Skip to main content
CVE-2026-4478 HIGH This Week

The Yi Technology YI Home Camera 2 version 2.1.1_20171024151200 contains a cryptographic signature verification vulnerability in its HTTP firmware update handler, specifically in the home/web/ipc file component. An attacker can exploit this remotely (network-accessible) to bypass firmware integrity checks and potentially install malicious firmware, though the attack complexity is high and exploitation is considered difficult. A public exploit is available, significantly increasing risk despite the high complexity barrier.

Information Disclosure
NVD VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-33243 HIGH This Week

A signature bypass vulnerability exists in the barebox bootloader's FIT (Flattened Image Tree) image verification mechanism. The hashed-nodes property, which lists which FIT nodes were signed, is not itself part of the cryptographic hash, allowing an attacker with high privileges and local access to modify this property and trick the bootloader into loading malicious images that were never signed. This affects barebox versions 2016.03.0 through 2025.09.2 and 2025.10.0 through 2026.03.0, with patches available in versions 2025.09.3 and 2026.03.1.

Information Disclosure Barebox
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-33037 HIGH PATCH This Week

WWBN AVideo open source video platform versions 25.0 and below ship with a hardcoded default administrator password ('password') in official Docker deployment files that is automatically used during installation without any forced change mechanism. Attackers can gain immediate administrative access to unpatched instances, enabling user data exposure, content manipulation, and potential remote code execution via file upload and plugin management features. The issue is compounded by weak MD5 password hashing and similarly insecure default database credentials (avideo/avideo).

RCE Information Disclosure Docker
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-33482 HIGH This Week

Remote code execution in PHP ffmpeg integration allows unauthenticated attackers to execute arbitrary OS commands on standalone encoder servers by bypassing incomplete input sanitization that fails to filter bash command substitution syntax. The vulnerable `sanitizeFFmpegCommand()` function strips common shell metacharacters but permits `$()` notation, which can be injected through crafted encrypted payloads and executed in a double-quoted shell context. No patch is currently available.

RCE PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-33496 HIGH PATCH This Week

Ory Oathkeeper contains a cache key confusion vulnerability in its oauth2_introspection authenticator that allows attackers to bypass authentication by reusing tokens across different introspection servers. Attackers with a valid token for one configured introspection server can exploit the cache mechanism to gain unauthorized access to resources protected by different introspection servers. This vulnerability requires the specific precondition of multiple oauth2_introspection authenticators with caching enabled, and a patch is available from the vendor.

Authentication Bypass Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-22324 HIGH This Week

A PHP Local File Inclusion vulnerability exists in the ThemeREX Melania WordPress theme, allowing remote attackers to include and execute arbitrary local files on the server. All versions up to and including 2.5.0 are affected. The CVSS score of 8.1 indicates high severity with network-based attack vector, though attack complexity is rated as high; there is no evidence of active exploitation (not in KEV) or public proof-of-concept at this time.

PHP Information Disclosure LFI
NVD VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-32808 HIGH PATCH This Week

pyLoad, a free and open-source download manager written in Python, contains a path traversal vulnerability in versions before 0.5.0b3.dev97 that allows arbitrary file deletion outside the extraction directory during password verification of encrypted 7z archives with non-encrypted headers. Attackers can exploit this vulnerability remotely with low complexity, requiring only user interaction, to delete arbitrary files on the system. This is assigned CVE-2026-32808 with a CVSS score of 8.1 (High severity), though no active exploitation (KEV) or public proof-of-concept has been reported at this time.

Path Traversal Python
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-27625 HIGH PATCH This Week

Stirling-PDF, a locally hosted web application for PDF operations, contains a path traversal vulnerability in the /api/v1/convert/markdown/pdf endpoint that allows authenticated users to write arbitrary files outside the intended directory. Versions prior to 2.5.2 are affected, enabling attackers to overwrite writable files with the privileges of the stirlingpdfuser process account, compromising data integrity and potentially availability. The vulnerability has been patched in version 2.5.2, and while CVSS rates it 8.1 (High), authentication is required which reduces immediate risk.

Path Traversal Stirling Pdf
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-33468 HIGH PATCH This Week

Kysely, a TypeScript SQL query builder for Node.js, contains a SQL injection vulnerability in its MySQL dialect due to incomplete string escaping in the DefaultQueryCompiler.sanitizeStringLiteral() method. Applications using kysely (npm package) with MySQL that pass user-controlled input to CreateIndexBuilder.where() or CreateViewBuilder.as() methods are vulnerable to SQL injection attacks that can lead to data exfiltration, modification, or authentication bypass. A proof-of-concept exploit is publicly available demonstrating how backslash-escaped single quotes bypass the sanitization logic when NO_BACKSLASH_ESCAPES is disabled (MySQL default).

SQLi Authentication Bypass
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-33442 HIGH PATCH This Week

SQL injection in PostgreSQL via unsafe backslash handling in Kysely's query compiler allows unauthenticated remote attackers to execute arbitrary SQL commands by injecting backslashes into JSON path string literals that bypass quote escaping. The vulnerability affects systems using the default BACKSLASH_ESCAPES SQL mode, where attackers can break out of sanitized JSON path expressions through specially crafted input. No patch is currently available.

SQLi PostgreSQL
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-32939 HIGH PATCH This Week

DataEase versions 2.10.19 and below contain a locale-dependent validation bypass vulnerability that allows attackers to smuggle dangerous JDBC parameters past security filters. The flaw stems from inconsistent locale handling where DataEase's validation uses the JVM default locale while H2 JDBC always uses English locale, causing Turkish locale environments to misinterpret malicious parameters like 'iNIT' (bypassing blacklist as 'İNIT' while H2 executes it as 'INIT'). This has been confirmed as exploitable in real deployment scenarios and enables authenticated attackers with low privileges to achieve high-impact code execution or data access, though there is no evidence yet of active exploitation or public proof-of-concept.

Java Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-33055 HIGH PATCH This Week

The tar-rs Rust library versions 0.4.44 and below contain a logic flaw where PAX (POSIX.1-2001) size headers are conditionally skipped when the base tar header size is nonzero, causing the library to parse tar archives differently than other standard tar implementations like Go's archive/tar. This discrepancy allows an attacker to craft malicious tar archives that appear different when unpacked by tar-rs versus other parsers, potentially leading to information disclosure or file confusion attacks. The vulnerability affects any application using tar-rs to parse untrusted archives and expecting consistent behavior with other tar parsers, with a moderate CVSS score of 5.1 indicating low attack complexity and network accessibility.

Information Disclosure Memory Corruption Tar Rs
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-32942 HIGH PATCH This Week

PJSIP versions 2.16 and earlier contain a heap use-after-free vulnerability in ICE session handling caused by race conditions between session destruction and callback execution, enabling memory corruption and potential code execution. This flaw affects all systems using vulnerable PJSIP versions for multimedia communication and currently has no available patch. With a CVSS score of 8.1, the vulnerability is remotely exploitable without authentication or user interaction.

Information Disclosure Use After Free Memory Corruption Pjsip
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-33010 HIGH PATCH This Week

A CORS misconfiguration vulnerability in mcp-memory-service allows any malicious website to perform cross-origin requests to the HTTP API. Versions prior to 10.25.1 of mcp-memory-service from doobidoo are affected, particularly when the HTTP server is enabled with anonymous access, allowing attackers to read, modify, and delete all stored memories without authentication. No KEV listing or public exploitation indicators are currently reported, though the vulnerability's simplicity and the availability of a GitHub security advisory suggest proof-of-concept development would be straightforward.

Cors Misconfiguration Information Disclosure
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-33316 HIGH PATCH This Week

Vikunja task management application contains an authentication bypass vulnerability in its password reset logic that allows disabled user accounts to be reactivated without authorization. The ResetPassword() function unconditionally sets user status to 'Active' after password reset completion, enabling disabled users to regain full access by requesting a password reset token and completing the reset process. A working proof-of-concept Python script is publicly available demonstrating automated exploitation of this vulnerability.

Python Authentication Bypass Suse
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-31836 HIGH This Week

A mass assignment vulnerability in Checkmate's user profile update endpoint allows any authenticated user to escalate their privileges to superadmin level, bypassing all role-based access controls. Checkmate versions 3.5.1 and prior are affected, an open-source self-hosted server monitoring tool from Bluewave Labs. Attackers can gain complete administrative access to view all users, modify critical configurations, and access sensitive system data, though no public patches are currently available.

Authentication Bypass Checkmate
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-29189 HIGH This Week

A critical access control vulnerability exists in the SuiteCRM REST API V8 where multiple endpoints lack proper ACL (Access Control List) validation, enabling authenticated users to access and modify data beyond their authorized permissions. This affects SuiteCRM versions prior to 7.15.1 and 8.9.3, allowing privilege escalation within the CRM system where low-privileged users can potentially access sensitive customer data, modify records, or perform administrative actions. With a CVSS score of 8.1 and authentication bypass capabilities, this represents a significant security risk for organizations using affected versions.

Authentication Bypass Suitecrm
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-4434 HIGH PATCH This Week

Devolutions Server contains an improper certificate validation vulnerability in its PAM propagation WinRM connections that allows network attackers to conduct man-in-the-middle (MITM) attacks by exploiting disabled TLS certificate verification. This vulnerability affects Devolutions Server versions prior to 2026.1, enabling attackers positioned on the network path to intercept and manipulate WinRM communications without detection. The vulnerability is classified under CWE-295 (Improper Certificate Validation) and carries significant information disclosure and server compromise risks, particularly in environments where PAM propagation relies on WinRM for credential delivery and privileged session management.

Information Disclosure Server
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-63261 HIGH This Week

AWStats 8.0 contains a command injection vulnerability in the open function that allows attackers to execute arbitrary system commands. The vulnerability affects the AWStats web analytics application, and attackers can exploit this flaw to achieve remote code execution on systems running vulnerable versions. A proof-of-concept has been documented in the referenced pentest-tools PDF, indicating practical exploitability.

Command Injection
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-32305 HIGH PATCH This Week

Traefik reverse proxy and load balancer contains an mTLS authentication bypass vulnerability that allows attackers to circumvent mutual TLS certificate requirements by sending fragmented TLS ClientHello packets. Affected versions include Traefik 2.11.40 and below, 3.0.0-beta1 through 3.6.10, and 3.7.0-ea.1. When ClientHello messages are fragmented across multiple TLS records, SNI extraction fails with an EOF error, causing the TCP router to fall back to default TLS configuration without client certificate validation, enabling unauthorized access to services that should require mTLS authentication.

Authentication Bypass Traefik
NVD GitHub VulDB
CVSS 4.0
7.8
EPSS
0.0%
CVE-2026-23273 HIGH PATCH This Week

A use-after-free race condition exists in the Linux kernel's macvlan driver within the macvlan_common_newlink() error handling path. When a macvlan device creation fails after the network device becomes visible to the RCU (Read-Copy-Update) subsystem, the caller's subsequent free_netdev(dev) can race with ongoing packet forwarding operations, causing kernel memory corruption and potential information disclosure. This vulnerability affects Linux kernel versions 5.10 through 6.19 and later, and while no public exploit exists, the issue is reproducible via crafted netlink commands that trigger concurrent device creation and packet transmission.

Linux Information Disclosure Use After Free Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23271 HIGH PATCH This Week

A race condition exists in the Linux kernel's perf subsystem where __perf_event_overflow() can execute with only preemption disabled (rather than IRQs disabled) on software events, creating a window for concurrent execution with perf_event_exit_event() and related cleanup functions. This race condition allows the overflow handler to access kernel structures (such as BPF programs) that are being freed concurrently, potentially leading to use-after-free conditions, memory corruption, or privilege escalation. The vulnerability affects multiple stable Linux kernel versions and has patches available across multiple kernel branches (6.12.77, 6.19.7, 7.0-rc2, and others as indicated by the git commit references).

Linux Buffer Overflow Race Condition
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22163 HIGH This Week

Unsafe IOCTL handling in the DDK kernel module allows local attackers with limited privileges to bypass GPU memory protections and write to arbitrary physical memory through race condition exploitation. This privilege escalation vulnerability affects systems using the vulnerable DDK driver and requires no user interaction to trigger. No patch is currently available.

RCE Graphics Ddk
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23278 HIGH PATCH This Week

A resource management flaw in the Linux kernel's netfilter nf_tables subsystem fails to properly iterate over all pending catchall elements during transaction processing, leading to incomplete cleanup when a map holding catchall elements is destroyed. This affects Linux kernel versions across multiple stable branches and can result in memory corruption, information disclosure, or denial of service when crafted netfilter rule transactions are processed. The vulnerability is not known to be actively exploited in the wild, but the presence of multiple stable branch patches and specific affected kernel versions indicates kernel maintainers have treated this as a material flaw requiring coordinated remediation.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23275 HIGH PATCH This Week

A race condition exists in the Linux kernel's io_uring subsystem where task work flags can be manipulated on stale ring memory during concurrent ring resize operations when DEFER_TASKRUN or SETUP_TASKRUN modes are enabled. This vulnerability affects Linux kernel versions including 6.13, 6.18.19, 6.19.9, and 7.0-rc4, and could allow an attacker with local code execution capabilities to cause information disclosure or kernel memory corruption. The vulnerability has been patched across multiple stable kernel versions as evidenced by available git commits, though no active KEV status or EPSS score has been published.

Linux Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23274 HIGH PATCH This Week

Linux kernel netfilter xt_IDLETIMER subsystem crashes when revision 0 rules reuse ALARM-type timer labels created by revision 1, triggering mod_timer() on an uninitialized timer_list. Affects Linux kernel 5.7+ through 6.19.x series. Local authenticated attackers with CAP_NET_ADMIN (PR:L) can cause kernel panic on systems with panic_on_warn=1, achieving high-severity local denial of service or potential privilege escalation via kernel memory corruption. EPSS score is very low (0.02%, 4th percentile) indicating minimal observed exploitation likelihood. No public exploit code identified at time of analysis.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23272 HIGH PATCH This Week

A use-after-free vulnerability exists in the Linux kernel's netfilter nf_tables subsystem where a set element can be published and removed without waiting for RCU grace period completion, allowing concurrent RCU readers to access freed memory. This affects all Linux kernel versions across multiple stable branches (4.10 and later) as indicated by the CPE cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*. An attacker with local access to manipulate netfilter rules could trigger information disclosure or denial of service by exploiting the race condition during batch insertion of elements into a full netfilter set.

Information Disclosure Linux
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32711 HIGH PATCH This Week

Path traversal in pydicom versions 2.0.0-rc.1 through 3.0.1 allows local attackers to read, copy, or delete arbitrary files outside the File-set root directory by crafting malicious ReferencedFileID values in DICOMDIR files. The vulnerability exists because pydicom fails to validate that resolved file paths remain within the intended File-set root before performing file I/O operations like copy(), write(), and remove(). No patch is currently available for affected versions.

Python Path Traversal Suse
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-33156 HIGH This Week

ScreenToGif, a widely-used screen recording application, is vulnerable to DLL sideloading attacks through a malicious version.dll file. Versions from 2.42.1 and earlier are affected when the portable executable is run from user-writable directories, which is the primary intended use case for this application. Attackers can achieve arbitrary code execution in the user's context with high impact on confidentiality, integrity, and availability. No public patches are available at the time of disclosure, and no evidence of active exploitation (KEV status) has been reported.

RCE Microsoft Windows
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-15608 HIGH PATCH This Week

A stack-based buffer overflow vulnerability exists in TP-Link AX53 v1 due to insufficient input sanitization in the device's probe handling logic, allowing unauthenticated remote attackers to cause denial of service through repeated service crashes and potentially achieve remote code execution via heap-spray techniques under specific conditions. The vulnerability affects TP-Link AX53 v1 devices and has a patch available from the vendor, though no confirmed active exploitation or public proof-of-concept has been widely reported at this time.

RCE Buffer Overflow Stack Overflow Ax53 V1
NVD VulDB
CVSS 4.0
7.7
EPSS
0.0%
CVE-2026-32303 HIGH PATCH This Week

Cryptomator versions prior to 1.19.1 contain an integrity check vulnerability that allows attackers to tamper with the vault.cryptomator configuration file, enabling man-in-the-middle attacks during Hub key loading. Attackers can mix legitimate authentication endpoints with malicious API endpoints to exfiltrate access tokens from users unlocking Hub-backed vaults in environments where vault configuration files can be modified. The CVSS score of 7.6 indicates high severity with network attack vector requiring low privileges and user interaction, though no active exploitation (KEV) or public POC has been reported at this time.

Information Disclosure Hashicorp
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-32317 HIGH PATCH This Week

An integrity check vulnerability in Cryptomator for Android prior to version 1.12.3 allows attackers to tamper with the vault configuration file, enabling a man-in-the-middle attack against the Hub key loading mechanism. Attackers who can modify the vault.cryptomator file can mix legitimate authentication endpoints with malicious API endpoints to exfiltrate tokens from users unlocking Hub-backed vaults. With a CVSS score of 7.6 and requiring low attack complexity with user interaction, this vulnerability poses a moderate risk to affected users in environments where vault configuration files can be altered.

Information Disclosure Google Hashicorp Android
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-32318 HIGH PATCH This Week

A man-in-the-middle vulnerability in Cryptomator for iOS versions prior to 2.8.3 allows attackers who can modify the vault.cryptomator configuration file to intercept authentication tokens by substituting malicious API endpoints while maintaining legitimate authentication endpoints. This affects users unlocking Hub-backed vaults in environments where attackers have write access to vault configuration files. No evidence of active exploitation (not in CISA KEV) has been reported, and patches are available.

Information Disclosure Hashicorp Apple iOS
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-33013 HIGH PATCH GHSA This Week

The Micronaut Framework contains an infinite loop vulnerability in its form-urlencoded body binding mechanism that occurs when array indices are processed in descending order, allowing remote attackers to trigger denial of service through CPU exhaustion and out-of-memory conditions. Versions prior to 4.10.16 and 3.10.5 are affected, with the vulnerability exploitable by sending crafted indexed form parameters without authentication. No public exploit code has been confirmed, but the issue is straightforward to trigger and has been patched in the referenced versions.

Java Denial Of Service Red Hat
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-33485 HIGH GHSA This Week

An unauthenticated SQL injection vulnerability exists in the AVideo platform's RTMP on_publish callback, allowing remote attackers to extract the entire database via time-based blind SQL injection. The vulnerability affects the wwbn_avideo composer package and can be exploited without authentication to steal user password hashes, email addresses, and API keys. A detailed proof-of-concept is publicly available in the GitHub Security Advisory, and the vulnerability has a CVSS score of 7.5 (High) with network attack vector and low complexity.

SQLi PHP Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-33483 HIGH This Week

AVideo platform contains an unauthenticated file upload vulnerability in the aVideoEncoderChunk.json.php endpoint that allows remote attackers to exhaust disk space and cause denial of service. Any unauthenticated attacker can upload arbitrarily large files to the server's /tmp directory with no size limits, rate limiting, or cleanup mechanism, and the CORS wildcard header enables browser-based distributed attacks. A detailed proof-of-concept is publicly available demonstrating parallel upload attacks that can fill disk space and crash server services.

Denial Of Service Information Disclosure PHP
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-23536 HIGH This Week

The Feast Feature Server contains a path traversal vulnerability in its `/read-document` endpoint that allows unauthenticated remote attackers to read arbitrary files accessible to the server process, including sensitive system files, application configurations, and credentials. Red Hat OpenShift AI (RHOAI) deployments are confirmed affected across multiple versions. The vulnerability is rated 7.5 (High) with network-based exploitation requiring no authentication or user interaction, though no active exploitation (KEV) or public proof-of-concept is currently documented.

Path Traversal Red Hat Openshift Ai Rhoai
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-33509 HIGH PATCH This Week

Remote code execution in Python allows authenticated users with SETTINGS permission to modify the reconnect.script configuration parameter without restriction, which is then passed unsanitized to subprocess.run() enabling arbitrary command execution. The vulnerability exists due to insufficient input validation in the set_config_value() API endpoint, which only restricts the general.storage_folder setting while leaving other security-critical options like reconnect.script unprotected. An attacker with non-admin SETTINGS privileges can exploit this to achieve full system compromise on the affected Python installation.

Python RCE Privilege Escalation
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-32701 HIGH PATCH This Week

Qwik, a performance-focused JavaScript framework, contains an array prototype pollution vulnerability in its FormData parsing logic that affects versions prior to 1.19.2. Attackers can submit specially crafted form field names using mixed array-index and object-property keys (e.g., items.0 alongside items.toString or items.length) to inject malicious properties into objects the application expects to be arrays, leading to denial of service through malformed array states, oversized lengths, or request handling failures. The vulnerability has a CVSS score of 7.5 (High severity) with network-based exploitation requiring no authentication or user interaction, and a patch is available in version 1.19.2.

Memory Corruption Denial Of Service Qwik
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-33427 HIGH This Week

Discourse versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain an authorization page spoofing vulnerability that allows unauthenticated attackers to inject attacker-controlled domains into legitimate Discourse authorization pages, enabling social engineering attacks. This CWE-862 (Missing Authorization) class vulnerability affects all affected Discourse installations and requires no authentication or special privileges to exploit. No active exploitation in the wild (KEV status) has been reported, but the attack surface is broad given Discourse's widespread use as an open-source discussion platform.

Authentication Bypass Discourse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-33418 HIGH PATCH This Week

A regex-based bypass vulnerability in the @dicebear/converter npm package allows attackers to circumvent SVG dimension sanitization by injecting decoy <svg tags in XML constructs. Applications using @dicebear/converter on Node.js to process untrusted SVG input are vulnerable to denial of service through unbounded memory allocation when rendering malformed SVGs. The CVSS score of 7.5 reflects the high availability impact with network-accessible attack vector requiring no authentication or user interaction.

Denial Of Service Node.js
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33164 HIGH PATCH This Week

A malformed H.265 PPS (Picture Parameter Set) NAL unit in libde265 prior to version 1.0.17 triggers a segmentation fault in the pic_parameter_set::set_derived_values() function, causing denial of service. Any application using affected versions of libde265 to decode H.265 video streams is vulnerable to crash via specially crafted video files or streams. The vulnerability has been patched in version 1.0.17, and a GitHub security advisory documents the issue.

Buffer Overflow Heap Overflow Libde265
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33069 HIGH PATCH This Week

PJSIP versions 2.16 and below contain a cascading out-of-bounds heap read vulnerability in the pjsip_multipart_parse() function that allows attackers to read 1-2 bytes of adjacent heap memory when processing SIP messages with multipart bodies or SDP content. The vulnerability affects all applications using PJSIP to process incoming SIP messages, as the flaw does not require authentication or user interaction and can be triggered remotely over the network. While the CVSS score of 6.9 reflects moderate severity with low confidentiality impact, the low attack complexity and remote exploitability make this a practical concern for SIP-based communication systems.

Buffer Overflow Information Disclosure Pjproject
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32933 HIGH PATCH This Week

AutoMapper, a widely-used convention-based object-object mapper for .NET applications, contains a stack exhaustion vulnerability that allows remote attackers to crash applications via deeply nested object graphs. Versions prior to 15.1.1 and 16.1.1 are affected. An unauthenticated attacker can trigger a StackOverflowException by sending specially crafted nested objects, causing immediate application termination with high availability impact (CVSS 7.5).

Denial Of Service Automapper
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32949 HIGH PATCH This Week

A Server-Side Request Forgery (SSRF) vulnerability in SQLBot, an intelligent data query system based on large language models and RAG, allows unauthenticated remote attackers to read arbitrary files from the server's filesystem. SQLBot versions prior to 1.7.0 are affected, with the vulnerability exploitable through the /api/v1/datasource/check endpoint by configuring a malicious MySQL data source that triggers a LOAD DATA LOCAL INFILE attack during connection verification. The CVSS score of 8.7 with network-based attack vector and no privileges required indicates critical severity, though no KEV listing or EPSS data suggests exploitation in the wild has not yet been widely observed.

SSRF Sqlbot
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32873 HIGH GHSA This Week

The ewe Gleam web server contains an infinite loop vulnerability in the handle_trailers function that permanently wedges the BEAM process at 100% CPU when processing rejected trailer headers in chunked HTTP requests. Versions 0.8.0 through 3.0.4 are affected, and any unauthenticated remote attacker can exploit this before application code executes, making mitigation at the application level impossible. The vulnerability is patched in version 3.0.5, and while no active exploitation (KEV) or EPSS score is reported, the low attack complexity and network accessibility make this a readily exploitable denial-of-service condition.

Denial Of Service Ewe
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-4437 HIGH PATCH This Week

A DNS response parsing vulnerability exists in the GNU C Library (glibc) versions 2.34 through 2.43 affecting the gethostbyaddr and gethostbyaddr_r functions. When a malicious or compromised DNS server returns a crafted response that violates the DNS specification, the library may incorrectly treat non-answer sections (such as authority or additional sections) as valid answers, leading to buffer overflow and information disclosure. The vulnerability is classified as a read buffer over-read (CWE-125) and does not currently have a published CVSS score, EPSS metric, or confirmed KEV status, though the underlying mechanism suggests moderate real-world risk in environments with untrusted or attacker-controlled DNS infrastructure.

Information Disclosure Buffer Overflow Glibc
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-46597 HIGH This Week

Bitcoin Core versions 0.13.0 through 29.x contain an integer overflow vulnerability that could allow attackers to trigger unexpected behavior or crashes in affected nodes. This vulnerability affects a wide range of Bitcoin Core deployments spanning multiple major versions. While specific exploitation details remain limited due to the disclosure date and incomplete CVSS scoring, the integer overflow classification suggests potential for denial of service or memory corruption under specific conditions.

Integer Overflow Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33488 HIGH This Week

The LoginControl plugin for AVideo contains a critical cryptographic weakness in its PGP-based 2FA implementation, generating 512-bit RSA keys that can be factored on commodity hardware within hours using publicly available tools. Attackers who obtain a user's public key can derive the complete private key and decrypt authentication challenges, completely bypassing the second factor protection. A proof-of-concept demonstrating key factoring and challenge decryption is included in the advisory, and unauthenticated endpoints allow anonymous CPU-intensive key generation for denial-of-service attacks.

PHP Denial Of Service Python
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-2378 HIGH PATCH This Week

ArcSearch for Android versions prior to 1.12.7 contains an address bar spoofing vulnerability that allows attackers to display a different domain in the browser's address bar than the actual content being rendered. Users of ArcSearch for Android prior to version 1.12.7 are affected, and an attacker can craft malicious web content that, after user interaction, deceives users into believing they are visiting a legitimate domain while viewing attacker-controlled content. There is no indication of active exploitation in KEV data, and EPSS data is not provided.

XSS Google
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
Prev Page 3 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy