Skip to main content
CVE-2026-26828 HIGH This Week

A NULL pointer dereference vulnerability exists in the daap_reply_playlists function within owntone-server's DAAP request handler (src/httpd_daap.c) that allows remote attackers to trigger a denial of service condition by sending a specially crafted DAAP protocol request. The vulnerability affects owntone-server at commit 3d1652d and potentially earlier versions. An attacker can remotely crash the server without authentication by exploiting improper input validation in the playlist reply handler, resulting in service unavailability.

Denial Of Service Null Pointer Dereference
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33512 HIGH This Week

WWBN AVideo versions up to and including 26.0 contain an unauthenticated API endpoint that allows arbitrary decryption of ciphertext. Attackers can exploit the decryptString action in the API plugin without authentication to decrypt publicly-issued ciphertext (such as from view/url2Embed.json.php), allowing recovery of protected tokens and metadata. The CVSS score of 7.5 reflects high confidentiality impact with network accessibility and no authentication required.

PHP Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32299 HIGH PATCH This Week

Insufficient authorization checks in the page content retrieval feature (versions 1.x <= 1.41.0 and 2.x <= 2.41.1) allow unauthenticated attackers to access non-public page contents and attachments. An attacker can retrieve sensitive information from restricted pages without proper credentials. Users must upgrade to version 1.41.1 or 2.41.1 to remediate this vulnerability.

Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33176 HIGH PATCH This Week

Rails ActiveSupport number helpers contain a denial of service vulnerability where strings with scientific notation (e.g., '1e10000') are improperly converted and expanded into extremely large decimal representations, causing excessive memory allocation and CPU consumption during string formatting. The vulnerability affects ActiveSupport across multiple Rails versions prior to 7.2.3.1, 8.0.4.1, and 8.1.2.1. An attacker can exploit this by providing maliciously crafted scientific notation strings to trigger resource exhaustion and deny service to legitimate users.

Denial Of Service Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33174 HIGH PATCH This Week

Rails Active Storage's Blobs::ProxyController loads entire requested byte ranges into memory before transmission, allowing remote unauthenticated attackers to exhaust server memory and cause denial of service by sending requests with large or unbounded Range headers. This vulnerability affects systems using Active Storage for file serving and requires no user interaction or authentication to exploit. A patch is available.

Information Disclosure Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32066 HIGH PATCH This Week

OpenClaw contains an unbounded memory growth vulnerability in its Zalo webhook endpoint that enables unauthenticated remote attackers to exhaust server memory by sending repeated HTTP requests with varying query string parameters. This affects OpenClaw versions prior to 2026.3.1. The vulnerability has a CVSS score of 7.5 (High) due to its network accessibility and lack of authentication requirements, though no evidence of active exploitation (KEV) or public proof-of-concept has been identified at this time.

Denial Of Service Openclaw
NVD GitHub
CVSS 3.1
7.5
CVE-2026-22173 HIGH PATCH This Week

OpenClaw, an open-source game engine component, contains a command injection vulnerability in its Windows Scheduled Task script generation mechanism. Versions prior to 2026.2.18 write environment variables unquoted to gateway.cmd files, allowing attackers to inject shell metacharacters that break out of assignment context and execute arbitrary commands when the scheduled task runs. This vulnerability has a CVSS score of 7.4 (High) with local attack vector and high attack complexity, and a patch is currently available from the vendor.

Command Injection Microsoft Windows
NVD GitHub
CVSS 3.1
7.4
CVE-2025-10679 HIGH This Week

The ReviewX plugin for WordPress contains a critical arbitrary method call vulnerability in all versions up to and including 2.2.12. Unauthenticated attackers can exploit insufficient input validation in the bulkTenReviews function to call arbitrary PHP class methods, potentially achieving remote code execution or information disclosure. With a CVSS score of 7.3 and network-based exploitation requiring no privileges or user interaction, this presents a significant risk to WordPress sites using this WooCommerce product review plugin.

WordPress PHP RCE Information Disclosure Code Injection +1
NVD VulDB
CVSS 3.1
7.3
EPSS
0.1%
CVE-2026-33430 HIGH PATCH GHSA This Week

BeeWare Briefcase Windows MSI installer templates (versions <0.3.26, <0.4.0, <0.4.1) create installation directories with insecure inherited permissions when installed per-machine. Low-privilege authenticated local users can replace application binaries, achieving privilege escalation when an administrator later executes the modified binary. Vendor-released patches available for 0.3.26, 0.4.0, and 0.4.1. EPSS score of 0.01% indicates minimal observed exploitation attempts; no KEV listing or public POC identified.

Information Disclosure Microsoft
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-32910 HIGH PATCH This Week

OpenClaw versions prior to 2026.3.1 contain an approval bypass vulnerability in the system.run function that allows attackers to execute a different binary than the one approved by an operator. The vulnerability stems from non-path-like argv[0] tokens failing to bind to executable identity, enabling post-approval PATH manipulation to redirect execution to attacker-controlled binaries. With a CVSS score of 7.3 and requiring local access with low privileges and user interaction, this represents a significant privilege escalation and integrity bypass risk in environments using OpenClaw's execution approval mechanisms.

Authentication Bypass Openclaw
NVD GitHub
CVSS 3.1
7.3
CVE-2026-31849 HIGH This Week

This vulnerability is a Cross-Site Request Forgery (CSRF) flaw affecting the Nexxt Solutions Nebula 300+ device firmware through version 12.01.01.37, where state-changing administrative endpoints lack proper CSRF protections. An attacker can trick an authenticated administrator into submitting malicious requests that modify critical device settings, including security configurations, without the administrator's knowledge or consent. No CVSS score or EPSS data is currently available, and the vulnerability has not been confirmed as actively exploited in the wild, though the lack of CSRF protections on administrative functions represents a significant trust boundary violation.

CSRF Nebula 300
NVD VulDB
CVSS 4.0
7.2
EPSS
0.1%
CVE-2026-23882 HIGH PATCH This Week

Blinko versions prior to 1.8.4 allow authenticated high-privilege users to execute arbitrary commands through the MCP server creation function during connection testing, resulting in complete system compromise. An attacker with administrative credentials can inject malicious commands that execute with application privileges, achieving remote code execution. No patch is currently available for affected deployments.

Command Injection Blinko
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-33681 HIGH This Week

WWBN AVideo, an open source video platform, contains a critical path traversal vulnerability in the pluginRunDatabaseScript.json.php endpoint that allows authenticated administrators to execute arbitrary SQL queries against the application database. Versions up to and including 26.0 are affected. The vulnerability can also be exploited via CSRF attacks against authenticated admin sessions, enabling unauthenticated attackers to achieve remote code execution or complete database compromise.

Path Traversal PHP CSRF
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-15606 HIGH PATCH This Week

A Denial-of-Service vulnerability exists in the httpd component of TP-Link TD-W8961N v4.0 routers, caused by improper input sanitization (CWE-20) that allows attackers to craft malicious requests triggering httpd service crashes. The vulnerability enables service interruption and network unavailability for affected users. Although no CVSS score or EPSS metric is publicly available, a vendor patch is already available, indicating acknowledgment of the issue's severity and exploitability.

TP-Link Denial Of Service
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-33723 HIGH This Week

WWBN AVideo, an open source video platform, contains a SQL injection vulnerability in the Subscribe::save() method that allows authenticated attackers to execute arbitrary SQL queries. Versions up to and including 26.0 are affected, with the vulnerability stemming from unsanitized user input from the $_POST['user_id'] parameter being concatenated directly into INSERT queries. An attacker with low-level authentication can extract sensitive data including password hashes, API keys, and encryption salts from the database, representing a significant information disclosure risk.

PHP Information Disclosure SQLi
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-23555 HIGH PATCH This Week

Xenstored on Ubuntu and Debian crashes when a guest VM submits a Xenstore command with an illegal node path "/local/domain/", causing a denial of service to that hypervisor component. An unprivileged guest can trigger this crash via a forced assert() statement, or if the service is built without debugging symbols, cause xenstored to consume excessive CPU resources while becoming unresponsive to further requests. No patch is currently available for this vulnerability.

Denial Of Service Xen
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-31846 HIGH This Week

An unauthenticated credential disclosure vulnerability exists in the /goform/ate endpoint of Nexxt Solutions Nebula 300+ firmware (including Tenda F3 v2.0 rebranded variants) through version 12.01.01.37, allowing adjacent network attackers to retrieve the Base64-encoded administrator password without authentication. The recovered credentials enable full device authentication and privilege escalation, facilitating further compromise when combined with other firmware weaknesses. No active KEV listing or public POC availability is currently documented, though the CVSS 6.5 score reflects the significant confidentiality impact despite network-adjacency requirement.

Authentication Bypass Nebula 300 Tenda F3 V2 0 Firmware
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-32908 HIGH PATCH This Week

OpenClaw 2026.1.21 through 2026.2.18 contains a command injection vulnerability in the Lobster extension's Windows shell fallback mechanism. Local authenticated users with low privileges can execute arbitrary commands when spawn failures trigger shell fallback with cmd.exe, exploiting workflow-controlled parameters. A patch is available from the vendor, and while no KEV or EPSS data indicates active exploitation at this time, the vulnerability has a CVSS score of 7.0 (High).

Command Injection Microsoft Windows
NVD GitHub
CVSS 3.1
7.0
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy