Skip to main content
CVE-2026-33696 CRITICAL POC PATCH NEWS Act Now

A prototype pollution vulnerability in the XML and GSuiteAdmin nodes of n8n workflow automation platform allows authenticated users with workflow creation or modification permissions to achieve remote code execution. Versions prior to 2.14.1, 2.13.3, and 1.123.27 are affected. The CVSS score of 9.4 (Critical) reflects network-based exploitation with low complexity requiring only low-level authentication, though no current KEV listing or public POC availability is indicated in the provided intelligence.

Prototype Pollution RCE
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.5%
CVE-2026-33660 CRITICAL POC PATCH GHSA Act Now

An authenticated user with workflow creation or modification privileges in n8n workflow automation platform can exploit the Merge node's 'Combine by SQL' mode to read arbitrary local files on the n8n host and achieve remote code execution. n8n versions prior to 2.14.1, 2.13.3, and 1.123.26 are affected. The vulnerability carries a CVSS 4.0 score of 9.4 (Critical) due to insufficient sandbox restrictions in the AlaSQL component, allowing SQL injection-style attacks against the host system. No public proof-of-concept or active exploitation (KEV) status has been reported at this time.

RCE Code Injection N8n
NVD GitHub VulDB
CVSS 4.0
9.4
EPSS
0.1%
CVE-2024-51348 HIGH POC This Week

A stack-based buffer overflow vulnerability in the P2P API service in BS Producten Petcam with firmware 33.1.0.0818 allows unauthenticated attackers within network range to overwrite the instruction. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2024-58341 HIGH POC PATCH This Week

OpenCart Core 4.0.2.3 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'search' parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Opencart Core
NVD Exploit-DB GitHub VulDB
CVSS 4.0
8.8
EPSS
0.1%
CVE-2026-33665 HIGH POC PATCH This Week

Authenticated n8n users can hijack administrator accounts when LDAP authentication is enabled by manipulating their LDAP email attribute to match a target account's email address, gaining full access that persists even after reverting the email change. This authentication bypass (CWE-287) affects n8n versions prior to 2.4.0 and 1.121.0 where LDAP is configured, and public exploit code exists. The vulnerability requires LDAP to be actively enabled and the attacker to control their own LDAP email attribute, creating a critical account takeover risk for administrators.

Authentication Bypass N8n
NVD GitHub VulDB
CVSS 4.0
8.8
EPSS
0.0%
CVE-2026-33713 HIGH POC PATCH This Week

SQL injection in n8n's Data Table Get node allows authenticated users with workflow modification permissions to execute arbitrary SQL queries against PostgreSQL backends, enabling data modification and deletion. Public exploit code exists for this vulnerability. Affected versions prior to 1.123.26, 2.13.3, and 2.14.1 should be upgraded immediately, or workflow creation/editing permissions should be restricted to trusted users only.

SQLi PostgreSQL
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-33663 HIGH POC PATCH This Week

n8n workflow automation platform Community Edition contains an authorization bypass vulnerability allowing authenticated users with member-level privileges to steal plaintext credentials from other users. The flaw chains name-based credential resolution that doesn't enforce ownership with a permissions bypass affecting generic HTTP credential types (httpBasicAuth, httpHeaderAuth, httpQueryAuth). Attackers can decrypt and exfiltrate credentials without authorization, though native integration credentials remain unaffected.

Authentication Bypass PostgreSQL
NVD GitHub VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-28529 HIGH POC PATCH This Week

cryptodev-linux 1.14 and earlier suffer from a use-after-free vulnerability in the /dev/crypto device driver that enables local privilege escalation through reference count manipulation. Attackers with local access can exploit this memory corruption flaw to gain elevated privileges on affected systems. Public exploit code exists for this vulnerability.

Privilege Escalation Use After Free Memory Corruption Cryptodev Linux
NVD GitHub VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-3857 HIGH POC PATCH This Week

A Cross-Site Request Forgery (CSRF) vulnerability in GitLab Community Edition and Enterprise Edition allows unauthenticated attackers to execute arbitrary GraphQL mutations on behalf of authenticated users without their consent. All versions from 17.10 before 18.8.7, versions 18.9 before 18.9.3, and versions 18.10 before 18.10.1 are affected. A public proof-of-concept exploit is available via HackerOne report 3584382, significantly increasing the risk of active exploitation.

Gitlab CSRF
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-2995 HIGH POC PATCH This Week

Improper HTML sanitization in GitLab EE versions 15.4-18.10.1 allows authenticated users to add email addresses to arbitrary user accounts, potentially enabling account takeover or unauthorized access escalation. Public exploit code exists for this vulnerability, and no patch is currently available. Affected deployments should implement access controls to restrict user modification privileges until updates become available.

Gitlab XSS
NVD VulDB
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-3988 HIGH POC PATCH This Week

GitLab CE/EE contains a denial of service vulnerability in GraphQL request processing due to improper input validation (CWE-407). All versions from 18.5 through 18.8.6, 18.9 through 18.9.2, and 18.10 before 18.10.1 are affected. An unauthenticated attacker can remotely exploit this with low complexity to render GitLab instances unresponsive, and a public proof-of-concept exploit is available via HackerOne report 3597342.

Gitlab Denial Of Service
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1519 HIGH POC PATCH This Week

BIND resolver servers performing DNSSEC validation can be forced into excessive CPU consumption when encountering a maliciously crafted DNS zone, resulting in denial of service. The vulnerability affects BIND 9 versions from 9.11.0 through current versions across multiple branches (9.16.50, 9.18.46, 9.20.20, 9.21.19) including BIND Supported Preview Edition variants. The CVSS score of 7.5 indicates high availability impact with network-based exploitation requiring no authentication, though no active exploitation (KEV) or proof-of-concept availability has been indicated in the provided data.

Information Disclosure Bind 9
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-3104 HIGH POC PATCH This Week

Memory exhaustion in BIND 9 resolver allows unauthenticated remote attackers to cause denial of service by querying specially crafted domains, affecting versions 9.20.0-9.20.20, 9.21.0-9.21.19, and 9.20.9-S1-9.20.20-S1. The vulnerability stems from improper memory management (CWE-772) and can be triggered without authentication or user interaction. Patches are available for affected Ubuntu, SUSE, and Debian systems.

Information Disclosure Bind 9
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33722 HIGH POC PATCH This Week

Authenticated users in n8n versions prior to 1.123.23 and 2.6.4 can bypass external secrets permission checks to retrieve plaintext secret values from configured vaults by referencing secrets by name in credentials, even without list permissions. This allows unauthorized access to sensitive vault-stored credentials without requiring admin or owner privileges, provided the attacker knows or can guess the target secret name. Public exploit code exists for this vulnerability.

Authentication Bypass Hashicorp
NVD GitHub VulDB
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-2745 MEDIUM POC PATCH This Month

GitLab CE/EE versions 7.11 through 18.10 contain an authentication bypass vulnerability in the WebAuthn two-factor authentication implementation due to inconsistent input validation, allowing unauthenticated attackers to gain unauthorized access to user accounts. The vulnerability affects a wide version range spanning multiple releases (7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1). A proof-of-concept exploit is publicly available, and while the CVSS score of 6.8 indicates moderate severity, the authentication bypass nature and active exploit availability represent a significant real-world threat to GitLab deployments.

Gitlab Authentication Bypass
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-1724 MEDIUM POC PATCH This Month

GitLab EE contains an improper access control vulnerability that allows unauthenticated users to retrieve API tokens for self-hosted AI models without authentication. The vulnerability affects GitLab versions 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1, impacting any organization running these versions with AI model integrations. With a CVSS score of 6.8 and publicly available proof-of-concept code, this represents a significant credential exposure risk requiring immediate patching.

Gitlab Authentication Bypass
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-13436 MEDIUM POC PATCH This Month

GitLab CE/EE contains a denial of service vulnerability in CI-related input handling that allows authenticated users to consume excessive server resources, potentially rendering the service unavailable. Versions 13.7 through 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 are affected across all GitLab installations. A publicly available proof-of-concept exists from HackerOne (report 3418149), though CISA has not flagged this for active exploitation in the wild, and the SSVC framework indicates no evidence of current weaponization despite automatable characteristics being unavailable.

Gitlab Denial Of Service
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-13078 MEDIUM POC PATCH This Month

GitLab CE/EE contains a denial of service vulnerability in webhook configuration processing that allows authenticated users to consume excessive server resources, affecting versions 16.10 through 18.10.0. An attacker with valid GitLab credentials can trigger this issue by submitting specially crafted webhook configuration inputs, resulting in application unavailability. A proof-of-concept exploit is publicly available via HackerOne, and patches are available for affected versions.

Gitlab Denial Of Service
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-4822 MEDIUM POC PATCH This Month

Iperius Backup 8.7.3 creates temporary files with insecure permissions in the Backup Service component, allowing local authenticated attackers to potentially escalate privileges or access sensitive data. The vulnerability requires local access and high attack complexity, but public exploit code exists. Upgrading to version 8.7.4 resolves the issue.

Information Disclosure Iperius Backup
NVD VulDB GitHub
CVSS 4.0
6.4
EPSS
0.0%
CVE-2026-4824 MEDIUM POC PATCH This Month

Improper privilege management in Iperius Backup through version 8.7.3 allows local authenticated attackers to escalate privileges via manipulation of the Backup Job Configuration File Handler, with public exploit code available. The vulnerability requires local access and high attack complexity but grants full confidentiality and integrity impacts to affected systems. Upgrade to version 8.7.4 or later to remediate.

Privilege Escalation Iperius Backup
NVD VulDB GitHub
CVSS 4.0
6.4
EPSS
0.0%
CVE-2026-33724 MEDIUM POC PATCH This Month

n8n versions prior to 2.5.0 contain a critical SSH host key verification bypass in the Source Control feature that allows network-positioned attackers to perform man-in-the-middle attacks against Git operations. Affected users who have explicitly enabled and configured SSH-based source control can have their workflows injected with malicious content or have repository data intercepted without authentication. While the feature is non-default and requires explicit configuration, the vulnerability enables complete compromise of workflow integrity and potential lateral movement within automation pipelines.

Authentication Bypass N8n
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-33720 MEDIUM POC PATCH This Month

This vulnerability in n8n (an open-source workflow automation platform) is an authentication bypass in the OAuth callback handler that occurs when the N8N_SKIP_AUTH_ON_OAUTH_CALLBACK environment variable is explicitly set to true. An attacker can manipulate the OAuth state parameter verification to trick a victim into completing an OAuth flow that stores the victim's OAuth tokens in an attacker-controlled credential object, allowing the attacker to execute workflows using the victim's delegated permissions. The vulnerability affects n8n versions prior to 2.8.0 and requires non-default configuration to be exploitable, limiting its widespread impact but creating significant risk for affected deployments.

Authentication Bypass N8n
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-32525 CRITICAL Act Now

A Code Injection vulnerability (CWE-94) exists in JetFormBuilder versions up to and including 3.5.6.1, allowing attackers to inject and execute arbitrary code within the application context. The vulnerability affects the JetFormBuilder plugin for WordPress across all versions through 3.5.6.1, and an attacker can leverage this to achieve Remote Code Execution (RCE) by injecting malicious code through form-processing mechanisms. Patchstack has documented this vulnerability with an assigned EUVD ID (EUVD-2026-15889), and while a CVSS score has not been formally assigned, the RCE classification indicates critical severity.

Code Injection RCE Jetformbuilder
NVD VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-27044 CRITICAL Act Now

Total Poll Lite, a WordPress plugin, contains an improper code injection vulnerability (CWE-94) that allows remote code inclusion and execution. All versions up to and including 4.12.0 are affected. An attacker can exploit this vulnerability to achieve remote code execution (RCE) on WordPress installations running the vulnerable plugin, potentially gaining full control of the affected web application.

Code Injection RCE Total Poll Lite
NVD VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-25366 CRITICAL Act Now

A Code Injection vulnerability exists in the Themeisle Woody ad snippets plugin (insert-php) through version 2.7.1 that allows unauthenticated attackers to execute arbitrary PHP code on affected WordPress installations. The vulnerability stems from improper control of code generation, classified as CWE-94, enabling remote code execution (RCE). Patchstack has documented this issue, and affected installations should be patched immediately as the attack vector appears to be network-accessible with low complexity.

PHP Code Injection RCE
NVD VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-32536 CRITICAL Act Now

The halfdata Green Downloads plugin for WordPress contains an unrestricted file upload vulnerability (CWE-434) that permits attackers to upload malicious files to affected systems. This vulnerability affects Green Downloads versions up to and including 2.08, as confirmed by Patchstack and ENISA. An unauthenticated or low-privileged attacker can exploit this to upload dangerous file types, potentially leading to remote code execution, website defacement, or malware distribution.

File Upload Green Downloads
NVD VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-25345 CRITICAL Act Now

A improper input validation vulnerability in GalleryCreator SimpLy Gallery plugin (versions up to 3.3.2) allows attackers to access functionality that should be restricted by access control lists (ACLs), potentially leading to information disclosure and arbitrary code execution. The vulnerability affects WordPress installations using the simply-gallery-block plugin and stems from insufficient validation of quantity inputs combined with inadequate authorization checks. While CVSS scoring is unavailable, the reported nature of the vulnerability suggests elevated risk due to the potential for unauthorized functionality access and code execution capabilities.

Information Disclosure Simply Gallery
NVD VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-32523 CRITICAL Act Now

WPJAM Basic, a WordPress plugin, contains an unrestricted file upload vulnerability (CWE-434) that allows attackers to upload malicious files without proper validation. All versions through 6.9.2 are affected, potentially enabling remote code execution or other attacks depending on server configuration. While CVSS and EPSS scores are unavailable, the nature of arbitrary file upload vulnerabilities in WordPress plugins typically carries high real-world risk due to ease of exploitation and severe impact.

File Upload Wpjam Basic
NVD VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-32482 CRITICAL PATCH Act Now

An unrestricted file upload vulnerability exists in the deothemes Ona WordPress theme that allows attackers to upload web shells to affected servers. All versions of Ona prior to 1.24 are vulnerable, enabling remote code execution through malicious file uploads. This vulnerability is classified as CWE-434 (Unrestricted Upload of File with Dangerous Type) and represents a critical risk for any WordPress installation using the affected theme versions.

File Upload Ona
NVD VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-25413 CRITICAL Act Now

WPBookit Pro through version 1.6.18 contains an unrestricted file upload vulnerability (CWE-434) that allows attackers to upload malicious files to affected WordPress installations. This arbitrary file upload flaw enables remote code execution and complete site compromise without requiring authentication or special privileges. The vulnerability affects all versions of the iqonicdesign WPBookit Pro plugin up to and including 1.6.18, making it a critical risk for WordPress administrators using this booking plugin.

File Upload Wpbookit Pro
NVD VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-26830 CRITICAL Act Now

The pdf-image npm package through version 2.0.0 contains an OS command injection vulnerability in the pdfFilePath parameter. Attackers can exploit this remotely without authentication by injecting malicious commands through file path inputs that are passed unsafely to shell commands via child_process.exec(). A proof-of-concept exploit is publicly available on GitHub (zebbernCVE/CVE-2026-26830), significantly increasing exploitation risk.

Node.js Command Injection RCE Code Injection
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-26832 CRITICAL Act Now

The node-tesseract-ocr npm package versions through 2.2.1 contains a critical OS command injection vulnerability in the recognize() function where file path parameters are concatenated into shell commands without sanitization before being passed to child_process.exec(). Attackers can achieve complete remote code execution with no authentication required. A proof-of-concept exploit exists at the GitHub repository linked in references (zebbernCVE/CVE-2026-26832), indicating active research into this vulnerability.

Node.js Command Injection
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-26833 CRITICAL GHSA Act Now

Thumbler through version 1.1.2 contains an OS command injection vulnerability in the thumbnail() function where user-supplied input from the input, output, time, or size parameters is directly concatenated into shell commands executed via Node.js child_process.exec() without sanitization or escaping. This allows unauthenticated attackers to execute arbitrary operating system commands with the privileges of the application process. A proof-of-concept has been documented in public repositories, making this vulnerability immediately actionable for exploitation.

Code Injection RCE Command Injection
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-26831 CRITICAL GHSA Act Now

The textract library through version 2.5.0 contains an OS command injection vulnerability in its file extraction modules that allows attackers to execute arbitrary operating system commands by crafting malicious filenames. The vulnerability affects multiple extractors (doc.js, rtf.js, dxf.js, images.js, and util.js) where user-supplied file paths are passed directly to child_process.exec() without adequate sanitization. An attacker can exploit this by uploading or referencing files with specially crafted names containing shell metacharacters, leading to complete system compromise with the privileges of the process running textract.

Code Injection RCE Command Injection
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-33670 CRITICAL PATCH Act Now

SiYuan, a note-taking application written in Go, contains an unauthenticated directory traversal vulnerability in its /api/file/readDir endpoint. The vulnerability allows remote attackers without authentication to enumerate the entire directory structure of notebooks, configuration folders, plugins, and resource directories, which can be chained with file reading vulnerabilities for arbitrary document access. A working Python proof-of-concept exploit is publicly available, demonstrating recursive directory enumeration of data/ and conf/ directories.

Path Traversal Python Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-59706 CRITICAL Act Now

N2W versions prior to 4.3.2 and 4.4.0 prior to 4.4.1 contain improper validation of API request parameters that enables unauthenticated remote code execution. An attacker can craft malicious API requests to bypass input validation and achieve arbitrary code execution on affected systems. This vulnerability affects cloud backup and disaster recovery infrastructure and poses critical risk to data protection environments.

RCE Authentication Bypass
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-59707 CRITICAL Act Now

N2W versions before 4.3.2 and 4.4.x before 4.4.1 contain a spoofing vulnerability that enables remote code execution and account credential theft. The vulnerability allows attackers to impersonate legitimate entities, potentially leading to arbitrary code execution on affected systems and unauthorized access to sensitive credentials. No CVSS score, EPSS data, or active KEV designation is currently available, limiting immediate risk quantification.

RCE Authentication Bypass
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-28858 CRITICAL PATCH Act Now

Insufficient bounds checking in Apple iOS and iPadOS 26.4 allows unauthenticated remote attackers to trigger buffer overflow conditions that corrupt kernel memory or cause system crashes without user interaction. This critical vulnerability affects all devices running the affected OS versions and has no available patch. An attacker can exploit this flaw over the network to achieve denial of service or potentially escalate privileges through kernel memory corruption.

Apple Buffer Overflow iOS
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-70888 CRITICAL PATCH Act Now

A privilege escalation vulnerability exists in osslsigncode (mtrojnar) versions 2.10 and earlier within the osslsigncode.c component, allowing remote attackers to escalate privileges. The vulnerability affects users of the osslsigncode code signing utility. While CVSS scoring is not yet available, referenced GitHub issues and pull requests suggest this is an authenticated or context-dependent issue that has been identified and likely patched.

Privilege Escalation Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-33669 CRITICAL PATCH Act Now

An unauthenticated information disclosure vulnerability exists in SiYuan note-taking application that allows remote attackers to read the content of all documents, including encrypted or access-restricted files, through two API endpoints (/api/file/readDir and /api/block/getChildBlocks). A working proof-of-concept Python exploit has been published demonstrating complete document enumeration and content retrieval. With a CVSS score of 9.8 (Critical) indicating network-based exploitation requiring no privileges or user interaction, this represents a severe confidentiality breach for all published SiYuan instances.

Information Disclosure Python Buffer Overflow Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-32512 CRITICAL PATCH Act Now

A PHP object injection vulnerability exists in the Edge-Themes Pelicula video production and movie theme due to insecure deserialization of untrusted data, classified as CWE-502. The vulnerability affects Pelicula versions prior to 1.10, allowing attackers to inject arbitrary objects and potentially achieve remote code execution or other malicious outcomes. No CVSS score or EPSS data has been published, and no confirmed KEV or active exploitation in the wild has been reported, but the nature of object injection vulnerabilities typically enables high-impact attacks when paired with accessible gadget chains in the WordPress ecosystem.

Deserialization Pelicula
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-32502 CRITICAL Act Now

A deserialization of untrusted data vulnerability exists in Select-Themes Borgholm marketing agency theme (WordPress) that allows object injection attacks. The vulnerability affects Borgholm versions prior to 1.6, and attackers can exploit this to inject malicious PHP objects that execute arbitrary code within the WordPress environment. While no CVSS score or EPSS data is currently available, the CWE-502 classification indicates this is a critical deserialization flaw with high exploitation potential; no active KEV or public POC status is documented, but the vulnerability was reported through Patchstack with full advisory details available.

Deserialization Borgholm
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27095 CRITICAL Act Now

A deserialization of untrusted data vulnerability (CWE-502) exists in the magepeopleteam Bus Ticket Booking with Seat Reservation WordPress plugin through version 5.6.0, allowing object injection attacks. An attacker can inject malicious serialized PHP objects into the application, potentially leading to remote code execution or other critical impacts depending on available gadget chains in the WordPress environment. No CVSS score or EPSS data is currently available, and KEV status is unknown, but the vulnerability affects all installations running the vulnerable plugin versions.

Deserialization Bus Ticket Booking With Seat Reservation
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27084 CRITICAL Act Now

A PHP Object Injection vulnerability exists in the ThemeREX Buisson WordPress theme through version 1.1.11, stemming from unsafe deserialization of untrusted data (CWE-502). This flaw allows attackers to inject malicious serialized objects that can lead to arbitrary code execution or other object manipulation attacks depending on available gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published and the vulnerability has not been listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, the public disclosure via Patchstack indicates active awareness in the security community.

Deserialization Buisson
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27083 CRITICAL Act Now

A PHP Object Injection vulnerability exists in the ThemeREX Work & Travel Company WordPress theme through version 1.2, stemming from unsafe deserialization of untrusted data (CWE-502). An attacker can exploit this vulnerability to inject malicious objects into the application, potentially leading to remote code execution or arbitrary object manipulation depending on the gadget chains available in the WordPress environment. No CVSS score, EPSS data, or KEV status is currently available, and the vulnerability was identified and reported by Patchstack, though active exploitation status remains unclear.

Deserialization Work Travel Company
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27082 CRITICAL Act Now

A PHP Object Injection vulnerability exists in ThemeREX Love Story WordPress theme through version 1.3.12, stemming from unsafe deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects that can lead to remote code execution or other object-oriented attack chains. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and has been reported by Patchstack; no CVSS score or EPSS data is currently available, and KEV status is unknown.

Deserialization Love Story
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-27049 CRITICAL Act Now

Unauthenticated attackers can bypass authentication controls in NooTheme Jobica Core through an alternate access path, affecting versions up to 1.4.2. This critical vulnerability (CVSS 9.8) enables attackers to gain unauthorized access without credentials or user interaction. No patch is currently available.

Authentication Bypass Jobica Core
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-25429 CRITICAL Act Now

A PHP Object Injection vulnerability exists in the Nexa Blocks WordPress plugin (versions up to and including 1.1.1) due to unsafe deserialization of untrusted data, allowing attackers to instantiate arbitrary PHP objects and potentially achieve remote code execution. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and affects all installations of the affected plugin versions. While no CVSS score or EPSS data are currently available, the nature of object injection vulnerabilities combined with PHP's magic methods provides significant exploitation potential for code execution or privilege escalation.

Deserialization Nexa Blocks
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-25035 CRITICAL Act Now

Contest Gallery through version 28.1.2.2 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to abuse alternate authentication paths and gain unauthorized access to the application. With a CVSS score of 9.8 and no patch currently available, this critical vulnerability poses an immediate risk to all affected installations.

Authentication Bypass Contest Gallery
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-25032 CRITICAL PATCH Act Now

A deserialization of untrusted data vulnerability exists in the park_of_ideas Ricky theme (all versions prior to 2.31) that allows object injection attacks. An attacker can inject malicious serialized PHP objects to achieve arbitrary code execution or data manipulation. While no CVSS score or EPSS data is currently available and KEV status is unknown, the CWE-502 classification indicates a critical deserialization flaw that typically requires network access but no authentication.

Deserialization Ricky
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
Page 1 of 13 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy