THREAT ALERT

ACT NOW CVE-2026-3910 8.8 Chrome's V8 JavaScript engine contains an inappropriate implementation (CVE-2026-3910, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox via crafted HTML pages. KEV-listed with public PoC, this V8 vulnerability affects all Chromium-based browsers and enables drive-by exploitation through any web page containing malicious JavaScript. | ACT NOW CVE-2026-3909 8.8 Google Chrome's Skia graphics library contains an out-of-bounds write (CVE-2026-3909, CVSS 8.8) enabling remote attackers to perform memory corruption through crafted HTML pages. KEV-listed with public PoC and patches available, this vulnerability in the core graphics rendering engine affects all Chromium-based browsers. | ACT NOW CVE-2025-14558 7.2 The rtsol(8) and rtsold(8) programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf(8) unmodified. resolvconf(8) is a shell script which does not validate its input. [CVSS 7.2 HIGH] | EMERGENCY CVE-2026-20131 10.0 Cisco Secure Firewall Management Center (FMC) contains a critical unauthenticated Java deserialization vulnerability (CVE-2026-20131, CVSS 10.0) in its web interface that enables remote code execution as root. KEV-listed with public PoC, this vulnerability allows complete compromise of the central management platform that controls all Cisco firewalls in the organization, enabling attackers to modify security policies, disable protections, and access all network traffic. | EMERGENCY CVE-2026-27971 9.8 RCE in Qwik JavaScript framework <= 1.19.0 via unsafe deserialization in server$ Runtime. EPSS 13.4% with PoC available. | ACT NOW CVE-2026-21385 7.8 A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memory allocation, enabling local privilege escalation to kernel level. KEV-listed and patched, this vulnerability affects Qualcomm-based mobile devices and embedded systems, potentially impacting billions of Android devices globally. | ACT NOW CVE-2026-22719 8.1 VMware Aria Operations contains a command injection vulnerability (CVE-2026-22719, CVSS 8.1) that allows unauthenticated remote attackers to execute arbitrary commands during support-assisted product migration. KEV-listed with patches available, this vulnerability targets the infrastructure monitoring platform that has visibility into the entire virtualized environment. | EMERGENCY CVE-2026-20127 10.0 Cisco Catalyst SD-WAN Controller and Manager contain a critical authentication bypass (CVE-2026-20127, CVSS 10.0) in the peering authentication mechanism that allows unauthenticated remote attackers to obtain full administrative privileges. The vulnerability exists because peering authentication does not properly validate credentials, enabling any attacker with network access to take over the SD-WAN management plane and control the entire WAN fabric. | EMERGENCY CVE-2026-27180 9.8 MajorDoMo home automation platform is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin() method without authentication due to improper use of gr() (which reads from $_REQUEST), allowing attackers to redirect update URLs and push malicious code packages. | EMERGENCY CVE-2026-27175 9.8 Unauthenticated OS command injection in MajorDoMo via rc/index.php. EPSS 41.7% — the $param variable is passed unsanitized to shell commands. PoC available. | EMERGENCY CVE-2026-27174 9.8 MajorDoMo home automation platform allows unauthenticated remote code execution through the admin panel's PHP console. An include order bug in panel.class.php causes execution to continue past a redirect() call that lacks an exit statement, allowing unauthenticated requests to reach the PHP code execution functionality in inc_panel_ajax.php. | ACT NOW CVE-2026-22769 10.0 Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) that allow unauthenticated remote attackers with knowledge of the credentials to gain root-level access to the underlying operating system. KEV-listed, this vulnerability exposes disaster recovery infrastructure to complete compromise, potentially affecting the integrity of backup and replication data. | ACT NOW CVE-2026-2441 8.8 Google Chrome's CSS engine contains a use-after-free vulnerability (CVE-2026-2441, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox through crafted HTML pages. KEV-listed with public PoC, this vulnerability enables drive-by exploitation when users visit malicious or compromised websites. | ACT NOW CVE-2026-25108 8.8 FileZen contains an OS command injection vulnerability (CVE-2026-25108, CVSS 8.8) that allows authenticated users to execute arbitrary commands when the Antivirus Check Option is enabled. KEV-listed with EPSS 18.6%, this vulnerability in the Japanese file-sharing appliance has been actively exploited in campaigns targeting organizations in Japan and Asia-Pacific. |

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — March 15, 2026

63 CVEs tracked today. 8 Critical, 24 High, 24 Medium, 7 Low.

CVE-2026-4184 CRITICAL CVSS 9.8
Critical stack-based buffer overflow vulnerability in the D-Link DIR-816 router (version 1.10CNB05) that allows remote attackers to execute arbitrary code without authentication. A public proof-of-concept exploit is available on GitHub, making this vulnerability actively exploitable. However, D-Link no longer supports this product, meaning no patch will be released.

Buffer Overflow D-Link Stack Overflow Dir 816
CVE-2026-4183 CRITICAL CVSS 9.8
Critical stack-based buffer overflow vulnerability in D-Link DIR-816 router firmware version 1.10CNB05, affecting the wireless configuration interface (/goform/form2WlanBasicSetup.cgi). A publicly available proof-of-concept exploit exists, allowing remote attackers without authentication to achieve complete system compromise. The vulnerability affects end-of-life products no longer supported by D-Link, making patches unlikely.

Buffer Overflow D-Link Stack Overflow Dir 816
CVE-2026-4182 CRITICAL CVSS 9.8
Critical stack-based buffer overflow vulnerability in the D-Link DIR-816 router (version 1.10CNB05) that allows remote attackers to achieve full system compromise without authentication. A public proof-of-concept exploit is available on GitHub, and the vulnerability affects end-of-life products no longer supported by D-Link, making this a high-risk issue for organizations still using these devices.

Buffer Overflow D-Link Stack Overflow Dir 816
CVE-2026-4170 CRITICAL CVSS 9.8
Critical OS command injection vulnerability in Topsec TopACM 3.0's web management interface that allows unauthenticated remote attackers to execute arbitrary system commands. A public proof-of-concept exploit is available, and the vulnerability has a CVSS score of 9.8, though no active exploitation has been confirmed in CISA's KEV catalog. The vendor has not responded to disclosure attempts, leaving systems unpatched.

Command Injection PHP Topacm
CVE-2026-4164 CRITICAL CVSS 9.8
Critical command injection vulnerability in Wavlink WL-WN578W2 wireless routers (firmware version 221110) that allows unauthenticated remote attackers to execute arbitrary commands via specially crafted POST requests to multiple functions in the wireless.cgi script. A public proof-of-concept exploit is available on GitHub, and the vendor has released a patch, making this a high-priority issue for immediate remediation despite no current KEV listing.

Command Injection Wl Wn578w2
CVE-2016-20030 CRITICAL CVSS 9.8
User enumeration vulnerability in ZKTeco ZKBioSecurity 3.0 that allows unauthenticated attackers to discover valid usernames through partial character submissions to the authentication endpoint. A public proof-of-concept exploit is available, making this vulnerability actively exploitable, though it has a notably high CVSS score of 9.8 that appears inflated given the actual impact is limited to information disclosure.

Information Disclosure Zkteco Zkbiosecurity
CVE-2016-20026 CRITICAL CVSS 9.8
Critical hardcoded credentials vulnerability in ZKTeco ZKBioSecurity 3.0's bundled Apache Tomcat server that allows unauthenticated remote attackers to upload malicious WAR files and execute arbitrary code with SYSTEM privileges. Multiple public exploits are available (Exploit-DB, Packet Storm), making this a high-risk vulnerability for organizations using this biometric security management software.

RCE Tomcat Apache Authentication Bypass Zkteco Zkbiosecurity
CVE-2016-20024 CRITICAL CVSS 9.8
Critical insecure file permissions vulnerability in ZKTeco ZKTime.Net 3.0.1.6 that allows unprivileged local users to gain elevated privileges by replacing executable files in the world-writable application directory. Multiple public proof-of-concept exploits are available on Exploit-DB and PacketStorm, making this vulnerability easily exploitable despite requiring local access. While not listed in CISA KEV and lacking current EPSS data, the availability of working exploits and the simplicity of the attack make this a significant risk for organizations using this time and attendance software.

Privilege Escalation Zkteco Zktime.Net
CVE-2026-28521 HIGH CVSS 7.7
CVE-2026-28521 is an out-of-bounds memory read vulnerability in the TuyaIoT component of arduino-TuyaOpen library versions prior to 1.2.1, affecting IoT devices using Tuya's cloud platform. An attacker who compromises or controls the Tuya cloud service can send malformed DP (data point) events to trigger memory disclosure or denial-of-service conditions. While rated CVSS 7.7, the exploitation requires local access according to the vector, creating some contradiction with the cloud-based attack scenario described.

Information Disclosure Buffer Overflow Arduino Tuyaopen
CVE-2026-28520 HIGH CVSS 8.4
Single-byte buffer overflow vulnerability in the WiFiMulti component of arduino-TuyaOpen (versions before 1.2.1) that allows remote code execution when IoT devices connect to attacker-controlled WiFi access points. This affects Tuya's Arduino library used in smart home devices, with a CVSS score of 8.4, though the local attack vector (AV:L) suggests physical proximity is required despite the remote exploitation capability described.

RCE Buffer Overflow Arduino Tuyaopen
CVE-2026-28519 HIGH CVSS 8.8
Heap-based buffer overflow vulnerability in the DnsServer component of Tuya's arduino-TuyaOpen library (versions before 1.2.1) that allows attackers on the same LAN to execute arbitrary code on IoT/embedded devices by sending malicious DNS responses. With a CVSS score of 8.8 and tags indicating RCE capability, this represents a significant risk for connected embedded devices, though no active exploitation (not in KEV) or public PoC has been identified.

Heap Overflow RCE Buffer Overflow Arduino Tuyaopen
CVE-2026-4191 HIGH CVSS 7.3
A critical unrestricted file upload vulnerability exists in the Profile Picture Handler component of JawherKl's node-api-postgres library (versions up to 2.5), where improper validation in the path.extname function of index.js allows attackers to upload malicious files remotely without authentication. A proof-of-concept exploit is publicly available, making this vulnerability actively exploitable, though it is not currently listed in CISA's KEV catalog and no EPSS score is provided.

File Upload PostgreSQL Node Api Postgres
CVE-2026-4190 HIGH CVSS 7.3
SQL injection in the User.getAll function of node-api-postgres up to version 2.5 allows remote attackers to manipulate the sort parameter and execute arbitrary SQL commands. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification. Affected deployments using PostgreSQL with the vulnerable Node.js API library face risks of unauthorized data access, modification, and potential service disruption.

SQLi PostgreSQL Node Api Postgres
CVE-2026-4188 HIGH CVSS 8.8
Remote code execution in D-Link DIR-619L 2.06B01 results from a stack-based buffer overflow in the formSchedule function when the curTime parameter is manipulated via the /goform/formSchedule endpoint. An authenticated remote attacker can exploit this vulnerability to achieve full system compromise, and public exploit code is currently available. This vulnerability affects only end-of-life devices that no longer receive security updates.

Buffer Overflow D-Link Stack Overflow Dir 619l
CVE-2026-4181 HIGH CVSS 8.9
Critical stack-based buffer overflow vulnerability in the D-Link DIR-816 router (firmware version 1.10CNB05) that allows remote attackers to execute arbitrary code without authentication. A public proof-of-concept exploit is available, and the vulnerability affects end-of-life products no longer supported by D-Link, making this a high-risk issue for organizations still using these devices.

Buffer Overflow D-Link Stack Overflow
CVE-2026-4180 HIGH CVSS 7.3
CVE-2026-4180 is an authentication bypass vulnerability in the D-Link DIR-816 router (version 1.10CNB05) affecting the redirect.asp file in the goahead component, allowing remote attackers to gain unauthorized access without authentication. A public proof-of-concept exploit is available and the affected product is no longer supported by D-Link, making this vulnerability permanently unpatched.

Authentication Bypass D-Link Dir 816
CVE-2026-4172 HIGH CVSS 7.2
Stack-based buffer overflow vulnerability in TRENDnet TEW-632BRP firmware version 1.010B32, specifically in the ping_response.cgi file's HTTP POST request handler. An authenticated attacker with high privileges can exploit this vulnerability remotely to achieve code execution with high impact to confidentiality, integrity, and availability. A public proof-of-concept exploit is available on GitHub, though the vulnerability is not listed in CISA KEV and no EPSS score is provided.

Buffer Overflow Stack Overflow Tew 632brp
CVE-2026-4167 HIGH CVSS 8.8
Remote code execution via stack-based buffer overflow in Belkin F9K1122 router firmware allows authenticated attackers to achieve complete system compromise through the /goform/formReboot endpoint. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The high CVSS score of 8.8 reflects the severity of unauthenticated remote exploitation potential in networked deployments.

Buffer Overflow Stack Overflow F9k1122
CVE-2026-1947 HIGH CVSS 7.5
CVE-2026-1947 is an Insecure Direct Object Reference vulnerability in NEX-Forms WordPress plugin (versions ≤9.1.9) that allows unauthenticated remote attackers to overwrite arbitrary form entries without any authentication. The vulnerability has a CVSS score of 7.5 and while not currently in KEV or having public POCs, it represents a significant data integrity risk for WordPress sites using this forms plugin.

WordPress Authentication Bypass
CVE-2025-14287 HIGH CVSS 7.5
Command injection vulnerability in MLflow versions before v3.7.0 that allows attackers to execute arbitrary commands by injecting malicious input through the --container parameter when deploying models to SageMaker. The vulnerability affects MLflow installations in development environments, CI/CD pipelines, and cloud deployments, with a CVSS score of 7.5 indicating high severity. No active exploitation or KEV listing is reported, and no EPSS data is available to assess real-world exploitation likelihood.

Command Injection RCE Code Injection AI / ML Redhat
CVE-2017-20220 HIGH CVSS 7.5
An improper access control vulnerability in Serviio PRO 1.8's Configuration REST API allows unauthenticated remote attackers to change the mediabrowser login password without any authentication. Multiple public proof-of-concept exploits are available on Exploit-DB and PacketStorm, making this vulnerability trivially exploitable. The vulnerability affects Serviio PRO versions 1.6.1 through 1.8.0.0 PRO and represents a complete authentication bypass allowing full account takeover.

Authentication Bypass Serviio Pro
CVE-2017-20218 HIGH CVSS 7.8
Serviio PRO 1.8 and earlier versions contain an unquoted service path vulnerability combined with insecure directory permissions that allows local authenticated users to escalate privileges to SYSTEM level. A public exploit is available, making this vulnerability easily exploitable by any authenticated user on the system. With a CVSS score of 7.8 and multiple proof-of-concept exploits published, this represents a significant risk for organizations running affected versions.

Privilege Escalation RCE Microsoft Serviio Pro Windows
CVE-2017-20217 HIGH CVSS 7.5
An information disclosure vulnerability in Serviio PRO 1.8 and earlier versions allows unauthenticated remote attackers to retrieve sensitive configuration data through the Configuration REST API due to missing authentication controls. Multiple public exploits are available, with proof-of-concept code published on Exploit-DB and PacketStorm, making this vulnerability easily exploitable by attackers with no special privileges or user interaction required.

Information Disclosure Authentication Bypass Serviio Pro
CVE-2016-20034 HIGH CVSS 8.8
A privilege escalation vulnerability in Wowza Streaming Engine 4.5.0 allows authenticated read-only users to elevate their privileges to administrator level by manipulating POST parameters (accessLevel='admin', advUser='true'/'on') sent to the user edit endpoint. A public exploit is available on exploit-db, though the vulnerability has not been added to CISA's KEV catalog, suggesting limited real-world exploitation despite the high CVSS score of 8.8.

Privilege Escalation CSRF Wowza Streaming Engine
CVE-2016-20033 HIGH CVSS 7.8
Wowza Streaming Engine 4.5.0 contains a local privilege escalation vulnerability where authenticated users can gain SYSTEM-level access by replacing service executables due to overly permissive file permissions that grant the Everyone group full control. A public proof-of-concept exploit is available, making this vulnerability easily exploitable by any authenticated local user to completely compromise the system.

Privilege Escalation Authentication Bypass Wowza Streaming Engine
CVE-2016-20032 HIGH CVSS 7.2
Stored cross-site scripting (XSS) vulnerability in ZKTeco ZKAccess Security System 5.3.1 that allows remote attackers to inject malicious scripts via the 'holiday_name' and 'memo' POST parameters without authentication. Multiple public proof-of-concept exploits are available, making this vulnerability actively exploitable in unpatched systems.

XSS Zkteco Zkaccess Security System
CVE-2016-20025 HIGH CVSS 8.8
Privilege escalation vulnerability in ZKTeco ZKAccess Professional 3.5.3 (Build 0005) where authenticated users can modify executable files due to insecure permissions, allowing them to replace binaries with malicious code and gain elevated privileges. Multiple public exploits are available (exploit-db, PacketStorm) making this a high-risk vulnerability for organizations using this access control software, despite no current KEV listing or EPSS data.

Privilege Escalation Path Traversal Information Disclosure Zkteco Zkaccess Professional
CVE-2015-20121 HIGH CVSS 8.2
SQL injection vulnerabilities in RealtyScript 4.0.2 allow unauthenticated remote attackers to manipulate database queries through vulnerable parameters in admin panel files (/admin/users.php and /admin/mailer.php). Attackers can extract sensitive database information using time-based blind SQL injection or cause denial of service. A public proof-of-concept exploit is available on Exploit-DB, though the vulnerability is not currently in CISA's KEV catalog.

Denial Of Service SQLi PHP Realtyscripts
CVE-2015-20120 HIGH CVSS 8.2
Multiple time-based blind SQL injection vulnerabilities in RealtyScript 4.0.2 allow unauthenticated remote attackers to extract database information by injecting malicious SQL queries with time-delay payloads. Attackers can infer database contents character by character based on response timing differences. A public proof-of-concept exploit is available on Exploit-DB, significantly increasing the risk of exploitation.

SQLi Realtyscript
CVE-2015-20118 HIGH CVSS 7.2
A stored cross-site scripting (XSS) vulnerability exists in RealtyScript 4.0.2's admin locations interface, allowing unauthenticated attackers to inject malicious JavaScript through the location_name parameter. Successful exploitation enables arbitrary code execution in administrator browsers when they view compromised location entries. A public proof-of-concept exploit is available on Exploit-DB, though no active exploitation has been reported (not in CISA KEV).

RCE PHP XSS Realtyscript
CVE-2015-20115 HIGH CVSS 7.2
Stored cross-site scripting (XSS) vulnerability in Next Click Ventures RealtyScript 4.0.2 that allows attackers to upload malicious JavaScript files through unsanitized file uploads in admin/tools.php. With a publicly available proof-of-concept exploit and a CVSS score of 7.2, attackers can execute JavaScript in the context of other users' browsers without authentication, though the vulnerability is not listed in CISA KEV and has no EPSS score indicating limited real-world exploitation.

PHP XSS Realtyscript
CVE-2013-20006 HIGH CVSS 7.5
Persistent cross-site scripting (XSS) vulnerability affecting Qool CMS 2.0, allowing unauthenticated attackers to inject malicious JavaScript through multiple administrative POST parameters that execute in administrator browsers. A public proof-of-concept exploit is available on Exploit-DB, though no active exploitation is reported (not in KEV), and the CVSS score appears inflated given the actual attack requirements.

XSS Qool Cms
CVE-2026-28522 MEDIUM CVSS 6.5
Arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in its WiFiUDP component that allows unauthenticated attackers on the same local network to trigger a denial-of-service condition by flooding the device with malicious UDP packets. The vulnerability causes memory exhaustion leading to application crashes; while not actively exploited in the wild (KEV status unknown from provided data), the local network attack vector and high availability impact (CVSS 6.5) warrant prompt patching for affected IoT deployments.

Denial Of Service Null Pointer Dereference Arduino Tuyaopen
CVE-2026-4192 MEDIUM CVSS 6.3
Remote command injection in Quip MCP Server 1.0.0 allows authenticated attackers to execute arbitrary system commands through the setupToolHandlers function in src/index.ts. Public exploit code exists for this vulnerability, and the developers have not yet released a patch despite early notification. The attack requires valid credentials but can be performed over the network with no user interaction needed.

Command Injection Quip Mcp Server
CVE-2026-4189 MEDIUM CVSS 4.7
SQL injection in phpIPAM versions up to 1.7.4 allows authenticated administrators to manipulate the subnetOrdering parameter in the Section Handler component, enabling remote database compromise. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

SQLi PHP Phpipam
CVE-2026-4187 MEDIUM CVSS 5.3
Tiandy Easy7 Integrated Management Platform 7.17.0 contains an authentication bypass in the Device Identifier Handler component that allows unauthenticated remote attackers to manipulate username and password parameters via the /WebService/UpdateLocalDevInfo.jsp endpoint. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor.

Authentication Bypass Easy7 Integrated Management Platform
CVE-2026-4185 MEDIUM CVSS 6.3
Stack-based buffer overflow vulnerability in GPAC's MP4Box component, specifically in the swf_def_bits_jpeg function of src/scene_manager/swf_parse.c, affecting versions up to 2.5-DEV-rev2167. An authenticated attacker can exploit this remotely by manipulating the szName argument to cause a stack overflow, resulting in information disclosure, data modification, or denial of service. A public proof-of-concept exists, and a vendor patch is available; exploitation requires valid credentials (CVSS 6.3 with authenticated access requirement).

Stack Overflow Buffer Overflow Gpac
CVE-2026-4173 MEDIUM CVSS 6.3
CodePhiliaX Chat2DB versions up to 0.3.7 contain a SQL injection vulnerability in the Database Export Handler component (DMDBManage.java) affecting multiple export functions. An authenticated attacker with low privileges can remotely exploit this vulnerability to execute arbitrary SQL commands, potentially compromising data confidentiality, integrity, and availability. A public proof-of-concept exploit is available, and the vendor has not responded to early disclosure attempts.

SQLi Java Chat2db
CVE-2026-4171 MEDIUM CVSS 6.3
CVE-2026-4171 is an authorization bypass vulnerability in CodeGenieApp serverless-express affecting versions up to 4.17.1, where manipulation of the userId parameter in the API Endpoint component allows authenticated attackers to access or modify resources belonging to other users. A public proof-of-concept exploit exists, the vendor has not responded to early disclosure, and the vulnerability carries a CVSS score of 6.3 with exploitation rated as Probable (EPSS indicator); while not currently in CISA KEV, the combination of public POC availability and low attack complexity represents moderate real-world risk.

Authentication Bypass Serverless Express
CVE-2026-3442 MEDIUM CVSS 6.1
Heap-based buffer overflow (out-of-bounds read) in GNU Binutils' BFD linker component that affects RHEL 6, 7, 8, and 10, as well as multiple Debian and Ubuntu releases. An attacker can exploit this vulnerability by distributing a malicious XCOFF object file, which when processed by a user, may disclose sensitive information from process memory or crash the application. While the CVSS score of 6.1 indicates medium severity with user interaction required, the vulnerability impacts widely-deployed enterprise Linux distributions across Red Hat, Debian, and Ubuntu ecosystems.

Denial Of Service Buffer Overflow Information Disclosure
CVE-2026-3441 MEDIUM CVSS 6.1
A buffer overflow vulnerability in A flaw (CVSS 6.1) that allows an attacker. Remediation should follow standard vulnerability management procedures.

Denial Of Service Buffer Overflow Information Disclosure
CVE-2026-2233 MEDIUM CVSS 5.3
Unauthenticated attackers can modify arbitrary WordPress posts through the User Frontend plugin (versions up to 4.2.8) due to missing authorization checks in the draft_post() function, allowing them to unpublish or alter post content. The vulnerability affects all installations of the affected plugin versions without requiring authentication or user interaction. No patch is currently available.

WordPress Authentication Bypass AI / ML User Frontend
CVE-2026-1883 MEDIUM CVSS 4.3
An Insecure Direct Object Reference (IDOR) vulnerability exists in the Wicked Folders plugin for WordPress (versions up to 4.1.0) within the delete_folders() function, allowing authenticated attackers with Contributor-level privileges to delete arbitrary folders created by other users due to missing validation on user-controlled folder identifiers. The vulnerability has a CVSS score of 4.3 (low-to-moderate severity) with a network attack vector requiring low privilege access and no user interaction. While the CVSS rating is moderate, the practical impact is data loss affecting legitimate users' organizational structures.

WordPress Authentication Bypass
CVE-2017-20219 MEDIUM CVSS 6.1
A DOM-based cross-site scripting (XSS) vulnerability exists in Serviio PRO's mediabrowser component that allows unauthenticated remote attackers to execute arbitrary JavaScript code in a user's browser context. The vulnerability affects multiple versions of Serviio PRO (1.6.1 through 1.8.0.0) and exploits unsafe handling of URL parameters passed from document.location to document.write(). Publicly available proof-of-concept exploits exist, making this a moderate-to-high priority vulnerability despite the CVSS 6.1 score.

XSS Serviio Pro
CVE-2016-20036 MEDIUM CVSS 6.1
Wowza Streaming Engine 4.5.0 contains multiple reflected cross-site scripting (XSS) vulnerabilities in the enginemanager interface where user-supplied input through parameters (appName, vhost, uiAppType, wowzaCloudDestinationType) is not properly sanitized before being returned to users. An attacker can inject malicious JavaScript to execute arbitrary code in a victim's browser session, potentially compromising administrator credentials or session tokens. A public proof-of-concept exploit exists, increasing real-world exploitation risk.

XSS Wowza Streaming Engine
CVE-2016-20035 MEDIUM CVSS 5.3
Wowza Streaming Engine version 4.5.0 is vulnerable to cross-site request forgery (CSRF) that allows unauthenticated attackers to perform administrative actions without user interaction. An attacker can craft a malicious webpage that, when visited by a logged-in administrator, automatically submits POST requests to create new administrative accounts with attacker-controlled credentials, effectively granting the attacker full administrative access to the streaming infrastructure. This vulnerability carries a CVSS score of 5.3 (medium severity) but represents significant real-world risk due to the simplicity of exploitation and the high-impact outcome of account creation.

CSRF Wowza Streaming Engine
CVE-2016-20031 MEDIUM CVSS 5.5
ZKTeco ZKBioSecurity 3.0 contains a local authentication bypass vulnerability in visLogin.jsp that allows low-privileged attackers to authenticate without valid credentials by spoofing IPv6 loopback addresses and leveraging hardcoded credentials. An authenticated local attacker can access sensitive information and perform unauthorized actions; public exploits are available (Packet Storm Security, Exploit-DB), indicating moderate real-world risk despite the 5.5 CVSS score reflecting local-only attack vector.

Authentication Bypass Zkteco Zkbiosecurity
CVE-2016-20029 MEDIUM CVSS 6.2
ZKTeco ZKBioSecurity 3.0 contains a local file path manipulation vulnerability (CWE-276) that allows unauthenticated attackers to bypass access controls and read arbitrary files including configuration files, source code, and application resources. A publicly available proof-of-concept exists, and the vulnerability has moderate real-world risk due to its local attack vector requirement but high confidentiality impact on sensitive biometric system data.

Privilege Escalation Zkteco Zkbiosecurity
CVE-2016-20028 MEDIUM CVSS 4.3
ZKTeco ZKBioSecurity 3.0 contains a cross-site request forgery (CSRF) vulnerability that allows authenticated attackers to perform unauthorized administrative actions, specifically adding superadmin accounts without proper validation. An attacker can craft malicious HTTP requests that, when visited by a logged-in administrator, silently create new superadmin credentials, effectively granting the attacker persistent unauthorized administrative access. This vulnerability requires user interaction (a logged-in admin must visit an attacker-controlled page) but does not require elevated privileges to trigger, presenting a moderate but real risk to organizations using this biometric access control system.

CSRF Zkteco Zkbiosecurity
CVE-2016-20027 MEDIUM CVSS 6.1
Reflected cross-site scripting (XSS) vulnerability in ZKTeco ZKBioSecurity 3.0 that allows unauthenticated attackers to execute arbitrary HTML and JavaScript code in a victim's browser session through malicious URLs containing unsanitized parameters. The vulnerability affects all versions of ZKBioSecurity 3.0 across the product line, and publicly available exploits exist (confirmed via PacketStorm Security), making it a moderate-risk vulnerability (CVSS 6.1) with demonstrated real-world exploitation potential.

XSS Zkteco Zkbiosecurity
CVE-2015-20119 MEDIUM CVSS 6.4
RealtyScript 4.0.2 contains a stored cross-site scripting (XSS) vulnerability in the pages.php admin interface that allows authenticated attackers to inject malicious HTML and iframe elements through the text parameter. Attackers can craft POST requests to store malicious content that executes in the browsers of users viewing affected pages. A public proof-of-concept exploit exists (Exploit-DB 38496), making this vulnerability actively exploitable by authenticated threat actors.

PHP XSS Realtyscript
CVE-2015-20117 MEDIUM CVSS 5.3
RealtyScript 4.0.2 contains a cross-site request forgery (CSRF) vulnerability in its user management endpoints that allows unauthenticated attackers to create arbitrary user accounts and escalate privileges to SUPERUSER level without authentication. The vulnerability affects the /admin/addusers.php and /admin/editadmins.php endpoints, which process hidden form data without CSRF token validation. An attacker can craft malicious web pages or emails containing hidden forms that, when visited by an authenticated administrator, silently create new administrative accounts under the attacker's control, leading to complete system compromise.

CSRF PHP Realtyscript
CVE-2015-20116 MEDIUM CVSS 6.1
Stored cross-site scripting (XSS) vulnerability in Next Click Ventures RealtyScript 4.0.2 that allows unauthenticated attackers to inject malicious scripts through unsanitized CSV file upload filenames. When users process or view uploaded files, arbitrary JavaScript executes in their browsers with the ability to steal session cookies, modify page content, and perform actions on behalf of the victim. A public proof-of-concept exploit exists (Exploit-DB #38496), though no evidence of active KEV exploitation has been documented; the moderate CVSS score (6.1) reflects the requirement for user interaction to trigger the vulnerability.

XSS Realtyscript
CVE-2015-20114 MEDIUM CVSS 6.1
A cross-site scripting vulnerability in Next Click Ventures RealtyScript 4.0.2 (CVSS 6.1) that allows attackers. Risk factors: public PoC available.

XSS Realtyscript
CVE-2015-20113 MEDIUM CVSS 5.3
RealtyScript 4.0.2 by Next Click Ventures contains both cross-site request forgery (CSRF) and persistent cross-site scripting (XSS) vulnerabilities that allow unauthenticated attackers to perform unauthorized administrative actions and inject malicious scripts into the application. An attacker can craft malicious web pages that trick authenticated users into performing unintended administrative actions, or inject persistent scripts that execute in the application context for all users. With a CVSS score of 5.3 and a network-based attack vector requiring no privileges or user interaction beyond initial application access, this represents a moderate integrity risk to affected deployments.

XSS CSRF Realtyscript
CVE-2013-20005 MEDIUM CVSS 5.3
Qool CMS 2.0 RC2 is vulnerable to cross-site request forgery (CSRF) that allows unauthenticated attackers to perform administrative actions on behalf of authenticated users. An attacker can craft malicious web pages that, when visited by a logged-in administrator, silently forge POST requests to the /admin/adduser endpoint to create root-level user accounts, resulting in unauthorized administrative access. The CVSS 5.3 score reflects moderate integrity impact with network attack vector and no privilege requirement, though the vulnerability requires user interaction (visiting a malicious page) to be exploited.

CSRF XSS Qool Cms
CVE-2026-4186 LOW CVSS 3.5
A vulnerability was determined in UEditor up to 1.4.3.2.

PHP XSS
CVE-2026-4175 LOW CVSS 3.5
A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2.

PHP XSS
CVE-2026-4174 LOW CVSS 3.3
A vulnerability has been found in Radare2 5.9.9.

Denial Of Service
CVE-2026-4169 LOW CVSS 2.4
A security flaw has been discovered in Tecnick TCExam up to 16.6.0.

XSS PHP
CVE-2026-4168 LOW CVSS 2.4
A vulnerability was identified in Tecnick TCExam 16.5.0.

XSS PHP
CVE-2026-4166 LOW CVSS 3.5
A vulnerability was found in Wavlink WL-NU516U1 240425.

XSS
CVE-2026-4165 LOW CVSS 2.4
A vulnerability has been found in Worksuite HR, CRM and Project Management up to 5.5.25.

XSS

Today's Vulnerabilities Vulnerabilities