Skip to main content
CVE-2026-23924 MEDIUM This Month

The Zabbix Agent 2 Docker plugin contains an argument injection vulnerability in the 'docker.container_info' parameter handler that fails to properly sanitize user-supplied input before forwarding requests to the Docker daemon. An authenticated attacker who can invoke Agent 2 can exploit this flaw to read arbitrary files from running Docker containers by injecting malicious parameters through the Docker archive API, potentially exposing sensitive application data, credentials, and configuration files. While no CVSS score or EPSS data is currently available, and no indication of active exploitation in the wild has been reported, this represents a direct path to container escape and lateral movement for attackers with agent-level access.

Docker Code Injection
NVD VulDB
CVSS 4.0
6.1
EPSS
0.0%
CVE-2026-30661 MEDIUM This Month

iCMS v8.0.0 contains a Stored or Reflected Cross-Site Scripting (XSS) vulnerability in the User Management component's index.html file, where the regip and loginip parameters fail to properly sanitize user input before rendering in the HTML response. Remote attackers can exploit this vulnerability without authentication to execute arbitrary JavaScript in the context of victim browsers, potentially leading to session hijacking, credential theft, or malware distribution. A proof-of-concept has been publicly disclosed by the researcher, increasing real-world exploitation risk.

XSS
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-4754 MEDIUM PATCH This Month

This is a Stored or Reflected Cross-Site Scripting (XSS) vulnerability (CWE-79) in Android-ImageMagick7 versions before 7.1.2-11 that allows attackers to inject malicious scripts through crafted image inputs or related user-controlled data. Attackers with network access and no authentication required can exploit this vulnerability to execute arbitrary JavaScript in the context of affected applications, leading to session hijacking, credential theft, or malware distribution. The vulnerability has a CVSS score of 6.1 (Medium) with cross-site scope, and a patch is available from the vendor, though no confirmed active exploitation in KEV or public proof-of-concept code has been widely documented.

XSS Google Android
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-4781 LOW POC Monitor

SQL injection in SourceCodester Sales and Inventory System 1.0 allows authenticated remote attackers to manipulate the sid parameter in update_purchase.php, enabling unauthorized database queries and potential data exfiltration. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4780 LOW POC Monitor

SourceCodester Sales and Inventory System 1.0 contains a SQL injection vulnerability in the update_out_standing.php file's sid parameter that allows authenticated remote attackers to execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects PHP-based deployments and has a CVSS score of 5.3.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4779 LOW POC Monitor

SQL injection in SourceCodester Sales and Inventory System 1.0 via the sid parameter in update_customer_details.php allows authenticated remote attackers to execute arbitrary SQL commands. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations using PHP-based deployments of this system should restrict access to the vulnerable component until a fix is released.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4778 LOW POC Monitor

SQL injection in SourceCodester Sales and Inventory System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the sid parameter in update_category.php. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers with valid credentials can leverage this weakness to compromise database integrity and extract sensitive information.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4777 LOW POC Monitor

SQL injection in SourceCodester Sales and Inventory System 1.0's view_supplier.php POST parameter handler allows authenticated attackers to execute arbitrary SQL queries through the searchtxt parameter. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. The vulnerability affects PHP-based installations and currently lacks an available patch.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4626 LOW POC Monitor

A stored cross-site scripting (XSS) vulnerability exists in projectworlds Lawyer Management System version 1.0 within the /lawyer_booking.php file, where the Description parameter fails to sanitize user input before rendering. An authenticated attacker can inject malicious JavaScript that executes in the context of other users' browsers, potentially leading to session hijacking, credential theft, or unauthorized actions. A proof-of-concept exploit has been publicly disclosed on GitHub, and the vulnerability carries a CVSS score of 3.5 with evidence of public exploitation.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-3260 MEDIUM PATCH This Month

A resource exhaustion vulnerability exists in Undertow where remote attackers can send HTTP GET requests with multipart/form-data content to trigger premature parsing and disk storage of request data, leading to Denial of Service when applications use parameter retrieval methods like getParameterMap(). The vulnerability affects multiple Red Hat products including Enterprise Linux 8, 9, and 10, JBoss Enterprise Application Platform 7 and 8, Red Hat Fuse 7, and several Apache Camel variants. An attacker with network access and no authentication can exhaust server disk resources with moderate attack complexity, causing service unavailability.

Denial Of Service Red Hat
NVD VulDB
CVSS 3.1
5.9
EPSS
0.5%
CVE-2026-4616 LOW POC Monitor

A cross-site scripting (XSS) vulnerability exists in bolo-blog version 2.6.4 in the Article Title Handler component at /console/article/, where the articleTitle parameter is not properly sanitized before being rendered. An authenticated attacker with high privileges can inject malicious JavaScript through the articleTitle argument, resulting in stored or reflected XSS that compromises the integrity of the application. A proof-of-concept exploit has been publicly released on GitHub, and the vendor has not yet responded to early disclosure notifications.

XSS Bolo Blog
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-29772 MEDIUM PATCH This Month

Astro web framework versions prior to 10.0.0 contain an unbounded JSON parsing vulnerability in the Server Islands POST handler that allows unauthenticated remote attackers to exhaust server memory and cause denial of service. The vulnerability affects all Astro SSR applications using the Node standalone adapter, regardless of whether Server Islands functionality is actually used, because the request body is parsed before route validation occurs. An attacker can craft a payload containing many small JSON objects to achieve approximately 15x memory amplification, crashing the process with a single malicious request.

Denial Of Service Astro
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-33242 MEDIUM This Month

This vulnerability in NVIDIA's B300 MCU (specifically the CX8 MCU component) allows privileged attackers with network access to modify unsupported hardware registries, potentially causing denial of service and data tampering. The flaw affects HGX and DGX B300 systems and requires high privileges and non-trivial attack complexity to exploit, though no public exploit code or active exploitation has been reported at this time. SSVC assessment indicates the vulnerability presents partial technical impact with no known automated exploitation capability.

Denial Of Service Nvidia
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-4615 MEDIUM This Month

SQL injection in SourceCodester Online Catering Reservation 1.0 via the rcode parameter in /search.php allows unauthenticated remote attackers to manipulate database queries with no user interaction required. The vulnerability enables attackers to read, modify, or delete sensitive data, and public exploit code is readily available. PHP-based deployments of this catering reservation system are actively targeted due to the ease of exploitation and lack of available patches.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-33855 MEDIUM PATCH This Month

Android-ImageMagick7 versions prior to 7.1.2-11 are vulnerable to integer overflow that allows local attackers with user interaction to cause a denial of service condition. The vulnerability requires local access and user interaction to trigger, making it a lower-risk but still exploitable flaw in image processing operations. A patch is available for affected installations.

Integer Overflow Buffer Overflow Google Android
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-33853 MEDIUM PATCH This Month

A NULL pointer dereference vulnerability exists in MolotovCherry Android-ImageMagick7 before version 7.1.2-10 that allows local attackers with user interaction to trigger a denial of service condition by crashing the application. The vulnerability affects the Android-ImageMagick7 library (CWE-476) and requires local access and user interaction to exploit, resulting in high availability impact but no confidentiality or integrity compromise. A patch is available from the vendor via GitHub pull request #183.

Null Pointer Dereference Denial Of Service Google Android
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-33400 MEDIUM PATCH This Month

A stored cross-site scripting (XSS) vulnerability exists in Wallos versions prior to 4.7.0 within the payment method rename endpoint that allows authenticated users to inject arbitrary JavaScript code. When any user visits the Settings, Subscriptions, or Statistics pages, the injected malicious script executes in their browser context. This vulnerability is compounded by the wallos_login authentication cookie lacking the HttpOnly flag, enabling attackers to steal session tokens and achieve full account compromise through session hijacking.

XSS Wallos
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-33628 MEDIUM PATCH This Month

Invoice Ninja v5.13.0 and earlier contain a stored cross-site scripting (XSS) vulnerability in invoice line item descriptions that bypass the application's XSS denylist filter, allowing authenticated attackers to inject malicious JavaScript that executes when invoices are viewed in PDF preview or the client portal. Any authenticated user can create or modify invoices to inject payloads such as `<img src=x onerror=alert(document.cookie)>`, and victims viewing the invoice-including clients with lower privilege levels-will have the payload execute in their browser context, enabling session hijacking, account takeover, and data exfiltration. A patch is available in v5.13.4 via the vendor's GitHub repository.

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-29840 MEDIUM This Month

JiZhiCMS v2.5.6 and earlier contains a stored cross-site scripting (XSS) vulnerability in the user release function that allows authenticated attackers to inject malicious scripts through improper HTML sanitization. The vulnerability exists because the application filters <script> tags but fails to recursively remove dangerous event handlers (such as onerror) from other HTML elements like <img> tags, enabling persistent XSS attacks. A proof-of-concept has been published on GitHub, and while no CVSS score or EPSS data is currently available, the low barrier to exploitation (authenticated access via POST parameter) and persistent nature of the attack present meaningful risk to affected installations.

PHP XSS
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-33638 MEDIUM PATCH This Month

The Ech0 application exposes an unauthenticated API endpoint GET /api/allusers that returns a complete list of user records including usernames, email addresses, and account metadata without requiring authentication. This allows remote attackers to enumerate all system users and gather profile information for reconnaissance and targeted attacks. A working proof-of-concept exists demonstrating the vulnerability, and a patch is available in version 4.2.0.

Information Disclosure Authentication Bypass Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-33219 MEDIUM PATCH This Month

NATS.io nats-server WebSockets service is vulnerable to unbounded memory consumption when malicious unauthenticated clients connect and transmit large amounts of data. This denial-of-service vulnerability affects versions before v2.12.6 or v2.11.15 and has a moderate CVSS score of 5.3 (CWE-770: Allocation of Resources Without Limits or Throttling). Unlike the related CVE-2026-27571 compression bomb variant, this attack requires significant client-side bandwidth rather than algorithmic compression exploitation.

Denial Of Service
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-4649 MEDIUM PATCH This Month

Apache Artemis before version 2.52.0 contains an authentication bypass vulnerability (CVE-2026-27446) that allows attackers to read all messages exchanged via the broker and inject new messages. KNIME Business Hub, which embeds Apache Artemis, is affected across all versions, though exploitation requires an authenticated user with workflow execution privileges who can register a federated mirror without authenticating to the underlying Artemis instance. While no public exploit code has been disclosed and CVSS scoring is unavailable, the vulnerability represents a significant insider threat with direct impact on message confidentiality and integrity.

Authentication Bypass Apache Knime Business Hub Red Hat
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-4751 MEDIUM PATCH This Month

A NULL pointer dereference vulnerability exists in tmate versions prior to 2.4.0, allowing unauthenticated remote attackers to cause a denial of service condition by crashing the application. The vulnerability has a CVSS score of 5.3 (medium severity) with low attack complexity and no privilege requirements, making it readily exploitable over the network. A patch is available from the vendor, and this issue does not compromise confidentiality or integrity-only availability.

Denial Of Service Debian Null Pointer Dereference Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-4733 MEDIUM PATCH This Month

ixray-1.6-stcop before version 1.3 contains an Exposure of Sensitive Information vulnerability (CWE-200) that allows unauthenticated remote attackers to access unauthorized data. The vulnerability has a CVSS score of 5.3 with low attack complexity and no user interaction required, making it accessible over the network. While the vulnerability does not impact confidentiality or integrity according to the CVSS vector, the availability impact warrants immediate patching.

Information Disclosure Ixray 1 6 Stcop
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33247 MEDIUM PATCH This Month

A credential exposure vulnerability exists in NATS.io nats-server where static authentication credentials passed via command-line arguments are disclosed through the monitoring port's /debug/vars endpoint without redaction. NATS.io nats-server versions prior to 2.12.6 and 2.11.15 are affected. An attacker with network access to the monitoring port can retrieve plaintext credentials and gain unauthorized access to the messaging system, though this requires the uncommon configuration of both using command-line credentials and enabling monitoring.

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33545 MEDIUM PATCH This Month

A SQL injection vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

SQLi Denial Of Service Information Disclosure Python Apple +1
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33527 MEDIUM PATCH This Month

An authenticated user can manipulate server-generated session fields (expiresAt and createdWith) when updating their own session via the Parse Server REST API, allowing them to extend or indefinitely prolong their session validity and bypass the server's configured session lifetime policies. This authentication bypass affects Parse Server (npm:parse-server) on both version 8 and 9 branches, enabling a low-complexity attack that requires only valid user credentials. No public exploit or active exploitation in the wild has been documented, but patches are available from the vendor.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-28755 MEDIUM PATCH This Month

NGINX Plus and NGINX Open Source contain an authentication bypass vulnerability in the ngx_stream_ssl_module where revoked certificates are incorrectly accepted during TLS handshakes despite OCSP checking. When ssl_verify_client and ssl_ocsp are both enabled, the module fails to properly enforce certificate revocation status, allowing clients with revoked certificates to establish connections. This affects both commercial NGINX Plus and open-source NGINX deployments with a CVSS score of 5.4 (Medium), representing a localized confidentiality and integrity impact requiring authenticated attackers.

Nginx Authentication Bypass Red Hat Suse
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-4743 MEDIUM PATCH This Month

ncmdump versions before 1.4.0 contain a null pointer dereference vulnerability in the cJSON.cpp module that allows local attackers to cause a denial of service through application crash. An attacker with local access and user interaction can trigger this vulnerability to disable the affected ncmdump utility. A patch is available for affected users.

Denial Of Service Null Pointer Dereference Ncmdump
NVD GitHub VulDB
CVSS 4.0
5.2
EPSS
0.0%
CVE-2026-33162 MEDIUM PATCH This Month

An authorization bypass vulnerability exists in Craft CMS that allows authenticated control panel users with minimal accessCp permission to move entries across sections without possessing the required saveEntries:{sectionUid} permissions for either source or destination sections. The vulnerability affects Craft CMS versions prior to 5.9.14 and results from missing authorization enforcement in the POST /actions/entries/move-to-section endpoint, enabling low-privileged users to perform unauthorized content modifications that violate integrity controls and potentially disrupt editorial workflows and content routing. A patch is available from the vendor.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
4.9
EPSS
0.0%
CVE-2026-33222 MEDIUM PATCH This Month

NATS JetStream before v2.11.15 and v2.12.6 allows authenticated users with admin API access to bypass stream-level restore restrictions and restore backups to unauthorized streams, enabling unauthorized data manipulation. An attacker with JetStream admin credentials can exploit this privilege escalation vulnerability to access or modify streams they should not have permission to alter. No patch is currently available, requiring administrators to temporarily revoke JetStream restore permissions as a mitigation.

Authentication Bypass Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-33158 MEDIUM PATCH This Month

An authenticated Insecure Direct Object Reference (IDOR) vulnerability in Craft CMS allows low-privileged users to read private asset content by calling the assets/edit-image endpoint with an arbitrary assetId parameter they are not authorized to view. The endpoint fails to enforce per-asset authorization checks before returning image bytes or preview redirects, enabling unauthorized disclosure of sensitive files. A patch is available from the vendor for affected versions (Craft CMS 4.17.8 and 5.9.14), and the vulnerability affects all Craft CMS installations where private assets exist and low-privileged authenticated users have access.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
4.9
EPSS
0.0%
CVE-2026-33621 MEDIUM PATCH This Month

CVE-2026-33621 is a security vulnerability (CVSS 4.8). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Authentication Bypass
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-33620 MEDIUM PATCH This Month

PinchTab versions 0.7.8 through 0.8.3 accept API authentication tokens via URL query parameters (?token=...) in addition to the Authorization header, creating an unsafe credential transport pattern that exposes tokens through intermediary logs, browser history, shell history, and clipboard history. While this is not a direct authentication bypass-an attacker must obtain the token from a secondary source-the vulnerability is compounded by first-party dashboard setup flows that generate and consume tokenized URLs, increasing practical exposure likelihood. The issue was resolved in version 0.8.4 by removing query-string token authentication entirely and enforcing header-based authentication.

Authentication Bypass Suse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-33635 MEDIUM PATCH This Month

The Ruby icalendar library versions prior to the patched commit fail to sanitize carriage return and line feed characters in URI property values, allowing attackers to inject arbitrary ICS calendar lines through CRLF injection. Applications that generate .ics files from untrusted metadata are affected, enabling attackers to add malicious calendar properties such as attendees, URLs, or alarms that downstream calendar clients will process as legitimate event data. A proof-of-concept demonstrating the vulnerability is publicly available, and a patch is available from the vendor.

RCE
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-33249 MEDIUM PATCH This Month

A valid NATS client using message tracing headers can be exploited to send trace messages to arbitrary subjects, bypassing publish permission controls. This affects NATS Server versions prior to 2.12.6 and 2.11.15, allowing authenticated clients to violate authorization policies. While the injected payload is limited to valid trace messages rather than arbitrary content, the capability to publish to unauthorized subjects represents an integrity violation and potential information disclosure risk.

Authentication Bypass Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-21783 MEDIUM PATCH This Month

HCL Traveler contains a sensitive information disclosure vulnerability where error messages expose internal system details including file paths, tokens, credentials, and stack traces. This affects all versions of HCL Traveler as indicated by the CPE string, and requires authenticated access (PR:L) to exploit but can be leveraged by low-privilege users to reconnaissance the application architecture for follow-up attacks. With a CVSS score of 4.3 and confidentiality impact rated as LOW, this is a moderate information disclosure issue that lowers the bar for subsequent targeted attacks rather than directly compromising systems.

Information Disclosure Traveler
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-33248 MEDIUM PATCH This Month

NATS.io nats-server contains an authentication bypass vulnerability in its mTLS client identity verification when using the verify_and_map feature to derive NATS identities from TLS client certificate Subject DN patterns. An authenticated attacker with a valid certificate from a trusted CA can exploit certain RDN (Relative Distinguished Name) patterns to bypass intended identity mapping controls, potentially gaining unauthorized access to message queues. The vulnerability requires both a valid certificate and specific DN construction patterns, making it a low-probability but credible threat for sophisticated deployments; no public POC or active exploitation has been documented, and the CVSS score of 4.2 reflects the high attack complexity and privilege requirement.

Authentication Bypass Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-33619 MEDIUM PATCH This Month

PinchTab v0.8.3 contains a server-side request forgery vulnerability in its optional webhook scheduler that allows authenticated attackers to trigger outbound HTTP POST requests to arbitrary destinations, including internal and non-public IP ranges. The vulnerability exists because the webhook delivery path validates only the URL scheme (http/https) without rejecting loopback, private, or link-local addresses, and the HTTP client follows redirects without re-validation. A proof-of-concept is publicly available demonstrating blind SSRF capability; however, practical exploitation requires either administrative API token access in token-protected deployments or a tokenless configuration, and the scheduler must be explicitly enabled (it is disabled by default).

SSRF
NVD GitHub
CVSS 3.1
4.1
EPSS
0.0%
CVE-2026-33769 LOW PATCH Monitor

Astro's remotePatterns path enforcement contains a logic flaw where wildcard matching for /* is unanchored, allowing attackers to bypass path restrictions and access unintended resources on allowed hosts. Versions 2.10.10 through 5.18.0 are affected, enabling information disclosure through server-side image optimization endpoints and other remote fetchers. The vulnerability has been patched in version 5.18.1, and while no public exploit code or active exploitation has been reported in KEV databases, the straightforward nature of the bypass makes this a moderate to high priority for affected deployments.

Information Disclosure Astro
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.1%
CVE-2026-4742 LOW PATCH Monitor

An HTTP Request/Response Smuggling vulnerability exists in visualfc liteide due to inconsistent interpretation of HTTP requests in the HTTP parser component (http_parser.C), classified under CWE-444. This affects liteide versions before x38.4, allowing attackers to exploit the qjsonrpc HTTP parser module to smuggle malicious requests. An attacker could leverage this vulnerability to perform request smuggling attacks, potentially leading to cache poisoning, session hijacking, or information disclosure depending on the deployment context and HTTP intermediaries involved.

Information Disclosure Request Smuggling Liteide
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-33160 LOW PATCH Monitor

An unauthenticated user can exploit the `/assets/generate-transform` endpoint in Craft CMS to generate valid transform URLs for private assets without authorization checks, allowing anonymous access to transformed image content that should be restricted. This authentication bypass affects Craft CMS versions prior to 4.17.8 and 5.9.14, enabling attackers to derive and view content from private assets through the publicly accessible transform endpoint. The vulnerability has a published patch and advisory available from the vendor.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
2.7
EPSS
0.0%
CVE-2026-32642 LOW PATCH Monitor

An incorrect authorization vulnerability exists in Apache Artemis and Apache ActiveMQ Artemis where the OpenWire protocol fails to properly enforce permission checks when creating non-durable JMS topic subscriptions on non-existent addresses. A user with only 'createDurableQueue' permission but lacking 'createAddress' permission can bypass authorization controls to create temporary addresses that should be denied, circumventing the intended security model when address auto-creation is disabled. This authentication bypass persists until the OpenWire connection closes and the temporary address is cleaned up.

Apache Authentication Bypass Apache Artemis Apache Activemq Artemis
NVD VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-11571 LOW Monitor

A command injection vulnerability exists in Silicon Labs Simplicity Studio V5 and Simplicity Installer Tool for Simplicity Studio V6, where vulnerable endpoints accept user-controlled input through URLs in JSON format, enabling arbitrary command execution. An attacker on the same network can exploit this to execute system commands, though parameter passing is restricted. While CVSS scoring is unavailable, the vulnerability represents a significant local network threat to development environments using these tools.

Command Injection Simplicity Studio V5 Simplicity Installer Tool Silicon Labs Tool Slt For Simplicity Studio V6
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-33624 LOW PATCH Monitor

Parse Server versions prior to 8.6.60 and 9.6.0-alpha.54 contain a race condition vulnerability that allows attackers to reuse single-use MFA recovery codes an unlimited number of times through concurrent login requests. An attacker with knowledge of a user's password and possession of one valid recovery code can bypass the intended single-use restriction by sending multiple authentication attempts simultaneously within milliseconds, effectively defeating the multi-factor authentication protection mechanism. This vulnerability is tracked as CWE-367 (TOCTOU race condition) and has been patched in the aforementioned versions with fixes available via pull requests 10275 and 10276.

Information Disclosure Node.js
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4614 LOW Monitor

SQL injection in the Parameter Handler of itsourcecode sanitize or validate this input 1.0 allows authenticated remote attackers to manipulate the subject_code argument in /admin/subjects.php and execute arbitrary SQL commands. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-4433 LOW Monitor

Tenable OT contains an SSH misconfiguration that permits unauthorized disclosure of socket, port, and service information through the ostunnel user account and improper GatewayPorts settings. This vulnerability affects Tenable Operation Technology across multiple versions and allows attackers to enumerate underlying system architecture and network configuration without requiring high privileges or complex exploitation. While no CVSS score, EPSS data, or confirmed active exploitation is publicly documented, the information disclosure nature of this vulnerability enables reconnaissance for subsequent targeted attacks.

Information Disclosure Tenable Operation Technology
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-33161 LOW PATCH Monitor

An authorization bypass vulnerability in Craft CMS allows low-privileged authenticated users to extract private asset editing metadata, including focal point data, from assets they do not have permission to view. The vulnerability affects Craft CMS versions prior to 4.17.8 and 5.9.14, where the actionImageEditor endpoint fails to perform per-asset authorization checks before returning sensitive editor context. While no CVSS score or EPSS metric is currently published, this information disclosure vulnerability enables attackers to gain unauthorized insight into restricted asset configurations.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
1.3
EPSS
0.0%
CVE-2026-33525 LOW PATCH Monitor

A stored cross-site scripting (XSS) vulnerability exists in Authelia version 4.39.15 due to improper neutralization of the language cookie value when rendering HTML templates. This vulnerability only affects users who have deliberately disabled or modified the default Content Security Policy with unsafe directives (such as unsafe-inline scripts or arbitrary domain connections); default installations are completely protected. An attacker could potentially inject malicious JavaScript into the Authelia login page if multiple preconditions are met, including a secondary application vulnerability on the same domain, CSP misconfiguration, and the ability to manipulate cookies.

XSS
NVD GitHub
CVSS 4.0
0.5
EPSS
0.0%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy