Skip to main content
CVE-2026-33057 CRITICAL POC PATCH Act Now

An unauthenticated remote code execution vulnerability exists in the mesop Python package's debugging Flask server endpoint (/exec-py) that accepts and executes arbitrary base64-encoded Python code without any authentication or validation. The vulnerability affects the mesop pip package, with a publicly disclosed proof-of-concept demonstrating trivial exploitation requiring only a single HTTP POST request. With a CVSS score of 9.8 (Critical) and detailed PoC availability, this represents an immediately exploitable vulnerability for any exposed instance.

Command Injection Python RCE Code Injection
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-25873 CRITICAL POC PATCH Act Now

Remote code execution in the Beijing Academy of Artificial Intelligence (BAAI) OmniGen2-RL reward server lets unauthenticated attackers run arbitrary OS commands by POSTing a malicious pickle payload to the exposed HTTP endpoint. The reward_server.py and reward_proxy.py components call pickle.loads() directly on raw, attacker-controlled request bodies, so any network-reachable instance can be fully compromised. Publicly available exploit code exists (chocapikk.com write-up) and a vendor patch (PR #139) is available, though EPSS remains low at 0.13% and there is no public exploit identified as actively exploited.

RCE Deserialization Omnigen2 Rl
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-33186 CRITICAL POC PATCH Act Now

An authorization bypass vulnerability in gRPC-Go allows attackers to circumvent path-based access control by sending HTTP/2 requests with malformed :path pseudo-headers that omit the mandatory leading slash (e.g., 'Service/Method' instead of '/Service/Method'). This affects gRPC-Go servers using path-based authorization interceptors like google.golang.org/grpc/authz with deny rules for canonical paths but fallback allow rules. The vulnerability has a CVSS score of 9.1 (Critical) with network-based exploitation requiring no privileges or user interaction, enabling attackers to access restricted services and potentially exfiltrate or modify sensitive data.

Canonical Nginx Google Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-26740 HIGH POC PATCH This Week

Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when processing Graphic Control Extension blocks, enabling remote attackers to trigger denial of service conditions. Public exploit code exists for this vulnerability, though no patch is currently available. The flaw affects any application using the vulnerable giflib version to process GIF files from untrusted sources.

Buffer Overflow Denial Of Service Memory Corruption N A
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-30345 HIGH POC This Week

A zip slip vulnerability exists in CTFd v3.8.1-18-gdb5a18c4's Admin import functionality, allowing attackers to write arbitrary files outside intended directories by supplying a crafted import file. This path traversal vulnerability affects the CTFd Capture-The-Flag platform and can lead to information disclosure and potential remote code execution depending on file placement. A proof-of-concept exploit has been published on GitHub (syphonetic/CVE-2026-30345), and patch information is available in the CTFd v3.8.2 release blog post.

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-27135 HIGH POC PATCH This Week

nghttp2 before version 1.68.1 fails to properly validate internal state when session termination APIs are invoked, allowing an attacker to send a malformed frame that triggers an assertion failure and crashes the application. This denial of service vulnerability affects applications using the nghttp2 HTTP/2 library and can be triggered remotely without authentication or user interaction. No patch is currently available to remediate this issue.

Denial Of Service Nghttp2
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33054 CRITICAL PATCH Act Now

A path traversal vulnerability in A Path Traversal vulnerability (CVSS 10.0). Critical severity with potential for significant impact on affected systems.

Microsoft Path Traversal Denial Of Service Python Windows
NVD GitHub VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-32731 CRITICAL PATCH Act Now

Path traversal in ApostropheCMS import-export module allows authenticated users with content modification permissions to write files outside the intended export directory via malicious archive entries containing directory traversal sequences. An attacker with editor-level access can exploit this vulnerability to overwrite arbitrary files on the system with CVSS 9.9 critical severity. No patch is currently available for this vulnerability affecting Node.js environments.

Path Traversal Node.js CSRF Denial Of Service Google +3
NVD GitHub VulDB
CVSS 3.1
9.9
EPSS
0.1%
CVE-2025-15363 MEDIUM POC PATCH This Month

The Get Use APIs WordPress plugin before version 2.0.10 contains a Cross-Site Scripting (XSS) vulnerability that arises from unsanitized execution of imported JSON data. This vulnerability allows attackers with contributor-level privileges (a low-level WordPress role) to inject and execute malicious scripts under certain server configurations, potentially compromising site integrity and user data. A public proof-of-concept exploit is available via WPScan, and the vulnerability has been documented in multiple intelligence sources (WPScan, VulDB, and EUVD-2025-208813), indicating active awareness in the security community.

WordPress XSS
NVD WPScan VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-30703 CRITICAL Act Now

Unauthenticated remote code execution in WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) via command injection in the adm.cgi sysCMD parameter allows attackers to achieve complete system compromise without authentication or user interaction. The vulnerability stems from insufficient input validation on the web management interface and currently lacks a vendor patch.

Command Injection
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-25449 CRITICAL PATCH Act Now

A critical PHP object injection vulnerability exists in the Shinetheme Traveler WordPress theme due to insecure deserialization of untrusted data. This affects all versions prior to 3.2.8.1 and allows unauthenticated remote attackers to execute arbitrary code, compromise data confidentiality and integrity, and cause denial of service. The vulnerability has been publicly disclosed through Patchstack's database, though no active exploitation (KEV listing) or EPSS score data is currently available.

Deserialization Traveler
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-30702 CRITICAL Act Now

This vulnerability implements a broken authentication mechanism in the WiFi Extender WDR201A (hardware version 2.1, firmware LFMZX28040922V1.02) web management interface, allowing attackers to bypass login controls through forced browsing of restricted endpoints without valid session validation. An attacker can directly access administrative functions and sensitive configuration pages by circumventing the authentication layer entirely. A proof-of-concept and detailed technical analysis have been published by security researchers, indicating this is a practical, demonstrable vulnerability affecting consumer-grade networking equipment with no official CVSS scoring yet assigned.

Authentication Bypass
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-29859 CRITICAL Act Now

aaPanel v7.57.0 contains an arbitrary file upload vulnerability that allows unauthenticated or low-privileged attackers to upload malicious files and achieve remote code execution on affected systems. The vulnerability exists in the file upload functionality of the web-based server management panel, enabling attackers to bypass file type validation and execute arbitrary code with the privileges of the aaPanel process. While no CVSS score or EPSS probability is available in current sources, the Remote Code Execution impact combined with file upload attack vectors suggests critical severity; exploitation feasibility is indicated by the existence of public vulnerability research repositories.

XSS RCE File Upload
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-67829 CRITICAL Act Now

A SQL injection vulnerability exists in the beanFeed.cfc component of Mura CMS, specifically in the getQuery function's sortDirection parameter, affecting versions prior to 10.1.14. An attacker can inject arbitrary SQL commands through the sortDirection parameter to read, modify, or delete database contents without requiring authentication. The vulnerability is classified as SQL injection (SQLi) and patches are available in version 10.1.14 and later.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-67830 CRITICAL Act Now

A SQL injection vulnerability exists in the beanFeed.cfc component of Mura CMS before version 10.1.14, specifically in the getQuery function's sortby parameter. An attacker can inject arbitrary SQL commands through the sortby parameter to extract, modify, or delete database contents. The vulnerability affects Mura CMS installations running versions prior to 10.1.14.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-33211 CRITICAL PATCH Act Now

The Tekton Pipelines git resolver contains a path traversal vulnerability allowing authenticated tenants to read arbitrary files from the resolver pod's filesystem via the pathInRepo parameter. Affected products include github.com/tektoncd/pipeline versions 1.0.0 through 1.10.0 across multiple release branches. The vulnerability enables credential exfiltration and privilege escalation from namespace-scoped access to cluster-wide secret reading capabilities. A proof-of-concept was provided by the vulnerability reporter Oleh Konko.

Path Traversal Privilege Escalation Kubernetes
NVD GitHub VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-30884 CRITICAL PATCH Act Now

Cross-course privilege escalation in Moodle Mod Customcert allows authenticated teachers with certificate management rights in any course to read and modify certificate data across the entire Moodle installation due to missing context validation in the editelement callback and save_element web service. An attacker with mod/customcert:manage permissions in a single course can exploit this to disclose sensitive certificate information from other courses or tamper with their certificate elements. Versions 4.4.9 and 5.0.3 patch the vulnerability, but no patch is currently available for affected versions.

Information Disclosure Authentication Bypass Moodle Mod Customcert
NVD GitHub VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2025-15031 CRITICAL PATCH Act Now

MLflow, a popular open-source machine learning lifecycle platform, contains a path traversal vulnerability in its pyfunc extraction process that allows arbitrary file writes. The vulnerability stems from unsafe use of tarfile.extractall without proper path validation, enabling attackers to craft malicious tar.gz files with directory traversal sequences or absolute paths to write files outside the intended extraction directory. This poses critical risk in multi-tenant environments and can lead to remote code execution, with a CVSS score of 8.1 and confirmed exploit details available via Huntr.

RCE Path Traversal Mlflow Mlflow
NVD VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-32698 CRITICAL PATCH Act Now

OpenProject, a web-based project management platform, contains a critical SQL injection vulnerability in versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1. When custom fields are used in Cost Reports, insufficient input sanitization allows attackers with administrator privileges to execute arbitrary SQL commands. This vulnerability can be chained with a path traversal issue in the Repositories module to achieve remote code execution by injecting malicious Ruby code into the application. No current KEV listing or public POC is documented in available sources.

SQLi Openproject
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-30701 CRITICAL Act Now

A WiFi Extender model WDR201A (hardware version 2.1, firmware LFMZX28040922V1.02) contains hardcoded credential disclosure vulnerabilities in its web administration interface through server-side include (SSI) directives embedded in critical pages such as login.shtml and settings.shtml. These directives dynamically retrieve and expose the web administration password from non-volatile memory during runtime, allowing unauthenticated attackers to obtain administrative credentials and gain full control of the device. A proof-of-concept and detailed technical analysis have been publicly disclosed by security researchers, indicating active awareness and potential exploitation in the wild.

Authentication Bypass
NVD VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-33066 CRITICAL PATCH Act Now

SiYuan's Bazaar (community package marketplace) fails to sanitize HTML in package README files during rendering, allowing stored XSS that escalates to remote code execution due to unsafe Electron configuration. An attacker can submit a malicious package with embedded JavaScript in the README that executes with full Node.js access when any user views the package details in the Bazaar. This affects SiYuan versions 3.5.9 and earlier across Windows, macOS, and Linux, with a CVSS score of 9.6 and multiple real-world exploitation vectors including data theft, reverse shells, and persistent backdoors.

Apple Microsoft XSS RCE Information Disclosure +4
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.5%
CVE-2026-33067 CRITICAL PATCH Act Now

SiYuan's Bazaar marketplace fails to sanitize package metadata (displayName, description) before rendering in the Electron desktop application, allowing stored XSS that escalates to arbitrary remote code execution. Any SiYuan user (versions ≤3.5.9) who browses the Bazaar will automatically execute attacker-controlled code with full OS-level privileges when a malicious package card renders-no installation or user interaction required. A functional proof-of-concept exists demonstrating command execution via img onerror handlers, and this vulnerability is actively tracked in GitHub's advisory database (GHSA-mvpm-v6q4-m2pf), making it a critical supply-chain risk to the SiYuan user community.

Command Injection Apple Microsoft XSS RCE +4
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.4%
CVE-2026-32703 CRITICAL PATCH Act Now

OpenProject's Repositories module contains a stored cross-site scripting (XSS) vulnerability that occurs when displaying filenames from repository changesets. Attackers with repository push access can inject malicious HTML code via specially crafted filenames, which executes when project members view affected changesets. This affects OpenProject versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1, with a CVSS score of 9.1 indicating critical severity.

XSS Openproject
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.0%
CVE-2026-27811 HIGH This Week

Roxy-WI versions prior to 8.2.6.3 contain a command injection vulnerability in the configuration comparison endpoint that allows authenticated users to execute arbitrary system commands on the host server. The flaw stems from unsanitized user input being directly embedded into template strings executed by the application. An attacker with valid credentials can exploit this to achieve full system compromise with high impact on confidentiality, integrity, and availability.

Command Injection Apache Nginx
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-33063 HIGH PATCH This Week

The free5GC AUSF authentication service is vulnerable to denial of service through an improper null check in the GetSupiFromSuciSupiMap function, which crashes when processing crafted UE authentication requests that trigger unsafe interface conversion. Remote attackers can exploit this vulnerability to completely disable the AUSF service by sending a specially crafted authentication request containing a nil SuciSupiMap value. A patch is available for affected free5GC v4.0.1 deployments.

Denial Of Service Null Pointer Dereference Suse
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.6%
CVE-2026-1463 HIGH This Week

The NextGEN Gallery plugin for WordPress contains a Local File Inclusion vulnerability in the 'template' parameter of gallery shortcodes, affecting all versions up to and including 4.0.3. Authenticated attackers with Author-level privileges or higher can include and execute arbitrary PHP files on the server, potentially leading to remote code execution, data theft, or complete site compromise. This is a confirmed vulnerability reported by Wordfence with a high CVSS score of 8.8, though no active exploitation (KEV) status has been reported at this time.

WordPress PHP LFI RCE Information Disclosure
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-31963 HIGH PATCH This Week

HTSlib contains a heap buffer overflow vulnerability in its CRAM decoder caused by an out-by-one error when validating feature boundaries. When a user opens a maliciously crafted CRAM file, an attacker can write one controlled byte beyond the end of a heap buffer, potentially causing application crashes, data corruption, or arbitrary code execution. Versions 1.23.1, 1.22.2, and 1.21.1 include fixes, and patches are available via the official GitHub repository.

Buffer Overflow Heap Overflow Denial Of Service RCE Debian +2
NVD GitHub VulDB
CVSS 4.0
8.8
EPSS
0.1%
CVE-2026-31962 HIGH PATCH This Week

HTSlib versions prior to 1.23.1, 1.22.2, and 1.21.1 contain a heap buffer overflow vulnerability in the cram_decode_seq() function when processing CRAM-formatted bioinformatics files with omitted sequence and quality data. An attacker can craft a malicious CRAM file that triggers an out-of-bounds read followed by an attacker-controlled single-byte write to heap memory, potentially enabling arbitrary code execution, data corruption, or denial of service when a user opens the file. No public exploit proof-of-concept has been identified, but the vulnerability is confirmed and patched by the HTSlib project.

Buffer Overflow Heap Overflow Denial Of Service RCE Information Disclosure +3
NVD GitHub VulDB
CVSS 4.0
8.8
EPSS
0.1%
CVE-2026-27894 HIGH PATCH This Week

LDAP Account Manager (LAM), a web-based interface for managing LDAP directory entries, contains a local file inclusion vulnerability in its PDF export functionality that allows authenticated users to include and execute arbitrary PHP files. When chained with GHSA-88hf-2cjm-m9g8, this vulnerability enables complete remote code execution on the affected server. The vulnerability affects all versions prior to 9.5 and requires low-privilege authentication (CVSS 8.8, PR:L), tracking across 7 Ubuntu and 4 Debian releases indicates significant deployment in enterprise LDAP environments.

PHP LFI RCE
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-29056 HIGH PATCH This Week

Kanboard project management software contains a privilege escalation vulnerability in its user invite registration endpoint that allows invited users to inject the 'role=app-admin' parameter during account creation, granting themselves administrator privileges. This affects all Kanboard versions prior to 1.2.51. The vulnerability has documented proof-of-concept exploitation capability (CVSS E:P indicates PoC exists) and carries a CVSS 4.0 score of 7.0 with high integrity impact to both the vulnerable system and subsequent components.

Code Injection Ubuntu Debian Kanboard
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-32693 HIGH PATCH This Week

An authorization bypass vulnerability in Canonical's Juju versions 3.0.0 through 3.6.18 allows authenticated users with grantee privileges to incorrectly update secret content beyond their intended permissions, potentially accessing or modifying other secrets. The vulnerability (CWE-863: Incorrect Authorization) has a CVSS score of 8.8, indicating high severity with network-based exploitation requiring low attack complexity and low privileges. The flaw is particularly dangerous because even when exploitation attempts are logged as errors, the unauthorized secret updates still persist and become visible to both owners and grantees.

Authentication Bypass Debian Juju Suse
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-33053 HIGH PATCH GHSA This Week

An Insecure Direct Object Reference (IDOR) vulnerability exists in the Langflow API key deletion endpoint that allows any authenticated user to delete API keys belonging to other users. The delete_api_key_route() function in langflow version prior to 1.7.2 fails to verify ownership of API keys before deletion, enabling attackers to enumerate and delete arbitrary API keys by manipulating the api_key_id UUID parameter. A patch is available from the vendor as of version 1.7.2, addressing this authentication bypass that could lead to account takeover and denial of service.

Authentication Bypass Denial Of Service
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-22730 HIGH PATCH This Week

A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter component allows authenticated attackers to bypass metadata-based access controls and execute arbitrary SQL commands due to missing input sanitization. VMware Spring AI versions 1.0.x prior to 1.0.4 and 1.1.x prior to 1.1.3 are affected. With a CVSS score of 8.8, this vulnerability enables attackers with low-level privileges to compromise confidentiality, integrity, and availability of the database system through network-based attacks with low complexity.

Java SQLi
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-32321 HIGH PATCH This Week

An authenticated time-based blind SQL injection vulnerability exists in the ClipBucket v5 open source video sharing platform, affecting versions prior to 5.5.3 #80. The vulnerability resides in the actions/ajax.php endpoint where the userid parameter lacks proper input sanitization, allowing authenticated attackers to execute arbitrary SQL queries. This can lead to full database disclosure and potential administrative account takeover with a CVSS score of 8.8.

SQLi PHP Clipbucket V5
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-31968 HIGH PATCH This Week

HTSlib contains a buffer overflow vulnerability in its CRAM format decoder affecting the VARINT and CONST encoding handlers, where incomplete context validation allows writes of up to eight bytes beyond heap allocation boundaries or into stack-allocated single-byte variables. This vulnerability affects HTSlib versions prior to 1.23.1, 1.22.2, and 1.21.1, and impacts any application using the library to process CRAM-formatted bioinformatics data files. An attacker can craft a malicious CRAM file to trigger heap or stack overflow conditions, potentially leading to denial of service, memory corruption, or arbitrary code execution when processed by a vulnerable application.

Buffer Overflow Stack Overflow Heap Overflow Denial Of Service RCE +3
NVD GitHub VulDB
CVSS 4.0
8.8
EPSS
0.0%
CVE-2026-23246 HIGH PATCH This Week

A stack out-of-bounds write vulnerability exists in the Linux kernel's mac80211 WiFi subsystem in the ieee80211_ml_reconfiguration function, where the link_id parameter extracted from the ML Reconfiguration element is not properly bounds-checked before being used as an array index. The vulnerability affects Linux kernel versions across multiple release branches (6.5 through 7.0-rc2), allowing an attacker with network proximity to craft a malicious WiFi frame to trigger a buffer overflow and potentially cause denial of service or code execution. While no CVSS score or EPSS data is currently published, the vulnerability has been assigned EUVD-2026-12809 and patches are available across stable kernel branches.

Linux Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-55040 HIGH This Week

MuraCMS versions through 10.1.10 contain a Cross-Site Request Forgery (CSRF) vulnerability in the cForm.importform function that lacks proper token validation, allowing attackers to deceive authenticated administrators into uploading and installing malicious form definitions. An attacker can craft a malicious webpage that, when visited by an authenticated MuraCMS administrator, automatically generates and submits a forged file upload request containing a ZIP archive with attacker-controlled form definitions. Successful exploitation results in the installation of data-harvesting forms on the target website that can steal sensitive user information collected through legitimate-appearing web forms. No active exploitation in the wild has been documented (KEV status unknown), and no formal CVSS score has been assigned, though the vulnerability requires user interaction (administrator must visit the malicious page) which moderates the overall risk profile.

CSRF File Upload
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-55044 HIGH This Week

A Cross-Site Request Forgery (CSRF) vulnerability exists in the cTrash.restore function of MuraCMS through version 10.1.10, which lacks CSRF token validation. An authenticated administrator can be tricked into restoring deleted content to arbitrary locations within the CMS by visiting a malicious webpage, enabling attackers to resurrect malicious or sensitive content, manipulate website structure, or restore intentionally-removed materials. No CVSS score, EPSS data, or known exploits-in-the-wild confirmation are available at this time, though the vulnerability is documented as requiring user interaction (an admin must visit a crafted page) and authenticated session context.

CSRF
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-33001 HIGH PATCH This Week

Jenkins versions 2.554 and earlier (LTS 2.541.2 and earlier) contain a path traversal vulnerability in their handling of tar and tar.gz archive extraction that fails to safely process symbolic links, allowing attackers to write files to arbitrary filesystem locations. Attackers with Item/Configure permission or control over Jenkins agent processes can exploit this to deploy malicious scripts and plugins on the Jenkins controller, achieving code execution with the privileges of the Jenkins process. The vulnerability is particularly concerning because it affects the core Jenkins application and enables privilege escalation through plugin installation mechanisms.

Information Disclosure Jenkins
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-33062 HIGH PATCH This Week

NRF discovery service denial of service in free5GC v4.0.1 allows remote attackers to crash the service by sending HTTP GET requests with malformed group-id-list parameters that trigger unvalidated array access. The EncodeGroupId function fails to check split data length before accessing specific indices, causing an index out of range panic. A patch is available to address this input validation flaw affecting all deployments using the vulnerable NRF service.

Denial Of Service Authentication Bypass Suse
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-33151 HIGH PATCH This Week

A specially crafted Socket.IO packet can cause the server to allocate unbounded memory by waiting for and buffering a large number of binary attachments, leading to denial of service through memory exhaustion. The vulnerability affects socket.io-parser versions across multiple major releases (v2.x, v3.x, and v4.x) used by Socket.IO server and client implementations. No EPSS score or KEV listing is available, but patches have been released by the vendor.

Information Disclosure Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-33040 HIGH PATCH This Week

The Rust libp2p Gossipsub implementation contains an integer overflow vulnerability that allows remote unauthenticated attackers to crash affected nodes by sending a single crafted PRUNE control message with an extremely large backoff value (e.g., u64::MAX). The vulnerability affects the libp2p-gossipsub Rust crate and enables trivial denial of service against any application exposing a Gossipsub listener. This vulnerability was discovered through responsible disclosure to the Ethereum Foundation bug bounty program by @revofusion, and while no active exploitation (KEV) status is indicated, the attack complexity is extremely low and a detailed proof-of-concept attack scenario has been publicly disclosed in the advisory.

Denial Of Service Integer Overflow
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-33155 HIGH PATCH GHSA This Week

Memory exhaustion in Python's pickle deserialization allows attackers to crash applications by supplying a small malicious payload that forces allocation of gigabytes of memory through unrestricted constructor arguments in whitelisted classes. Applications using `_RestrictedUnpickler` to load untrusted pickle data are vulnerable to denial of service attacks. A patch is available.

Python Denial Of Service Deserialization RCE Red Hat +1
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-33172 HIGH PATCH This Week

A stored cross-site scripting (XSS) vulnerability in Statamic CMS allows authenticated users with asset upload permissions to bypass SVG sanitization during asset reuploads, enabling injection of malicious JavaScript that executes when other users view the compromised asset. The vulnerability affects Statamic CMS versions prior to 5.73.14 and 6.7.0, with patches available in those releases. The CVSS score of 8.7 (High) reflects the changed scope and high confidentiality/integrity impact, though exploitation requires low-privileged authenticated access and user interaction.

XSS
NVD GitHub VulDB
CVSS 3.1
8.7
EPSS
0.0%
CVE-2026-33226 HIGH This Week

Budibase, a low-code platform distributed as a Docker/Kubernetes application, contains a Server-Side Request Forgery (SSRF) vulnerability in its REST datasource query preview endpoint. Authenticated admin users can force the server to make HTTP requests to arbitrary URLs including cloud metadata services, internal networks, and Kubernetes APIs. A detailed proof-of-concept exists demonstrating theft of GCP OAuth2 tokens with cloud-platform scope, CouchDB credential extraction, and internal service enumeration. The CVSS score of 8.7 reflects high confidentiality and integrity impact with changed scope, requiring high privileges but low attack complexity.

Microsoft Redis Google SSRF Docker +1
NVD GitHub VulDB
CVSS 3.1
8.7
EPSS
0.0%
CVE-2026-33191 HIGH PATCH This Week

Null byte injection in the UDM's Nudm_SubscriberDataManagement API allows unauthenticated remote attackers to crash the service by embedding URL-encoded %00 characters in the supi parameter, triggering unhandled parsing errors and denial of service. The vulnerability stems from improper input validation that permits control characters to reach Go's URL parser, which rejects them with a 500 error instead of sanitizing the input upstream. A patch is available.

Denial Of Service Suse
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
0.2%
CVE-2026-32255 HIGH This Week

Kan, an open-source project management tool, contains a Server-Side Request Forgery (SSRF) vulnerability in its unauthenticated /api/download/attatchment endpoint in versions 0.5.4 and below. Attackers can exploit this to make arbitrary HTTP requests from the server to internal services, cloud metadata endpoints (such as AWS EC2 metadata at 169.254.169.254), or private network resources without any authentication. With a CVSS score of 8.6 (High) reflecting network-based attack vector, low complexity, and no privileges required, this poses significant risk for confidentiality breaches in affected deployments.

Nginx SSRF Kan
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
0.1%
CVE-2026-22729 HIGH PATCH This Week

Spring AI's AbstractFilterExpressionConverter fails to properly escape user-controlled input in JSONPath queries, allowing authenticated attackers to inject arbitrary expressions and bypass access controls in vector store implementations. This impacts applications relying on the converter for multi-tenant isolation, role-based access, or metadata-based document filtering, enabling attackers to access unauthorized documents. No patch is currently available.

Java Authentication Bypass
NVD VulDB
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-33166 HIGH PATCH This Week

Path traversal in Allure report generator for Jenkins allows unauthenticated attackers to read arbitrary files from the host system by crafting malicious test result files with specially crafted attachment paths. The vulnerability stems from insufficient path validation when processing attachments during report generation, enabling sensitive files to be included in generated reports. A patch is not currently available.

Jenkins Path Traversal Information Disclosure Java
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-2992 HIGH This Week

The KiviCare clinic management plugin for WordPress contains a critical privilege escalation vulnerability allowing unauthenticated attackers to create new clinics and administrative users through an unprotected REST API endpoint. All versions up to and including 4.1.2 are affected. With a CVSS score of 8.2 and network-based exploitation requiring no authentication, this represents a significant risk to healthcare data confidentiality and system integrity, though no active exploitation (KEV) or public proof-of-concept has been documented at this time.

WordPress Privilege Escalation Authentication Bypass
NVD VulDB
CVSS 3.1
8.2
EPSS
0.0%
Page 1 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy