affects all versions up to 1.1.5, and no patch is currently available. An attacker could exploit misconfigured security levels to gain unauthorized write access without authentication.

Authentication Bypass Chocolate House
CVE-2026-32349 MEDIUM CVSS 4.9
Embed PDF Viewer through version 2.4.7 contains a server-side request forgery (SSRF) vulnerability that allows authenticated attackers to make arbitrary network requests from the affected server. An attacker with valid credentials could potentially access internal resources or services not otherwise exposed to the internet. No patch is currently available for this vulnerability.

SSRF Embed Pdf Viewer
CVE-2026-32348 MEDIUM CVSS 5.3
MAS Videos through version 1.3.2 contains an authorization bypass that allows unauthenticated attackers to modify data due to improper access control validation. An attacker can exploit this vulnerability over the network without user interaction to manipulate protected resources. No patch is currently available for this vulnerability.

Authentication Bypass Mas Videos
CVE-2026-32347 MEDIUM CVSS 5.3
The raratheme Restaurant and Cafe plugin through version 1.2.5 contains an authorization bypass vulnerability that allows unauthenticated attackers to modify data through improperly configured access controls. An attacker can exploit this flaw to perform unauthorized actions without authentication or user interaction. No patch is currently available for this vulnerability.

Authentication Bypass Restaurant And Cafe
CVE-2026-32346 MEDIUM CVSS 5.3
Improper access control in raratheme Travel Agency versions up to 1.5.5 permits unauthenticated attackers to modify data through misconfigured authorization checks. This vulnerability allows unauthorized changes to travel agency information without requiring authentication or user interaction, potentially compromising business operations and data integrity.

Authentication Bypass Travel Agency
CVE-2026-32345 MEDIUM CVSS 5.3
Perfect Portfolio version 1.2.4 and earlier contains a missing authorization control that allows unauthenticated attackers to modify content through improperly configured access restrictions. An attacker can exploit this vulnerability to alter data integrity without requiring authentication or user interaction. No patch is currently available for this vulnerability.

Authentication Bypass Perfect Portfolio
CVE-2026-32344 MEDIUM CVSS 4.3
Corpiva through version 1.0.96 is vulnerable to cross-site request forgery attacks that allow unauthenticated attackers to perform unauthorized actions on behalf of legitimate users. An attacker can exploit this vulnerability by tricking a user into visiting a malicious webpage while authenticated to Corpiva, resulting in unwanted state changes such as configuration modifications or data manipulation. No patch is currently available for this vulnerability.

CSRF Corpiva
CVE-2026-32343 MEDIUM CVSS 4.3
Easy Table of Contents versions up to 2.0.80 are vulnerable to cross-site request forgery attacks that allow unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users through malicious web pages. The vulnerability requires user interaction to trigger but could result in unauthorized modifications to website content or settings. No patch is currently available for this issue.

CSRF Easy Table Of Contents
CVE-2026-32342 MEDIUM CVSS 4.3
Quiz Maker version 6.7.1.2 and earlier contains a Cross-Site Request Forgery vulnerability that allows unauthenticated attackers to perform unauthorized actions on behalf of authenticated users through malicious web pages. An attacker can exploit this to modify quiz content or settings by tricking users into visiting a crafted link while logged into the application. No patch is currently available for this vulnerability.

CSRF Quiz Maker
CVE-2026-32341 MEDIUM CVSS 5.3
Benevolent theme versions through 1.3.9 contain an authorization bypass that allows unauthenticated remote attackers to modify data due to improperly configured access controls. The vulnerability affects the CMS's ability to enforce proper permission checks, enabling unauthorized content manipulation without authentication. No patch is currently available for this medium-severity issue.

Authentication Bypass Benevolent
CVE-2026-32340 MEDIUM CVSS 5.3
Business One Page up to version 1.3.2 contains an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data due to improperly configured access controls. An attacker can exploit this weakness to alter sensitive information without requiring valid credentials or user interaction. No patch is currently available for this vulnerability.

Authentication Bypass Business One Page
CVE-2026-32339 MEDIUM CVSS 5.3
Bakes And Cakes plugin versions up to 1.2.9 contain an authorization bypass vulnerability that allows unauthenticated attackers to modify data due to improper access control configuration. An attacker could exploit this over the network without authentication to perform unauthorized state changes. No patch is currently available for this vulnerability.

Authentication Bypass Bakes And Cakes
CVE-2026-32338 MEDIUM CVSS 5.3
The Construction Landing Page plugin through version 1.4.1 contains a missing authorization vulnerability that allows unauthenticated attackers to modify data through improperly configured access controls. An attacker can exploit this flaw to perform unauthorized changes to the application without authentication or user interaction. No patch is currently available for this vulnerability.

Authentication Bypass Construction Landing Page
CVE-2026-32337 MEDIUM CVSS 5.3
Improperly configured access controls in the Preschool and Kindergarten plugin (versions up to 1.2.5) allow unauthenticated attackers to modify content or settings without proper authorization. This missing authorization vulnerability affects websites using the vulnerable plugin and could enable unauthorized data tampering. No security patch is currently available for this vulnerability.

Authentication Bypass Preschool And Kindergarten
CVE-2026-32336 MEDIUM CVSS 5.3
Rara Business WordPress theme version 1.3.0 and earlier contains an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data through improperly configured access controls. The vulnerability requires no user interaction and can be exploited over the network, though no patch is currently available. Affected installations should implement additional access control measures or upgrade when patches become available.

Authentication Bypass Rara Business
CVE-2026-32335 MEDIUM CVSS 5.3
Incorrect access control in The Conference WordPress theme versions up to 1.2.5 allows unauthenticated remote attackers to modify content by exploiting misconfigured authorization checks. An attacker can leverage this vulnerability to alter data without proper authentication, impacting the integrity of the affected website.

Authentication Bypass The Conference
CVE-2026-32334 MEDIUM CVSS 5.3
JobScout versions 1.1.7 and earlier contain an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data through improperly configured access controls. The vulnerability enables attackers to perform unauthorized actions without proper authentication or user interaction. No patch is currently available for this vulnerability.

Authentication Bypass Jobscout
CVE-2026-32332 MEDIUM CVSS 5.3
Easy Form versions 2.7.9 and earlier are vulnerable to missing authorization controls that allow unauthenticated attackers to modify data through incorrectly configured access restrictions. An attacker can exploit this vulnerability remotely without authentication to perform unauthorized data manipulation operations. No patch is currently available for this vulnerability.

Authentication Bypass Easy Form
CVE-2026-32331 MEDIUM CVSS 4.3
Improper access control in Textmetrics up to version 3.6.4 allows authenticated users to modify data they should not have permission to access. An attacker with valid credentials can exploit misconfigured security levels to perform unauthorized modifications. No patch is currently available for this vulnerability.

Authentication Bypass Textmetrics
CVE-2026-32330 MEDIUM CVSS 4.3
Photo Gallery by 10Web versions up to 1.8.37 contain a cross-site request forgery vulnerability that enables unauthenticated attackers to perform unauthorized actions on behalf of authenticated users through crafted requests. The vulnerability requires user interaction and allows attackers to modify or delete gallery content with no direct access needed. No patch is currently available for this vulnerability.

CSRF Photo Gallery By 10web
CVE-2026-32329 MEDIUM CVSS 5.3
Advanced Related Posts plugin through version 1.9.1 contains insufficient authorization controls that allow unauthenticated remote attackers to modify plugin settings and data. The vulnerability stems from improperly configured access restrictions in the plugin's functionality, enabling attackers to alter post relationships without proper authentication or permission validation.

Authentication Bypass Advanced Related Posts
CVE-2026-32328 MEDIUM CVSS 5.4
A Cross-Site Request Forgery (CSRF) vulnerability exists in shufflehound's Lemmony application versions prior to 1.7.1, allowing unauthenticated attackers to perform unauthorized actions on behalf of legitimate users through crafted web requests. An attacker can exploit this vulnerability to cause integrity and availability impact by forcing a victim's browser to make unwanted requests to the Lemmony application. The attack requires user interaction (clicking a malicious link) but has a low attack complexity and network accessibility, making it a practical threat in multi-user web environments.

CSRF Lemmony
CVE-2026-32322 MEDIUM CVSS 5.3
The soroban-sdk Rust SDK contains a cryptographic comparison vulnerability in Fr (scalar field) types for BN254 and BLS12-381 curves that fails to reduce unreduced field elements modulo the field modulus r before equality comparison. This allows attackers to supply crafted Fr values that are mathematically equal but compare as unequal when unreduced, potentially bypassing security-critical authorization or validation logic in smart contracts. The vulnerability affects versions prior to 22.0.11, 23.5.3, and 25.3.0; with a CVSS score of 5.3 (Medium), it poses moderate risk primarily to contract integrity rather than confidentiality.

Authentication Bypass
CVE-2026-31949 MEDIUM CVSS 6.5
LibreChat versions prior to 0.8.3-rc1 contain a Denial of Service vulnerability in the DELETE /api/convos endpoint where authenticated attackers can crash the Node.js server process by sending malformed requests lacking the required req.body.arg parameter. The vulnerability exploits improper destructuring without validation, causing an unhandled TypeError that bypasses Express middleware and triggers process.exit(1), resulting in complete service unavailability. No evidence of active exploitation in the wild or public POC has been identified at this time.

Node.js Denial Of Service AI / ML Librechat
CVE-2026-31919 MEDIUM CVSS 4.3
Advanced Coupons for WooCommerce Coupons through version 4.7.1 contains an authorization bypass vulnerability that allows authenticated users to access restricted functionality by exploiting misconfigured access controls. An attacker with valid WordPress credentials could leverage this vulnerability to view or modify coupon data they are not authorized to access. No patch is currently available for this vulnerability.

WordPress Authentication Bypass Advanced Coupons For Woocommerce Coupons
CVE-2026-31918 MEDIUM CVSS 6.5
A Stored Cross-Site Scripting (XSS) vulnerability exists in immonex Kickstart through version 1.13.0, allowing authenticated attackers to inject malicious scripts that persist in the application and execute in the browsers of other users who view the affected content. An attacker with login credentials can craft malicious input that bypasses input sanitization during web page generation, resulting in arbitrary JavaScript execution with access to session cookies, user data, and the ability to perform actions on behalf of victims. While no KEV or widespread exploitation data is available for this CVE, the vulnerability is exploitable with low attack complexity and requires only user interaction (UI click), making it a moderate-to-high priority for organizations running immonex Kickstart.

XSS Immonex Kickstart
CVE-2026-31916 MEDIUM CVSS 5.3
Latest Post Shortcode plugin through version 14.2.1 contains an authorization bypass that allows unauthenticated attackers to modify content through improperly configured access controls. The vulnerability affects websites running the vulnerable plugin versions and could enable unauthorized data manipulation without requiring user interaction or authentication. No patch is currently available for this issue.

Authentication Bypass Latest Post Shortcode
CVE-2026-31915 MEDIUM CVSS 5.3
Insufficient authorization controls in Flatsome theme versions 3.19.6 and earlier allow unauthenticated remote attackers to modify data through improperly configured access restrictions. The vulnerability enables unauthorized modifications without requiring user interaction, potentially compromising content integrity across affected websites.

Authentication Bypass Flatsome
CVE-2026-31885 MEDIUM CVSS 6.5
FreeRDP versions prior to 3.24.0 contain an out-of-bounds read vulnerability in MS-ADPCM and IMA-ADPCM audio decoders that allows unauthenticated remote attackers to read sensitive information from process memory. The vulnerability affects all FreeRDP installations using these audio codecs; an attacker can trigger the flaw by providing specially crafted audio data during RDP session establishment, potentially disclosing confidential data such as credentials or session tokens without requiring privileges or interaction beyond basic RDP connection initiation.

Buffer Overflow Information Disclosure Freerdp
CVE-2026-31884 MEDIUM CVSS 6.5
A denial of service vulnerability in FreeRDP (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

Denial Of Service Freerdp
CVE-2026-31883 MEDIUM CVSS 6.5
Size_t integer underflow vulnerability in FreeRDP's IMA-ADPCM and MS-ADPCM audio decoders that triggers a heap buffer overflow write via the RDPSND audio channel. All FreeRDP versions prior to 3.24.0 are affected. An unauthenticated remote attacker can exploit this vulnerability over the network without user interaction to cause information disclosure and data corruption, though not denial of service based on the CVSS impact ratings.

Buffer Overflow Integer Overflow Freerdp
CVE-2026-31864 MEDIUM CVSS 6.8
JumpServer contains a Server-Side Template Injection (SSTI) vulnerability in its Applet and VirtualApp upload functionality that allows authenticated administrators to execute arbitrary code within the JumpServer Core container. The vulnerability affects JumpServer versions vulnerable to unsafe Jinja2 template rendering of user-uploaded YAML manifest files. While requiring high privilege level (Application Applet Management or Virtual Application Management permissions), successful exploitation results in complete container compromise with high confidentiality, integrity, and availability impact.

Ssti RCE Jumpserver
CVE-2026-31798 MEDIUM CVSS 5.0
JumpServer prior to version 4.10.16-lts improperly validates certificates when sending MFA/OTP codes through a Custom SMS API Client, allowing an attacker to intercept SMS verification requests and capture one-time passcodes before they reach the user's phone. This vulnerability affects organizations using JumpServer as a bastion host and operational security audit system, potentially enabling unauthorized authentication bypass. The CVSS score of 5.0 and CWE-295 (Improper Certificate Validation) classification indicate a moderate but exploitable vulnerability requiring user interaction and moderate attack complexity.

Information Disclosure Jumpserver
CVE-2026-30961 MEDIUM CVSS 4.3
A validation bypass in the chunked file upload completion logic for file requests allows attackers to circumvent per-request file size limits by splitting oversized files into smaller chunks that individually pass validation. Attackers with access to a public file request link can sequentially upload chunks to exceed the administrator-configured MaxSize limit, uploading files up to the server's global MaxFileSizeMB threshold. This enables unauthorized storage consumption and potential service disruption through storage exhaustion, though no data exposure or privilege escalation occurs; the vulnerability carries a CVSS score of 4.3 with EPSS and KEV status not currently indicated as critical, suggesting limited real-world exploitation pressure despite straightforward attack mechanics.

Information Disclosure Privilege Escalation
CVE-2026-30955 MEDIUM CVSS 6.5
Denial-of-service vulnerability in Gokapi, a file-sharing server, wherein an authenticated attacker can send unbounded request bodies to an API endpoint without size restrictions, causing out-of-memory (OOM) conditions that crash the service and deny access to all users. The vulnerability requires valid authentication credentials but no special privileges, and is classified as high-severity (CVSS 6.5) due to guaranteed availability impact. Patch availability exists in version 2.2.4 and later.

Denial Of Service
CVE-2026-30943 MEDIUM CVSS 4.1
An insufficient authorization check in a file replace API allows authenticated users with basic list and replace permissions to delete other users' files by abusing the deleteNewFile flag, bypassing the intended delete permission requirement. This affects any system implementing this vulnerable API pattern where permission checks are not properly enforced at the API endpoint level. While the CVSS score of 4.1 is moderate, the vulnerability requires high privilege level (authenticated user with PERM_REPLACE and PERM_LIST) and results in integrity impact through unauthorized file deletion across user boundaries.

Authentication Bypass
CVE-2026-30915 MEDIUM CVSS 4.3
SFTPGo versions before v2.7.1 suffer from improper input validation in dynamic group path handling, where placeholder substitution (e.g., %username%) fails to sanitize relative path traversal sequences. An authenticated attacker with user creation privileges can craft a malicious username containing path traversal components (such as ../) to escape the intended directory structure and access parent directories, achieving unauthorized directory traversal with low to moderate impact on confidentiality and integrity. The vulnerability requires authenticated access and is not listed as actively exploited in known exploit databases, though the fix availability and moderate CVSS score suggest it warrants prompt patching.

Information Disclosure
CVE-2026-30853 MEDIUM CVSS 5.0
Arbitrary file write vulnerability in Calibre's RocketBook input plugin enables attackers to write files to any location accessible by the Calibre process when a user opens or converts a malicious .rb file. The path traversal flaw affects versions prior to 9.5.0 and represents an unpatched instance of the same vulnerability class previously fixed in the PDB reader component. Local attackers can leverage this to corrupt files, modify configuration, or potentially achieve code execution depending on file system permissions.

Path Traversal Calibre
CVE-2026-29775 MEDIUM CVSS 5.3
FreeRDP versions prior to 3.24.0 contain a client-side heap out-of-bounds read/write vulnerability in the bitmap cache subsystem caused by an off-by-one boundary check error. A malicious RDP server can exploit this by sending a specially crafted CACHE_BITMAP_ORDER (Rev1) packet with cacheId equal to maxCells, allowing access to memory one element past the allocated array boundary. This vulnerability affects FreeRDP clients connecting to untrusted or compromised servers and could lead to information disclosure or denial of service, though the CVSS score of 5.3 and lack of confidentiality impact suggest limited real-world severity.

Memory Corruption Buffer Overflow Freerdp
CVE-2026-29774 MEDIUM CVSS 5.3
A client-side heap buffer overflow vulnerability exists in FreeRDP's AVC420/AVC444 YUV-to-RGB color space conversion code due to missing horizontal bounds validation of H.264 metablock region coordinates. FreeRDP versions prior to 3.24.0 are affected, allowing a malicious RDP server to trigger out-of-bounds memory writes via specially crafted WIRE_TO_SURFACE_PDU_1 packets with oversized regionRects left coordinates, resulting in denial of service through heap corruption. The vulnerability requires no user interaction or authentication and has a CVSS score of 5.3 with EPSS risk classification indicating moderate exploitation likelihood; no public exploit code is known to exist at this time.

Buffer Overflow Memory Corruption Freerdp
CVE-2026-24097 MEDIUM CVSS 4.3
Checkmk contains an improper permission enforcement vulnerability in the agent-receiver/register_existing endpoint that allows authenticated users to enumerate existing hosts by observing differential HTTP response codes, enabling information disclosure. This affects Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and the end-of-life 2.2.0 branch. While not currently listed as actively exploited in known vulnerability catalogs, the low CVSS score of 5.3 reflects limited confidentiality impact and the requirement for prior authentication, though the straightforward nature of the enumeration technique presents moderate real-world risk.

Information Disclosure Checkmk
CVE-2026-23943 MEDIUM CVSS 6.9
A remote code execution vulnerability (CVSS 6.9) that allows denial of service. Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Microsoft Denial Of Service Ssh Suse
CVE-2026-23942 MEDIUM CVSS 5.3
The Erlang OTP ssh_sftpd module contains a path traversal vulnerability in the is_within_root/2 function that uses string prefix matching instead of proper path component validation to verify if accessed paths are within the configured root directory. An authenticated SFTP user can exploit this to access sibling directories sharing a common name prefix with the root directory (for example, if root is /home/user1, accessing /home/user10 or /home/user1_backup would succeed when it should fail). This vulnerability affects OTP versions 17.0 through 28.4.1 with corresponding SSH versions 3.0.1 through 5.5.1, with no confirmed active exploitation in the wild (KEV status not indicated as actively exploited) but with a moderate CVSS score of 5.3 reflecting the requirement for prior authentication.

Path Traversal Suse
CVE-2026-22216 MEDIUM CVSS 6.5
Medium severity vulnerability in wpDiscuz (WordPress plugin). wpDiscuz before 7.6.47 contains a missing rate limiting vulnerability that allows unauthenticated attackers to subscribe arbitrary email addresses to post notifications by sending POST requests to the wpdAddSubscription handler in class.WpdiscuzHelperAjax.php. Attackers can exploit LIKE wildcard characters in the subscription query to match multiple email addresses and generate unwanted notific...

PHP Information Disclosure Wpdiscuz
CVE-2026-22215 MEDIUM CVSS 4.3
wpDiscuz before version 7.6.47 contains a cross-site request forgery (CSRF) vulnerability in the getFollowsPage() function that allows unauthenticated attackers to trigger unauthorized actions on behalf of legitimate users without valid nonce validation. An attacker can exploit this by crafting malicious requests to enumerate user follow relationships and manipulate follow data, potentially exposing private social graph information and allowing unauthorized modifications to user follow lists. While the CVSS score of 4.3 indicates low to moderate severity with limited direct impact, the vulnerability requires user interaction (UI:R) but has network-accessible attack surface with no authentication requirement, making it practically exploitable in targeted phishing campaigns.

CSRF Wpdiscuz
CVE-2026-22210 MEDIUM CVSS 4.4
wpDiscuz before version 7.6.47 contains a stored cross-site scripting (XSS) vulnerability in the WpdiscuzHelperUpload class that fails to properly escape attachment URLs when rendering HTML output. Attackers with limited privileges (contributor level or higher) can inject malicious JavaScript through crafted attachment records or WordPress filter hooks, which executes in the browsers of any WordPress user viewing the affected comments. This vulnerability requires user interaction (victim must view the comment) and has moderate real-world impact due to the authentication requirement and user interaction factor, though successful exploitation could lead to session hijacking or credential theft from comment viewers.

XSS WordPress Wpdiscuz
CVE-2026-22209 MEDIUM CVSS 5.1
Medium severity vulnerability in wpDiscuz (WordPress plugin). wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability in the customCss field that allows administrators to inject malicious scripts by breaking out of style tags. Attackers with admin access can inject payloads like </style><script>alert(1)</script> in the custom CSS setting to execute arbitrary JavaScript in user browsers.

XSS
CVE-2026-22203 MEDIUM CVSS 4.9
wpDiscuz before version 7.6.47 contains an information disclosure vulnerability where the plugin's JSON export functionality inadvertently exposes OAuth secrets and social login credentials in plaintext. Administrators performing routine plugin option exports or backups unknowingly create files containing sensitive API secrets (Facebook App Secret, Google Client Secret, Twitter App Secret, and others) that can be discovered by attackers in support tickets, backup repositories, or version control systems. An attacker with network access can obtain these exported files to compromise social login integrations and gain unauthorized access to connected third-party services.

Information Disclosure Wpdiscuz
CVE-2026-22201 MEDIUM CVSS 5.3
wpDiscuz before version 7.6.47 contains an IP spoofing vulnerability in the getIP() function that allows unauthenticated attackers to spoof their IP address by manipulating HTTP headers (HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR). This enables circumvention of IP-based rate limiting and ban enforcement mechanisms, allowing attackers to bypass security controls that rely on IP-based detection. The vulnerability has a CVSS score of 5.3 with low attack complexity and no authentication required, making it easily exploitable in network environments.

Authentication Bypass Wpdiscuz
CVE-2026-22199 MEDIUM CVSS 5.3
wpDiscuz before version 7.6.47 contains a vote manipulation vulnerability that allows unauthenticated attackers to artificially inflate or deflate comment votes through nonce bypass and rate limit evasion techniques. Attackers can obtain fresh nonces from the unauthenticated wpdGetNonce endpoint, rotate User-Agent headers to reset rate limits, and manipulate votes using IP rotation or reverse proxy header injection. While the CVSS score is moderate at 5.3, the vulnerability has low attack complexity and requires no privileges or user interaction, making it readily exploitable in practice.

Authentication Bypass Wpdiscuz
CVE-2026-22192 MEDIUM CVSS 6.1
Medium severity vulnerability in wpDiscuz (WordPress plugin). wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by importing a crafted options file with unescaped customCss field values. Attackers can supply a malicious JSON import file containing script payloads in the customCss parameter that execute on every page when rendered through the options handler withou...

XSS Wpdiscuz
CVE-2026-22191 MEDIUM CVSS 6.5
Medium severity vulnerability in wpDiscuz (WordPress plugin). wpDiscuz before 7.6.47 contains a shortcode injection vulnerability that allows attackers to execute arbitrary shortcodes by including them in comment content sent via email notifications. Attackers can inject shortcodes like [contact-form-7] or [user_meta] in comments, which are executed server-side when the WpdiscuzHelperEmail class processes notifications through do_shortcode() before wp_mai...

Code Injection RCE
CVE-2026-22183 MEDIUM CVSS 6.1
Medium severity vulnerability in wpDiscuz (WordPress plugin). wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability in the inline comment preview functionality that allows authenticated users to inject malicious scripts by submitting comments with unescaped content. Attackers with unfiltered_html capabilities can inject JavaScript directly through comment content rendered in the AJAX response from the getLastInlineComments() function...

PHP XSS Wpdiscuz
CVE-2026-4105 MEDIUM CVSS 6.7
High severity vulnerability in systemd. A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This al...

Authentication Bypass Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 7 Red Hat Openshift Container Platform 4 Red Hat Enterprise Linux 8
CVE-2026-4063 MEDIUM CVSS 4.3
The Social Icons Widget & Block by WPZOOM plugin for WordPress contains a missing capability check vulnerability in the add_menu_item() method that allows authenticated users with Subscriber-level access or higher to create and publish wpzoom-sharing configuration posts without administrator verification. This results in unauthorized injection of social sharing buttons into all post content on the frontend, effectively modifying site content through an integrity attack. With a CVSS score of 4.3 and low attack complexity, this vulnerability represents a moderate integrity risk in multiuser WordPress environments where subscriber accounts exist.

WordPress Authentication Bypass
CVE-2026-3986 MEDIUM CVSS 6.4
Medium severity vulnerability in WordPress plugin. The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form settings in all versions up to, and including, 5.4.5.0. This is due to insufficient capability checks on the form settings save handler and insufficient input sanitization of the `fcontent` field in `fhtml` field types. This makes it possible for authenticated attackers, with Contributor-le...

XSS WordPress Calculated Fields Form
CVE-2026-3562 MEDIUM CVSS 6.3
CVE-2026-3562 is an authentication bypass vulnerability in Philips Hue Bridge's HAP (HomeKit Accessory Protocol) implementation, specifically within the ed25519_sign_open function that fails to properly verify Ed25519 cryptographic signatures. Network-adjacent attackers can exploit this flaw without authentication to execute arbitrary code on affected Hue Bridge installations. The CVSS score of 6.3 reflects moderate severity with local network access requirements, though the authentication bypass nature elevates real-world risk for smart home environments.

Authentication Bypass RCE Hue Bridge
CVE-2026-2888 MEDIUM CVSS 5.3
The Formidable Forms WordPress plugin versions up to 6.28 contain an authorization bypass vulnerability in the Stripe payment integration that allows unauthenticated attackers to manipulate PaymentIntent amounts before payment completion. An attacker can exploit the publicly exposed nonce in the `frm_strp_amount` AJAX handler to overwrite POST data and recalculate dynamic pricing fields, enabling payment of reduced amounts for goods or services. While the CVSS score is moderate at 5.3, the vulnerability has direct financial impact on e-commerce deployments and poses a meaningful risk to sites using dynamic pricing with Formidable Forms and Stripe.

Authentication Bypass WordPress CSRF
CVE-2026-2879 MEDIUM CVSS 5.4
The GetGenie plugin for WordPress contains an Insecure Direct Object Reference (IDOR) vulnerability in its REST API endpoint that allows authenticated attackers with Author-level privileges to arbitrarily modify or overwrite posts owned by any user, including administrators. The vulnerability exists in versions up to and including 4.3.2 due to missing validation on user-controlled post IDs before calling wp_update_post(), enabling attackers to change post types and reassign authorship. While not currently listed in CISA's Known Exploited Vulnerabilities catalog, the low attack complexity (network-based, low privilege requirement) and demonstrated proof-of-concept availability make this a moderate-priority issue for WordPress administrators managing multi-author sites.

WordPress Authentication Bypass
CVE-2026-2859 MEDIUM CVSS 4.3
Checkmk contains an improper permission enforcement vulnerability in the deploy_agent endpoint that allows unauthenticated users to enumerate existing hosts by analyzing differential HTTP response codes, resulting in information disclosure. The vulnerability affects Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and end-of-life version 2.2.0, with a CVSS score of 6.3 indicating moderate severity. An attacker with network access can passively discover the infrastructure topology without authentication, though no known active exploitation or public POC has been confirmed at this time.

Information Disclosure Checkmk
CVE-2026-2491 MEDIUM CVSS 6.3
Socomec DIRIS A-40 power monitoring devices contain an authentication bypass vulnerability in their HTTP API that allows network-adjacent attackers to gain unauthorized access without credentials. The vulnerability affects all versions of the DIRIS A-40 product due to lack of authentication enforcement on the web API listening on TCP port 80, enabling attackers to read sensitive data, modify configurations, and potentially disrupt power monitoring operations. This is a moderate-severity flaw (CVSS 6.3) with low attack complexity that poses real risk in industrial/operational technology environments where these devices are deployed.

Authentication Bypass Diris A 40
CVE-2026-2257 MEDIUM CVSS 6.4
Medium severity vulnerability in WordPress plugin. The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.2 due to missing validation on a user controlled key in the `action` function. This makes it possible for authenticated attackers, with Author-level access and above, to update post metadata for arbitrary posts. Combined with a lack of input sanitization, this leads to S...

XSS Authentication Bypass WordPress
CVE-2026-1704 MEDIUM CVSS 4.3
An Insecure Direct Object Reference (IDOR) vulnerability exists in the Appointment Booking Calendar - Simply Schedule Appointments plugin for WordPress versions up to 1.6.9.29, allowing authenticated users with the ssa_manage_appointments capability to access appointment records belonging to other staff members without authorization. Attackers can exploit the get_item_permissions_check method to enumerate and view sensitive customer personally identifiable information by manipulating appointment ID parameters. The vulnerability has a CVSS score of 4.3 with low attack complexity and requires only low-level authentication, making it a practical concern for multi-staff WordPress installations.

WordPress Authentication Bypass
CVE-2026-0977 MEDIUM CVSS 5.1
IBM CICS Transaction Gateway for Multiplatforms versions 9.3 and 10.1 contain an improper access control vulnerability (CWE-284) that allows local users to transfer or view files without authentication or authorization checks. An attacker with local system access can exploit this flaw to read sensitive data or modify files, resulting in confidentiality and integrity compromise with a CVSS base score of 5.1. This vulnerability affects a critical middleware component used in enterprise transaction processing environments.

IBM Authentication Bypass
CVE-2026-0835 MEDIUM CVSS 5.4
This is a stored or reflected cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway that allows authenticated users to inject arbitrary JavaScript code into the Web UI, potentially compromising credentials and session integrity. The vulnerability affects versions 6.1.0.0 through 6.2.2.0 across multiple release lines. While the CVSS score of 5.4 is moderate and exploitation requires authenticated access, the ability to alter UI functionality and exfiltrate credentials within a trusted session poses a real insider threat risk.

XSS IBM
CVE-2026-0385 MEDIUM CVSS 5.0
Microsoft Edge (Chromium-based) for Android contains a spoofing vulnerability that allows attackers to manipulate the presentation of content or identity through a network-based attack requiring user interaction. The vulnerability affects Microsoft Edge on Android devices and has a CVSS score of 5.0, indicating moderate severity with low impact on confidentiality, integrity, and availability. While the CVSS vector indicates User Interaction is Required and Attack Complexity is High, the vulnerability is not currently listed as actively exploited in known vulnerability databases, though the Reliability Rating of Confirmed suggests vendor verification.

Microsoft Google Authentication Bypass
CVE-2025-66249 MEDIUM CVSS 6.3
Apache Livy versions 0.3.0 through 0.8.x contain a path traversal vulnerability (CWE-22) that allows authenticated attackers to bypass directory restrictions and access files outside intended whitelist boundaries. The vulnerability only manifests when the 'livy.file.local-dir-whitelist' configuration parameter is set to a non-default value, enabling attackers with valid credentials to read, write, or execute arbitrary files on the server. With a CVSS score of 6.3 (moderate severity) reflecting the requirement for authenticated access and limited impact scope, this vulnerability warrants prioritization for organizations using Livy in multi-tenant or untrusted user environments.

Path Traversal Apache Apache Livy
CVE-2025-60012 MEDIUM CVSS 6.3
Apache Livy versions 0.7.0 and 0.8.0 contain an improper input validation vulnerability (CWE-20) that allows authenticated users to bypass file access controls by injecting malicious Spark configuration values when connecting to Apache Spark 3.1 or later. An attacker with access to Livy's REST or JDBC interface can craft requests with arbitrary Spark configuration parameters to gain unauthorized access to files they do not have permissions to read or modify. This vulnerability is of moderate severity (CVSS 6.3) but requires valid authentication and is fixed in version 0.9.0 and later.

Apache Authentication Bypass AI / ML Apache Livy
CVE-2025-57849 MEDIUM CVSS 6.4
Medium severity vulnerability in systemd. A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the a...

Privilege Escalation Red Hat Fuse 7 Redhat
CVE-2025-36368 MEDIUM CVSS 6.5
SQL injection vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway that allows authenticated administrative users to execute arbitrary SQL commands against the backend database. An attacker with admin privileges can view, add, modify, or delete sensitive database information. While requiring high privileges (PR:H), the vulnerability has a CVSS score of 6.5 (Medium) due to high impact on confidentiality and integrity; no active exploitation in the wild or public POC has been reported at this time.

IBM SQLi
CVE-2025-15515 MEDIUM CVSS 6.9
The EasyShare module contains an authentication bypass vulnerability in a specific feature that allows data leakage when certain conditions are met on a local network. The vulnerability affects users of products implementing the EasyShare module and requires user interaction to exploit, but can result in high-impact confidentiality breach. While the CVSS score of 6.9 indicates medium-high severity, the attack vector is limited to adjacent networks (AV:A) and requires user participation (UI:P), suggesting real-world exploitation may be less prevalent than the numeric score implies.

Authentication Bypass Information Disclosure Easyshare
CVE-2025-14504 MEDIUM CVSS 5.4
This is a stored cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway that allows authenticated users to inject arbitrary JavaScript into the Web UI, potentially compromising session security and enabling credential theft. The vulnerability affects versions 6.1.0.0 through 6.2.2.0 across multiple minor version ranges, and while not yet listed as actively exploited in known vulnerability databases, the authentication requirement and UI-based attack surface present a moderate real-world risk for enterprises running these B2B integration platforms.

XSS IBM
CVE-2025-14483 MEDIUM CVSS 4.3
IBM Sterling B2B Integrator and IBM Sterling File Gateway contain an information disclosure vulnerability (CWE-201) that allows authenticated users to obtain sensitive host information through application responses, which could facilitate further attacks against the system. The vulnerability affects versions 6.1.0.0 through 6.2.2.0 across multiple minor version branches, with a CVSS score of 4.3 indicating low severity but meaningful confidentiality impact. While the CVSS score is moderate, the requirement for authentication and lack of active exploitation reporting (KEV status unknown) suggest this is a lower-priority vulnerability compared to unauthenticated remote code execution issues, though it remains a valid security concern requiring patching.

Information Disclosure IBM
CVE-2025-13778 MEDIUM CVSS 6.5
Missing authentication vulnerability in ABB AWIN GW100 rev.2 and GW120 gateway devices that allows unauthenticated attackers on the local network to trigger a denial-of-service condition. Affected versions include AWIN GW100 rev.2 (2.0-0, 2.0-1) and AWIN GW120 (1.2-0, 1.2-1). While the CVSS score of 6.5 indicates medium severity, the local attack vector (AV:A) and lack of user interaction requirement suggest this is exploitable by any adjacent network attacker without authentication.

Abb Authentication Bypass Awin Gw100 Rev.2 Awin Gw120
CVE-2025-13726 MEDIUM CVSS 5.3
IBM Sterling Partner Engagement Manager versions 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 contain an information disclosure vulnerability where detailed technical error messages are returned to remote attackers without authentication, exposing sensitive system information that can be leveraged for reconnaissance and follow-up attacks. With a CVSS score of 5.3 and low attack complexity requiring no privileges, this vulnerability poses a moderate risk as an information gathering vector in multi-stage attack campaigns, though direct exploitation impact is limited to confidentiality.

Information Disclosure IBM Sterling Partner Engagement Manager
CVE-2025-13723 MEDIUM CVSS 5.3
IBM Sterling Partner Engagement Manager versions 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 contain an authentication bypass vulnerability that allows unauthenticated attackers to extract sensitive user information by leveraging expired access tokens over the network without requiring special privileges or user interaction. The vulnerability has a CVSS score of 5.3 with low attack complexity, meaning exploitation is straightforward and requires no special conditions, though the impact is limited to confidentiality breaches with no integrity or availability compromise.

Information Disclosure IBM Sterling Partner Engagement Manager
CVE-2025-13702 MEDIUM CVSS 6.1
IBM Sterling Partner Engagement Manager versions 6.2.3.0-6.2.3.5 and 6.2.4.0-6.2.4.2 contain a stored or reflected cross-site scripting (XSS) vulnerability in the Web UI that allows authenticated users to inject arbitrary JavaScript code. An attacker with valid credentials can alter application functionality and potentially exfiltrate sensitive data (including credentials) from trusted user sessions. A patch is available from IBM; exploitation requires user interaction (UI:R) but no elevated privileges.

XSS IBM Sterling Partner Engagement Manager
CVE-2025-13460 MEDIUM CVSS 5.3
IBM Aspera Console versions 3.3.0 through 3.4.8 contain a username enumeration vulnerability caused by observable response discrepancies in authentication mechanisms. An unauthenticated remote attacker can exploit this to enumerate valid usernames through response analysis, enabling reconnaissance for subsequent targeted attacks. With a CVSS score of 5.3 and low attack complexity, this is a low-to-moderate severity information disclosure issue suitable for standard patch management cycles rather than emergency response.

IBM Information Disclosure Aspera Console
CVE-2025-13212 MEDIUM CVSS 5.3
IBM Aspera Console versions 3.3.0 through 3.4.8 contain an improper rate-limiting vulnerability in the email service that allows authenticated users to trigger a denial of service condition. An attacker with valid credentials can abuse the email functionality by sending requests at excessive frequencies, exhausting service resources and rendering the email feature unavailable to legitimate users. This vulnerability requires authentication and does not provide confidentiality or integrity impact, resulting in a moderate CVSS score of 5.3.

Denial Of Service IBM Aspera Console
CVE-2025-12455 MEDIUM CVSS 5.1
An observable response discrepancy vulnerability in OpenText Vertica's management console allows attackers to perform password brute-force attacks by analyzing differences in application responses. This affects Vertica versions 10.0 through 10.X, 11.0 through 11.X, and 12.0 through 12.X. The vulnerability requires network access and user interaction but enables attackers to systematically guess passwords against valid user accounts without account lockout protection differentiating failed attempts.

Information Disclosure Vertica
CVE-2025-12454 MEDIUM CVSS 5.1
This vulnerability is a Reflected Cross-Site Scripting (XSS) flaw in OpenText Vertica's management console that fails to properly neutralize user input during web page generation. The issue affects Vertica versions 10.0 through 25.1.x across multiple major version branches, allowing attackers to inject malicious scripts that execute in users' browsers. With a CVSS score of 5.1 (medium severity) and a network attack vector requiring only user interaction, this vulnerability poses a moderate but exploitable risk to Vertica deployments, particularly those exposing the management console to untrusted networks.

XSS Vertica
CVE-2025-12453 MEDIUM CVSS 5.1
A Reflected Cross-Site Scripting (XSS) vulnerability exists in OpenText Vertica's management console application due to improper input neutralization during web page generation (CWE-79). The vulnerability affects Vertica versions 10.0 through 25.3.X, allowing attackers to inject malicious scripts that execute in users' browsers when they click attacker-controlled links. With a CVSS v4.0 score of 5.1 and network-based attack vector requiring user interaction, this represents a moderate risk with limited direct technical impact but potential for credential theft or session hijacking.

XSS Vertica
CVE-2025-8766 MEDIUM CVSS 6.4
Medium severity vulnerability in systemd. A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd f...

Privilege Escalation Red Hat Openshift Data Foundation 4 Redhat
CVE-2023-40693 MEDIUM CVSS 5.4
This is a Stored or Reflected Cross-Site Scripting (XSS) vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway that allows authenticated users to inject arbitrary JavaScript code into the Web UI. An attacker with valid credentials can craft malicious payloads that execute in the context of other users' sessions, potentially leading to credential theft, session hijacking, or unauthorized actions within a trusted environment. With a CVSS score of 5.4 and requiring low attack complexity plus user interaction (clicking a malicious link), this vulnerability poses a moderate risk primarily in environments where user trust is high and credentials are valuable.

XSS IBM
CVE-2026-32772 LOW CVSS 3.4
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.

Information Disclosure
CVE-2026-32732 None
Lean 4 VS Code Extension is a Visual Studio Code extension for the Lean 4 proof assistant. Projects that use @leanprover/unicode-input-component are vulnerable to an XSS exploit in 0.1.9 of the package and lower. The component re-inserted text in the input element back into the input element as unescaped HTML. The issue has been resolved in 0.2.0.

XSS
CVE-2026-32717 LOW CVSS 2.7
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting.

Authentication Bypass
CVE-2026-32715 LOW CVSS 3.8
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting.

Authentication Bypass
CVE-2026-32462 None
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Master Addons for Elementor master-addons allows DOM-Based XSS.This issue affects Master Addons for Elementor: from n/a through <= 2.1.3.

XSS
CVE-2026-32445 LOW CVSS 2.7
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.35.5.

Authentication Bypass
CVE-2026-31897 NONE
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdp_bitmap_decompress_planar when SrcSize is 0. The function dereferences *srcp (which points to pSrcData) without first verifying that SrcSize >= 1. When SrcSize is 0 and pSrcData is non-NULL, this reads one byte past the end of the source buffer. This vulnerability is fixed in 3.24.0.

Buffer Overflow Information Disclosure
CVE-2026-29776 LOW CVSS 3.1
FreeRDP is a free implementation of the Remote Desktop Protocol.

Integer Overflow Information Disclosure
CVE-2026-22204 LOW CVSS 3.7
wpDiscuz before 7.6.47 contains an email header injection vulnerability that allows attackers to manipulate mail recipients by injecting malicious data into the comment_author_email cookie.

Code Injection
CVE-2025-14811 LOW CVSS 3.1
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in...

Information Disclosure IBM
CVE-2025-13718 LOW CVSS 3.7
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.

Information Disclosure IBM
CVE-2025-13459 LOW CVSS 2.7
IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow.

Denial Of Service IBM
CVE-2025-13337 None
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure

Today's Vulnerabilities Vulnerabilities