Skip to main content
CVE-2026-33634 CRITICAL POC KEV PATCH THREAT GHSA Emergency

Trivy security scanner v0.69.4 was compromised in a supply chain attack where a threat actor used stolen credentials to publish malicious releases and force-push credential-stealing malware to GitHub Actions repositories.

Information Disclosure Suse
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.0%
Threat
4.9
CVE-2026-3055 CRITICAL POC KEV PATCH THREAT NEWS Act Now

An insufficient input validation vulnerability exists in Citrix NetScaler ADC and NetScaler Gateway when configured as a SAML Identity Provider, allowing attackers to trigger a memory overread condition. The vulnerability affects both the NetScaler ADC and NetScaler Gateway products across multiple versions, and successful exploitation could lead to information disclosure by reading adjacent memory contents. While no CVSS score or EPSS data is currently published, the CWE-125 classification (Out-of-bounds Read) combined with the SAML IDP configuration context suggests moderate to high real-world risk for organizations relying on these devices for identity management.

Information Disclosure Citrix Buffer Overflow
NVD VulDB GitHub
CVSS 4.0
9.3
EPSS
0.0%
Threat
4.9
CVE-2025-60949 CRITICAL POC PATCH Act Now

Census CSWeb 8.0.1 contains an information disclosure vulnerability where the app/config endpoint is reachable via HTTP without authentication in certain deployments, allowing remote attackers to retrieve sensitive configuration data including secrets. This vulnerability has a CVSS score of 9.1 (Critical) and affects Census CSWeb versions prior to 8.1.0 alpha. A public proof-of-concept exploit is available on GitHub (https://github.com/hx381/cspro-exploits), significantly increasing the risk of active exploitation.

Information Disclosure Csweb
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-4585 HIGH POC This Week

A critical OS command injection vulnerability exists in Tiandy Easy7 Integrated Management Platform versions up to 7.17.0, specifically in the ImportSystemConfiguration.jsp file's Configuration Handler. Attackers can remotely execute arbitrary operating system commands without authentication by manipulating the 'File' parameter. A public proof-of-concept exploit has been disclosed and is available, significantly increasing the risk of active exploitation, though the vendor has not responded to disclosure attempts.

Command Injection Easy7 Integrated Management Platform
NVD VulDB
CVSS 4.0
8.9
EPSS
0.2%
CVE-2026-4567 HIGH POC This Week

Stack-based buffer overflow in Tenda A15 router firmware version 15.13.07.13 allows unauthenticated remote attackers to achieve complete system compromise through a malicious file upload to the UploadCfg function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can be executed over the network with trivial complexity.

Buffer Overflow Tenda Stack Overflow
NVD VulDB GitHub
CVSS 4.0
8.9
EPSS
0.1%
CVE-2025-60947 HIGH POC PATCH This Week

Census CSWeb 8.0.1 contains an arbitrary file upload vulnerability allowing authenticated remote attackers to upload malicious files and achieve remote code execution. A public proof-of-concept exploit is available on GitHub (hx381/cspro-exploits), significantly increasing the risk of exploitation. The vulnerability affects the Census CSWeb data dissemination platform used for hosting census and survey data online.

RCE File Upload Csweb
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2025-60946 HIGH POC PATCH This Week

Census CSWeb 8.0.1 contains a path traversal vulnerability (CWE-22) allowing authenticated remote attackers to access arbitrary files outside intended directories through unvalidated file path input. A public proof-of-concept exploit is available on GitHub (hx381/cspro-exploits), significantly increasing exploitation risk. With a CVSS score of 8.8 and low attack complexity requiring only low-level privileges, this poses a critical threat to organizations running the affected version.

Path Traversal Csweb
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-25075 HIGH POC PATCH This Week

Unauthenticated remote attackers can crash strongSwan versions 4.5.0 through 6.0.4 via integer underflow in the EAP-TTLS AVP parser during IKEv2 authentication by sending malformed AVP packets with invalid length fields. Public exploit code exists for this denial of service vulnerability, which triggers memory corruption in the charon daemon with no available patch. Organizations running affected strongSwan versions are vulnerable to service disruption without authentication or user interaction required.

Denial Of Service Integer Overflow Strongswan
NVD VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-26829 HIGH POC This Week

A NULL pointer dereference vulnerability exists in the safe_atou64 function within owntone-server (src/misc.c) that allows remote attackers to cause a Denial of Service by sending crafted HTTP requests to the affected server. The vulnerability affects owntone-server through at least commit c4d57aa, and a public proof-of-concept exploit is available on GitHub, indicating active research and potential exploitation risk.

Denial Of Service Null Pointer Dereference
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2026-23482 HIGH POC PATCH This Week

Blinko, an AI-powered card note-taking application, contains a path traversal vulnerability in its file server endpoint that fails to validate permissions on the temp/ directory and does not filter path traversal sequences (CWE-22). Attackers can exploit this to read arbitrary files on the server, and when scheduled backup tasks are enabled, can access backup files containing all user notes and authentication tokens. The vulnerability affects all versions prior to 1.8.4 and has been patched in the released version 1.8.4.

Path Traversal Blinko
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-4565 HIGH POC PATCH This Week

Buffer overflow in Tenda AC21 firmware version 16.03.08.16 allows authenticated remote attackers to achieve complete system compromise through crafted QoS configuration requests to the SetNetControlList endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges (confidentiality, integrity, and availability impact).

Buffer Overflow Tenda
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.1%
CVE-2026-4566 HIGH POC This Week

Stack-based buffer overflow in Belkin F9K1122 firmware version 1.00.33 allows authenticated remote attackers to achieve complete system compromise through manipulation of the webpage parameter in the formWISP5G function. Public exploit code exists for this vulnerability and the vendor has not provided patches or responded to disclosure attempts. An attacker with network access can execute arbitrary code with full system privileges (confidentiality, integrity, and availability impact).

Buffer Overflow Stack Overflow F9k1122
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.0%
CVE-2019-25623 MEDIUM POC This Month

Luminance Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Luminance Studio
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2019-25621 MEDIUM POC This Month

Pixel Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Pixel Studio
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2019-25625 MEDIUM POC This Month

Blob Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the key entry mechanism. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Blob Studio
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2019-25624 MEDIUM POC This Month

Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Liquid Studio
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2019-25622 MEDIUM POC This Month

Paint Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the key entry mechanism. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Paint Studio
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2019-25620 MEDIUM POC This Month

Tree Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Tree Studio
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-3587 CRITICAL CISA Act Now

A hidden function in the CLI prompt of multiple WAGO industrial and lean managed switches allows unauthenticated remote attackers to escape the restricted interface and gain root access to the underlying Linux operating system. This results in complete device compromise with a maximum CVSS score of 10.0. The vulnerability affects over a dozen WAGO switch models used in industrial automation environments, and was disclosed by CERT@VDE.

Information Disclosure Lean Managed Switch 852 1812 Lean Managed Switch 852 1813 Lean Managed Switch 852 1813 000 001 Lean Managed Switch 852 1816 +12
NVD VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-4606 CRITICAL Act Now

GV Edge Recording Manager (ERM) v2.3.1 improperly executes application components with SYSTEM-level privileges, allowing any local user to escalate privileges and gain full control of the operating system. The vulnerability stems from the Windows service running under the LocalSystem account and spawning child processes with elevated privileges, particularly when file dialogs are invoked during operations like data import. This is a local privilege escalation vulnerability with high real-world risk due to the ease of exploitation and the severity of the impact.

Privilege Escalation Microsoft
NVD VulDB
CVSS 4.0
10.0
EPSS
0.0%
CVE-2026-4001 CRITICAL Act Now

The Woocommerce Custom Product Addons Pro plugin for WordPress contains a critical remote code execution vulnerability caused by unsafe use of PHP's eval() function when processing custom pricing formulas. All versions up to and including 5.4.1 are affected, allowing unauthenticated attackers to execute arbitrary PHP code on the server by submitting malicious input to WCPA text fields configured with custom pricing formulas. With a CVSS score of 9.8, this represents a maximum severity issue requiring immediate attention, though EPSS and KEV status data are not provided in the available intelligence.

Code Injection WordPress PHP RCE
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-32968 CRITICAL Act Now

This is a critical OS command injection vulnerability in the com_mb24sysapi module of several MB Connect Line and Helmholz industrial remote access products. An unauthenticated remote attacker can execute arbitrary OS commands without any user interaction, leading to complete system compromise. This is a variant of CVE-2020-10383, suggesting similar attack patterns may be applicable, and the 9.8 CVSS score reflects the severe nature of network-accessible, authentication-free remote code execution in industrial control system components.

Command Injection Mb Connect Line Mbconnect24 Mymbconnect24 Myrex24V2 Myrex24V2 Virtual
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-4613 MEDIUM POC This Month

SQL injection in SourceCodester E-Commerce Site 1.0 through the Search parameter in /products.php enables unauthenticated remote attackers to read, modify, and delete database contents. Public exploit code exists for this vulnerability, and no patch is currently available, putting all installations at immediate risk.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-4612 MEDIUM POC This Month

SQL injection in the Free Hotel Reservation System 1.0 admin panel allows unauthenticated remote attackers to manipulate the account_id parameter and execute arbitrary SQL queries with potential for data theft, modification, and system disruption. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-4581 MEDIUM POC This Month

SQL injection in Simple Laundry System 1.0's /checklogin.php parameter handler allows unauthenticated remote attackers to manipulate the Username field and execute arbitrary database queries. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, leaving affected PHP installations vulnerable to data theft and unauthorized access.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-4580 MEDIUM POC This Month

SQL injection in Simple Laundry System 1.0's /checkupdatestatus.php parameter handler allows unauthenticated remote attackers to manipulate the serviceId argument and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available, creating immediate risk for affected deployments.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-4579 MEDIUM POC This Month

SQL injection in Simple Laundry System 1.0 through the serviceId parameter in /viewdetail.php allows unauthenticated remote attackers to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can exploit this to read or modify sensitive database information.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-4594 MEDIUM POC This Month

SQL injection in Erupt up to version 1.13.3 allows unauthenticated remote attackers to execute arbitrary SQL queries through the sort.field parameter in the HQL query builder. Public exploit code exists for this vulnerability, and no patch is currently available. Affected Java applications using vulnerable versions of Erupt are at risk of data exfiltration and manipulation.

SQLi Java
NVD VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-33716 CRITICAL Act Now

WWBN AVideo versions up to and including 26.0 contain an authentication bypass vulnerability in the standalone live stream control endpoint. The endpoint accepts a user-supplied 'streamerURL' parameter that redirects token verification to an attacker-controlled server, allowing complete bypass of authentication without any user interaction. With a CVSS score of 9.4, an attacker gains unauthenticated control over any live stream including the ability to drop publishers, manipulate recordings, and probe stream existence.

PHP Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
9.4
EPSS
0.1%
CVE-2026-4404 CRITICAL PATCH Act Now

GoHarbor Harbor versions 2.15.0 and earlier contain hardcoded default credentials that allow unauthenticated attackers to gain administrative access to the web UI using the default username 'admin' and password 'Harbor12345'. This vulnerability enables complete compromise of the container registry, including image manipulation, deletion, and unauthorized access to stored artifacts. The issue has been documented in GitHub issues and pull requests within the Harbor project, indicating active awareness and remediation efforts by the development team.

Information Disclosure Suse
NVD GitHub VulDB
CVSS 3.1
9.4
EPSS
0.0%
CVE-2026-2298 CRITICAL Act Now

An Improper Neutralization of Argument Delimiters (Argument Injection) vulnerability exists in Salesforce Marketing Cloud Engagement that allows attackers to manipulate Web Services Protocol interactions through command injection. All versions of Marketing Cloud Engagement released before January 30th, 2026 are affected. An attacker with network access to the affected service can inject malicious arguments into commands, potentially leading to unauthorized actions, data exfiltration, or service compromise. No CVSS score, EPSS data, or confirmed public POC are currently available, but the vulnerability has been officially disclosed by Salesforce with a patch deadline, indicating active remediation efforts.

Code Injection Marketing Cloud Engagement
NVD VulDB
CVSS 3.1
9.4
EPSS
0.0%
CVE-2026-4681 CRITICAL POC CISA Act Now

A critical remote code execution vulnerability exists in PTC Windchill PDMLink and PTC FlexPLM products due to unsafe deserialization of untrusted data, allowing unauthenticated attackers to execute arbitrary code on affected systems. The vulnerability affects multiple versions of both products spanning from version 11.0 through 13.1.3.0 for Windchill and 11.0 through 13.0.3.0 for FlexPLM. An attacker can craft malicious serialized objects that, when deserialized by the vulnerable application, trigger code execution with the privileges of the Windchill or FlexPLM service account.

RCE Deserialization Windchill Pdmlink Flexplm
NVD VulDB GitHub
CVSS 4.0
9.3
EPSS
0.4%
CVE-2026-30849 CRITICAL PATCH Act Now

MantisBT versions prior to 2.28.1 contain an authentication bypass vulnerability in the SOAP API caused by improper type checking on the password parameter when running on MySQL family databases. An attacker who knows a victim's username can log in to the SOAP API without knowing the correct password and execute any API function available to that account. While a CVE CVSS score is not yet assigned, the vulnerability is patched in version 2.28.1, and disabling the SOAP API reduces but does not eliminate the risk.

Authentication Bypass Mantisbt
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-23486 MEDIUM POC PATCH This Month

A publicly accessible endpoint in Blinko prior to version 1.8.4 discloses sensitive user information including usernames, roles, and account creation dates without requiring authentication, allowing unauthenticated attackers to enumerate all user accounts. This information disclosure vulnerability (CWE-200) affects Blinko versions below 1.8.4 and has been patched in the latest release. The vulnerability is remotely exploitable over the network with minimal attack complexity and no privilege requirements, making it a significant privacy and enumeration risk for deployed instances.

Information Disclosure Blinko
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-41008 CRITICAL Act Now

A SQL injection vulnerability exists in Sinturno that allows unauthenticated or low-privileged attackers to execute arbitrary SQL commands through the 'client' parameter in the '/_adm/scripts/modalReport_data.php' endpoint. This vulnerability enables complete database compromise including retrieval, creation, updating, and deletion of database objects. The vulnerability was reported by INCIBE and affects all versions of Sinturno; no CVSS score, EPSS data, or KEV status has been published, but the ability to perform CRUD operations on databases represents critical severity regardless of formal scoring.

PHP SQLi
NVD VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2025-41007 CRITICAL PATCH Act Now

A SQL injection vulnerability exists in Cuantis that allows unauthenticated attackers to execute arbitrary SQL commands through the 'search' parameter in the '/search.php' endpoint. This vulnerability enables complete database compromise including retrieval, creation, modification, and deletion of database contents. A patch is available from the vendor, and exploitation requires only network access to the affected application with no special privileges or user interaction.

PHP SQLi
NVD VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-4599 CRITICAL PATCH GHSA Act Now

The jsrsasign JavaScript cryptographic library contains a critical vulnerability in its random number generation functions that allows attackers to recover private DSA keys through nonce bias exploitation. Versions 7.0.0 through 11.1.0 are affected. A proof-of-concept is publicly available (referenced in GitHub Gist), demonstrating the attack feasibility, and the vulnerability requires no authentication or user interaction for remote exploitation.

Information Disclosure Jsrsasign
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-32913 CRITICAL PATCH GHSA Act Now

OpenClaw versions prior to 2026.3.7 contain a critical header validation flaw in the fetchWithSsrFGuard function that leaks sensitive authorization headers (including X-Api-Key and Private-Token) across cross-origin redirects. An attacker can exploit this remotely without authentication by triggering HTTP redirects to attacker-controlled domains, intercepting credentials intended for legitimate services. With a CVSS score of 9.3 and network-accessible attack vector requiring low complexity, this represents a significant information disclosure risk, though no active exploitation (KEV) or public POC has been reported at this time.

Information Disclosure Openclaw
NVD GitHub VulDB
CVSS 3.1
9.3
EPSS
0.0%
CVE-2026-1969 MEDIUM POC PATCH This Month

The trx_addons WordPress plugin before version 2.38.5 contains an arbitrary file upload vulnerability in an AJAX action that fails to properly validate file types, allowing unauthenticated attackers to upload malicious files. This vulnerability represents an incomplete remediation of the previously disclosed CVE-2024-13448, meaning the original patch was insufficient. A public proof-of-concept exploit is available, and the vulnerability can lead to remote code execution or information disclosure depending on server configuration and file placement.

WordPress File Upload
NVD WPScan
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-23483 MEDIUM POC This Month

Blinko versions 1.8.3 and earlier contain a path traversal vulnerability in the plugin file server endpoint that fails to validate whether requested file paths remain within the plugins directory, enabling unauthenticated remote attackers to read arbitrary files. The vulnerability has a CVSS score of 5.3 and currently lacks a publicly available patch.

Path Traversal Blinko
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-32852 MEDIUM POC PATCH This Month

MailEnable versions prior to 10.55 contain a reflected cross-site scripting (XSS) vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser without requiring authentication or special privileges. The vulnerability exists in the FreeBusy.aspx form where the StartDate parameter is not properly sanitized before being embedded into dynamically generated JavaScript, enabling attackers to inject malicious code through a crafted URL. A public proof-of-concept exploit is available, and a patch has been released by the vendor, making this a moderate-to-high priority issue for organizations running affected versions.

XSS Mailenable
NVD VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2026-32851 MEDIUM POC PATCH This Month

MailEnable versions prior to 10.55 contain a reflected cross-site scripting (XS) vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser without requiring authentication or special privileges. The vulnerability exists in the FreeBusy.aspx form where the Attendees parameter is not properly sanitized before being embedded into dynamically generated JavaScript, enabling attackers to craft malicious URLs that compromise user sessions and steal sensitive data. A public proof-of-concept exploit is available, increasing the practical risk to deployed MailEnable installations.

XSS Mailenable
NVD VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2026-32850 MEDIUM POC PATCH This Month

MailEnable versions prior to 10.55 contain a reflected cross-site scripting (XSS) vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL targeting the ManageShares.aspx form. The SelectedIndex parameter is not properly sanitized before being embedded into dynamically generated JavaScript, enabling attackers to inject and execute malicious code. A publicly available proof-of-concept exploit exists, and a patch has been released by the vendor.

XSS Mailenable
NVD VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-60948 MEDIUM POC PATCH This Month

Census CSWeb 8.0.1 contains a stored cross-site scripting (XSS) vulnerability in user-supplied fields that allows authenticated attackers to inject and persist malicious JavaScript code, which executes when victims access affected pages in their browsers. The vulnerability affects CSWeb versions prior to 8.1.0 alpha, and a public proof-of-concept exploit is available on GitHub, increasing real-world exploitation risk. While the CVSS score of 4.6 reflects moderate severity, the combination of authenticated access requirement, user interaction dependency, and published exploit code suggests this poses a meaningful but contained threat to Census CSWeb deployments.

XSS Csweb
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-33202 CRITICAL PATCH Act Now

Rails Active Storage's DiskService#delete_prefixed method fails to escape glob metacharacters when passing blob keys to Dir.glob, allowing attackers to delete unintended files from the storage directory if blob keys contain attacker-controlled input or custom-generated keys with glob metacharacters. This affects Ruby on Rails versions prior to 7.2.3.1, 8.0.4.1, and 8.1.2.1, and while no CVSS score or EPSS data is currently available, the vulnerability represents a significant integrity and availability risk as it enables arbitrary file deletion on the server filesystem.

Information Disclosure Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-0898 CRITICAL Act Now

An arbitrary file-write vulnerability exists in Pega Browser Extension (PBE) affecting Pega Robot Studio developers using versions 22.1 or R25 who automate Google Chrome and Microsoft Edge browsers. A threat actor can craft a malicious website that, when visited by a developer during interrogation mode in Robot Studio, executes arbitrary file-write operations on the developer's system. This vulnerability does not affect end-user Robot Runtime deployments, limiting its blast radius to development environments.

Google RCE Microsoft Pega Robot Studio Chrome
NVD VulDB
CVSS 4.0
9.0
EPSS
0.0%
CVE-2026-3533 HIGH This Week

The Jupiter X Core plugin for WordPress contains an unrestricted file upload vulnerability allowing authenticated users with Subscriber-level privileges or higher to upload dangerous file types including .phar, .svg, .dfxp, and .xhtml files. This stems from missing authorization checks in the import_popup_templates() function and insufficient file type validation in the upload_files() function. Successful exploitation leads to Remote Code Execution on Apache servers with mod_php configured to execute .phar files, or Stored Cross-Site Scripting attacks via malicious SVG and other file types on any server configuration.

Apache WordPress PHP File Upload RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-33647 HIGH This Week

WWBN AVideo versions up to and including 26.0 contain a critical file upload vulnerability in the ImageGallery::saveFile() method that allows authenticated attackers to upload polyglot files (JPEG with embedded PHP code) and achieve Remote Code Execution. The vulnerability exploits a mismatch between MIME type validation (which checks file content) and filename extension handling (which trusts user input), allowing attackers to bypass security controls and execute arbitrary code on the server. A patch is available in commit 345a8d3ece0ad1e1b71a704c1579cbf885d8f3ae, and the issue has been publicly disclosed via GitHub Security Advisory GHSA-wxjw-phj6-g75w.

PHP RCE File Upload
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-24516 HIGH PATCH This Week

A critical command injection vulnerability exists in DigitalOcean Droplet Agent through version 1.3.2, where the troubleshooting actioner component processes metadata from the metadata service endpoint without adequate input validation, allowing attackers who can control metadata responses to inject and execute arbitrary OS commands with root privileges. An attacker can trigger the vulnerability by sending a TCP packet with specific sequence numbers to the SSH port, causing the agent to fetch and execute malicious commands from the metadata service, potentially leading to complete system compromise, data exfiltration, and lateral movement across cloud infrastructure. A public proof-of-concept exists at https://github.com/poxsky/CVE-2026-24516-DigitalOcean-RCE, indicating active research and potential exploitation risk.

Command Injection Privilege Escalation RCE Code Injection Suse
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-33648 HIGH This Week

WWBN AVideo versions up to and including 26.0 contain a command injection vulnerability in the restreamer endpoint that allows authenticated attackers to execute arbitrary commands on the server. The vulnerability stems from unsanitized user input (users_id and liveTransmitionHistory_id parameters) being embedded directly into shell commands via exec(). With a CVSS score of 8.8, this critical vulnerability requires low attack complexity and low privileges, enabling complete system compromise including data theft, modification, and denial of service.

Command Injection Avideo
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy