Skip to main content
CVE-2026-28829 MEDIUM PATCH This Month

A permissions enforcement vulnerability in macOS allows applications to modify protected portions of the file system that should be restricted from unauthorized access. This issue affects macOS Sequoia, Sonoma, and Tahoe across multiple versions prior to their patched releases (15.7.5, 14.8.5, and 26.4 respectively). An attacker controlling or tricking a user into running a malicious application could leverage this permissions bypass to modify system-critical files, potentially enabling privilege escalation, persistence mechanisms, or system compromise.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-28892 MEDIUM PATCH This Month

A permissions enforcement vulnerability in macOS allows applications to bypass file system protections and modify protected system files or directories through inadequate access controls. This affects macOS Sequoia (before 15.7.5), macOS Sonoma (before 14.8.5), and macOS Tahoe (before 26.4). Apple has addressed the issue by removing vulnerable code, and no active exploitation or proof-of-concept has been publicly disclosed at this time.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-32511 MEDIUM PATCH This Month

A deserialization of untrusted data vulnerability exists in Mikado-Themes Stål (a WordPress theme) that allows arbitrary object injection through unsafe unserialize() operations. Versions prior to 1.7 are affected. An attacker can exploit this to instantiate arbitrary PHP objects, potentially leading to remote code execution, data exfiltration, or site compromise depending on available gadget chains in the WordPress environment.

Deserialization St L
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-32507 MEDIUM PATCH This Month

A deserialization of untrusted data vulnerability exists in Elated-Themes Leroux WordPress theme versions prior to 1.4, allowing unauthenticated attackers to perform arbitrary object instantiation through object injection attacks. An attacker can exploit this vulnerability to instantiate arbitrary PHP objects, potentially leading to remote code execution or information disclosure depending on available gadget chains in the WordPress environment. While no CVSS score or active KEV status is currently available, the vulnerability has been documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15861, indicating it is a recognized threat affecting WordPress installations using the vulnerable Leroux theme.

Deserialization Leroux
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-32562 MEDIUM This Month

Unauthorized users in WP Folio Team's Password Protect Page plugin (versions up to 1.9.15) can bypass access controls due to missing authorization checks, allowing them to modify page content or cause service disruptions. Authenticated attackers can exploit this vulnerability to escalate privileges and manipulate access restrictions on protected pages. No patch is currently available.

Authentication Bypass Ppwp
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-20108 MEDIUM This Month

Cisco Catalyst SD-WAN Manager's web interface contains a reflected cross-site scripting (XSS) vulnerability that requires user interaction and authentication to exploit. An attacker can craft a malicious link to execute arbitrary JavaScript in a victim's browser session, potentially stealing sensitive information or performing unauthorized actions within the management interface. No patch is currently available.

Cisco XSS Cisco Catalyst Sd Wan Manager
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-33912 MEDIUM This Month

OpenEMR versions prior to 8.0.0.3 contain a stored cross-site scripting (XSS) vulnerability in form handling that allows authenticated attackers to inject malicious JavaScript into forms, which executes in the browser sessions of victims who submit those forms. An attacker with valid OpenEMR credentials can craft a malicious form that, upon submission by any user, executes arbitrary JavaScript with the privileges of the victim's session, potentially leading to session hijacking, credential theft, or unauthorized actions within the electronic health records system. The vulnerability is low-to-moderate severity (CVSS 5.4) due to the requirement for authentication and user interaction, but it poses significant risk in healthcare environments where attackers may have legitimate credentials and victims include healthcare providers with broad system access.

XSS Openemr
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-33911 MEDIUM This Month

This is a stored/reflected cross-site scripting (XSS) vulnerability in OpenEMR versions prior to 8.0.0.3 where the POST parameter 'title' is improperly encoded in JSON responses but served with a text/html Content-Type header, causing browsers to execute injected JavaScript rather than treat the output as data. An authenticated attacker can craft a malicious request to execute arbitrary JavaScript in a victim's session, potentially leading to session hijacking, credential theft, or unauthorized actions within the electronic health records system. The vulnerability carries a moderate CVSS score of 5.4 but requires authentication and user interaction (UI:R), reducing immediate exploitation likelihood, though a proof-of-concept fix commit is available in the GitHub repository.

XSS Openemr
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-3215 MEDIUM PATCH This Month

A Cross-Site Scripting (XSS) vulnerability exists in Drupal Islandora due to improper neutralization of user input during web page generation. All versions of Islandora from 0.0.0 through 2.17.4 are affected, allowing attackers to inject and execute malicious JavaScript in the context of affected users' browsers. Exploitation enables session hijacking, credential theft, malware distribution, and defacement of the repository interface.

XSS Islandora
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-3212 MEDIUM PATCH This Month

A Cross-Site Scripting (XSS) vulnerability exists in Drupal Tagify module versions prior to 1.2.49, stemming from improper neutralization of user input during web page generation. An attacker can inject malicious scripts that execute in the context of other users' browsers, potentially leading to session hijacking, credential theft, or malware distribution. This vulnerability affects all Tagify installations from version 0.0.0 through 1.2.48, and patch availability has been confirmed through the Drupal security advisory.

XSS Drupal
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2348 MEDIUM PATCH This Month

A Cross-Site Scripting (XSS) vulnerability exists in Drupal Quick Edit due to improper neutralization of user input during web page generation. This vulnerability affects Quick Edit versions 0.0.0 through 1.0.4 and versions 2.0.0 through 2.0.0, allowing attackers to inject malicious scripts that execute in the context of authenticated users' browsers. The vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation) and has been disclosed by the Drupal security team with patches available for affected versions.

XSS Quick Edit
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-1561 MEDIUM PATCH This Month

IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 contain a server-side request forgery (SSRF) vulnerability that allows authenticated remote attackers to send unauthorized requests from the vulnerable system. This exposure could enable network enumeration, internal service discovery, or facilitate secondary attacks against internal infrastructure. A patch is available from IBM, and the vulnerability requires authenticated access (PR:L) but has low attack complexity, making it a medium-priority issue for organizations running affected Liberty instances.

IBM SSRF
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2483 MEDIUM PATCH This Month

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a stored or reflected cross-site scripting (XSS) vulnerability in the Web UI that allows authenticated users to inject arbitrary JavaScript code. An attacker with valid credentials can exploit this vulnerability to alter application functionality and potentially steal session credentials or perform actions on behalf of other users within a trusted browser session. A patch is available from IBM, and the vulnerability has a CVSS score of 5.4 with moderate real-world risk due to the requirement for prior authentication and user interaction.

IBM XSS
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-20114 MEDIUM This Month

Insufficient parameter validation in Cisco IOS XE Software's Lobby Ambassador management API allows authenticated remote attackers to bypass access controls and create unauthorized administrative accounts. An attacker with standard Lobby Ambassador credentials can exploit this flaw to escalate privileges and gain full management API access on affected devices. This impacts Cisco and Apple products and currently has no available patch.

Cisco Information Disclosure Apple
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-32510 MEDIUM PATCH This Month

A deserialization of untrusted data vulnerability exists in Edge-Themes Kamperen WordPress theme versions prior to 1.3, allowing attackers to perform arbitrary object instantiation through object injection attacks. This CWE-502 vulnerability enables remote code execution or information disclosure without requiring authentication in many scenarios. While no CVSS score is currently published and KEV/EPSS data are unavailable, the vulnerability has been reported by Patchstack and affects all installations of the Kamperen theme below version 1.3.

Deserialization Kamperen
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-32509 MEDIUM PATCH This Month

A deserialization of untrusted data vulnerability exists in Edge-Themes Gracey WordPress theme versions prior to 1.4, allowing attackers to perform arbitrary object instantiation through object injection attacks. This CWE-502 vulnerability affects all installations of Gracey below version 1.4 and could enable remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. No CVSS score, EPSS risk metric, or KEV status has been publicly assigned, but the vulnerability is documented by Patchstack with a patch available in version 1.4.

Deserialization Gracey
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-32508 MEDIUM PATCH This Month

This is a deserialization of untrusted data vulnerability in the Mikado-Themes Halstein WordPress theme (versions prior to 1.8) that allows arbitrary object injection via CWE-502. An attacker can exploit this flaw to instantiate arbitrary PHP objects, potentially leading to remote code execution or information disclosure depending on available gadget chains. The vulnerability was reported by Patchstack and affects all versions of Halstein below 1.8; no CVSS score, EPSS data, or KEV status is currently published, limiting immediate risk quantification but indicating this is a serious deserialization flaw that should be patched urgently.

Deserialization Halstein
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-32506 MEDIUM PATCH This Month

A deserialization of untrusted data vulnerability exists in Edge-Themes Archicon WordPress theme versions prior to 1.7, allowing attackers to perform arbitrary object instantiation through object injection attacks. This vulnerability, tracked as CWE-502, enables attackers to instantiate arbitrary PHP objects during the deserialization process, potentially leading to remote code execution or other malicious outcomes depending on available gadget chains in the WordPress environment. The vulnerability was reported by Patchstack and affects all versions of Archicon below 1.7, with a patch available in version 1.7 and later.

Deserialization Archicon
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-1015 MEDIUM PATCH This Month

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a server-side request forgery (SSRF) vulnerability that allows authenticated attackers to send unauthorized requests from the affected system. This could enable network enumeration, lateral movement, or facilitate secondary attacks against internal systems. The vulnerability requires valid authentication credentials but presents moderate risk with a CVSS score of 5.4 and has an available patch from IBM.

IBM SSRF
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-14912 MEDIUM PATCH This Month

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a server-side request forgery (SSRF) vulnerability that allows authenticated attackers to send unauthorized requests from the vulnerable system. This enables network enumeration, lateral movement, or facilitation of secondary attacks against internal or external resources. The vulnerability requires valid credentials to exploit but carries moderate real-world risk given the CVSS 5.4 score and the authenticated attack vector.

IBM SSRF
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-33915 MEDIUM This Month

OpenEMR versions prior to 8.0.0.3 allow authenticated API users to bypass administrative access controls on five insurance company management REST API endpoints due to missing authorization checks. An attacker with valid API credentials but non-administrative OpenEMR privileges can create, read, and modify insurance company records without proper permission validation. The vulnerability requires prior authentication and affects data integrity rather than confidentiality or availability; no public exploit code has been identified, and exploitation probability is very low (EPSS 0.02%).

Openemr Privilege Escalation Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-3591 MEDIUM PATCH This Month

A use-after-return vulnerability in ISC BIND 9's SIG(0) DNS query handler allows an attacker with low-level authentication privileges to manipulate ACL matching logic, potentially bypassing default-allow access controls and gaining unauthorized access to DNS services. The vulnerability affects BIND 9 versions 9.20.0-9.20.20, 9.21.0-9.21.19, and their security branches (9.20.9-S1-9.20.20-S1), while older stable releases (9.18.x) are unaffected. Vendor patches are available, and the moderate CVSS 5.4 score reflects limited technical impact when ACLs are properly configured with fail-secure defaults.

Authentication Bypass Bind 9
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-33672 MEDIUM PATCH This Month

picomatch is vulnerable to a method injection vulnerability (CWE-1321) in its POSIX_REGEX_SOURCE object that allows specially crafted POSIX bracket expressions like [[:constructor:]] to reference inherited Object.prototype methods, causing these methods to be stringified and injected into generated regular expressions. This affects all versions of the npm package picomatch prior to 2.3.2, 3.0.2, and 4.0.4, and can cause incorrect glob matching behavior leading to integrity violations where patterns match unintended filenames; while this does not enable remote code execution, it can compromise security-relevant logic in applications using glob matching for filtering, validation, or access control. The vulnerability is not listed in CISA KEV and has no widely published proof-of-concept, but patches are available from the vendor.

RCE Prototype Pollution Red Hat
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-3210 MEDIUM PATCH This Month

An incorrect authorization vulnerability exists in the Drupal Material Icons module that allows attackers to bypass authentication controls and access restricted resources through forceful browsing (CWE-863). The vulnerability affects Material Icons versions 0.0.0 through 2.0.3, enabling unauthenticated or low-privileged users to enumerate and access icon resources that should be restricted. No CVSS score, EPSS data, or known exploits in the wild have been disclosed at this time, but the vulnerability has been formally documented by the Drupal security team with a dedicated security advisory.

Authentication Bypass Material Icons
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33809 MEDIUM PATCH This Month

Memory exhaustion in TIFF image processing allows unauthenticated remote attackers to trigger allocation of up to 4GiB of memory by submitting malicious image files, resulting in denial of service through resource depletion or application crashes. Affected systems lack available patches, leaving deployed instances vulnerable to this attack vector requiring only network access and no user interaction.

File Upload Golang Org X Image Tiff
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-32492 MEDIUM This Month

My Tickets plugin version 2.1.1 and earlier contains an authentication bypass vulnerability that allows unauthenticated attackers to spoof user identities and gain unauthorized access to ticket systems. The vulnerability requires no user interaction and can be exploited remotely by any network-connected attacker. Currently, no patch is available for this medium-severity issue affecting installations of this WordPress plugin.

Authentication Bypass My Tickets
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-32497 MEDIUM This Month

A weak authentication vulnerability in the PickPlugins User Verification WordPress plugin (versions up to 2.0.45) allows attackers to bypass email verification mechanisms, enabling authentication abuse and unauthorized account creation or takeover. This vulnerability has been identified by Patchstack as an email verification bypass issue affecting the user verification functionality, potentially exposing sites using this plugin to account compromise and unauthorized access. The practical impact depends on how the plugin integrates with site authentication workflows, but successful exploitation could allow attackers to register accounts, access user data, or impersonate legitimate users.

Information Disclosure User Verification
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20632 MEDIUM PATCH This Month

Improper path validation in Apple macOS Tahoe allows unauthenticated remote attackers to read sensitive user data through directory path traversal. The vulnerability requires no user interaction and affects systems prior to macOS Tahoe 26.4. No patch is currently available for this medium-severity issue.

Apple Authentication Bypass macOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20686 MEDIUM PATCH This Month

An input validation flaw in iOS and iPadOS allows malicious applications to bypass security controls and access sensitive user data without proper authorization. The vulnerability affects iOS and iPadOS versions prior to 26.3, where insufficient input validation in an unspecified component permits unauthorized data disclosure. Apple has patched this vulnerability in iOS 26.3 and iPadOS 26.3, and there are no public indicators of active exploitation or proof-of-concept availability.

Apple Information Disclosure iOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28820 MEDIUM PATCH This Month

An information disclosure vulnerability in macOS Tahoe allows applications to access sensitive user data through insufficient access controls. The vulnerability affects all versions of macOS prior to version 26.4, where the flaw was remediated through improved permission checking mechanisms. While specific technical details are limited, the vulnerability enables malicious or compromised applications to bypass privacy protections and exfiltrate user information.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20692 MEDIUM PATCH This Month

A privacy vulnerability in Apple's Mail application allows the "Hide IP Address" and "Block All Remote Content" user preferences to fail inconsistently across certain mail content, potentially exposing user IP addresses and loading remote content despite explicit user configuration. This affects iOS, iPadOS, and multiple macOS versions. While no CVSS score or EPSS data is currently available and there is no indication of active exploitation in the wild (KEV status not listed), the vulnerability represents a direct circumvention of privacy controls that users explicitly enable to protect their identity and security posture.

Apple Information Disclosure macOS iOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20113 MEDIUM This Month

A CRLF injection vulnerability exists in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software that allows unauthenticated remote attackers to inject arbitrary log entries and manipulate log file structure. The vulnerability stems from insufficient input validation in the Cisco IOx management interface and affects a broad range of Cisco IOS XE Software versions from 16.6.1 through 17.18.1x. A successful exploit enables attackers to obscure legitimate log events, inject malicious log entries, or corrupt log file integrity without requiring authentication, making it particularly dangerous in environments where log analysis is relied upon for security monitoring and compliance.

Cisco Code Injection Apple
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28824 MEDIUM PATCH This Month

An authorization bypass vulnerability in macOS allows applications to access sensitive user data through improper state management of access controls. The vulnerability affects macOS Sequoia (before 15.7.5), macOS Sonoma (before 14.8.5), and macOS Tahoe (before 26.4). While no CVSS score, EPSS data, or KEV status is currently published, Apple has released patches addressing this issue, indicating it was discovered through internal review rather than active exploitation.

Apple Authentication Bypass macOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28839 MEDIUM PATCH This Month

This vulnerability allows unauthorized applications to access sensitive user data on affected macOS systems through improved security checks that were insufficient in earlier versions. The issue affects macOS Sequoia (versions prior to 15.7.5), macOS Sonoma (versions prior to 14.8.5), and macOS Tahoe (versions prior to 26.4). An attacker with the ability to execute a malicious application on a vulnerable system could potentially read or exfiltrate sensitive user information that should be protected by macOS security controls. There is no evidence of active exploitation in the wild or public proof-of-concept availability, and the limited disclosure details suggest Apple addressed this proactively before widespread abuse.

Apple Authentication Bypass macOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28862 MEDIUM PATCH This Month

This vulnerability is a privacy issue in Apple macOS where improved private data redaction for log entries was not properly implemented, allowing applications to potentially access user-sensitive data that should have been redacted. The vulnerability affects macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4, with no public indicators of active exploitation or proof-of-concept code. While CVSS and EPSS scores are unavailable, the nature of the issue suggests moderate real-world risk due to its reliance on application-level exploitation requiring user interaction or system access.

Apple Information Disclosure Authentication Bypass macOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28818 MEDIUM PATCH This Month

A logging issue in Apple macOS allows applications to access sensitive user data that should have been redacted from logs. The vulnerability affects macOS Sequoia (versions before 15.7.5), macOS Sonoma (versions before 14.8.5), and macOS Tahoe (versions before 26.4). An attacker controlling a malicious app could exploit improper data redaction in system logging to exfiltrate sensitive information that was intended to be masked.

Apple Authentication Bypass macOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28828 MEDIUM PATCH This Month

A permissions enforcement vulnerability in macOS allows unauthorized applications to access sensitive user data due to insufficient access controls that have been remediated through code removal. The vulnerability affects macOS Sequoia (versions prior to 15.7.5), macOS Sonoma (versions prior to 14.8.5), and macOS Tahoe (versions prior to 26.4). An unprivileged application could potentially read or access protected user information without proper user consent or authorization, representing a confidentiality breach with moderate real-world impact depending on the specific data accessible.

Apple Authentication Bypass macOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20697 MEDIUM PATCH This Month

A permissions enforcement vulnerability in macOS allows applications to bypass sandbox restrictions and access sensitive user data without proper authorization. The issue affects macOS Sequoia (versions before 15.7.5), macOS Sonoma (versions before 14.8.5), and macOS Tahoe (versions before 26.4). Apple has patched this vulnerability through enhanced permission restrictions, but no public exploit code or active in-the-wild exploitation has been confirmed at this time.

Apple Authentication Bypass macOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28838 MEDIUM PATCH This Month

A sandbox escape vulnerability in macOS allows malicious applications to break out of their sandbox restrictions through a permissions issue. This affects macOS Sequoia (versions prior to 15.7.5), macOS Sonoma (versions prior to 14.8.5), and macOS Tahoe (versions prior to 26.4). An attacker who distributes a malicious app could potentially gain unauthorized access to system resources and user data that should be protected by the sandbox security boundary.

Apple Authentication Bypass
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-40841 MEDIUM PATCH This Month

A Cross-Site Request Forgery (CSRF) vulnerability exists in Ericsson Indoor Connect 8855 prior to version 2025.Q3 that allows attackers to perform unauthorized modification of certain information by tricking authenticated users into executing malicious requests. The vulnerability affects the Ericsson Indoor Connect 8855 product line and can be exploited to compromise the integrity of system data without explicit user awareness. No active exploitation in the wild (KEV status) or public proof-of-concept has been confirmed at this time, though the attack vector is typically network-based with low to medium complexity.

Ericsson CSRF
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-28834 MEDIUM PATCH This Month

macOS systems running Sequoia 15.7.4 and earlier, Sonoma 14.8.4 and earlier, or Tahoe 26.3 and earlier are vulnerable to a race condition in application state handling that allows local attackers to trigger unexpected system termination and cause denial of service. The vulnerability requires specific timing conditions but does not require user interaction or elevated privileges to exploit. Apple has released patches for affected versions, though exploitation likelihood remains low.

Apple Race Condition Information Disclosure macOS
NVD VulDB
CVSS 3.1
5.1
EPSS
0.0%
CVE-2026-28888 MEDIUM PATCH This Month

macOS systems running Sequoia 15.7.4 and earlier, Sonoma 14.8.4 and earlier, and Tahoe 26.3 and earlier contain a race condition in state handling that allows local applications to escalate privileges to root. The vulnerability stems from improper synchronization during critical operations, enabling an attacker with local access to exploit the timing window and gain elevated system privileges. Patches have been released for affected macOS versions.

Apple Race Condition Information Disclosure macOS
NVD VulDB
CVSS 3.1
5.1
EPSS
0.0%
CVE-2025-36438 MEDIUM PATCH This Month

IBM Concert versions 1.0.0 through 2.2.0 contain an improper channel communication restriction vulnerability that allows privileged users to perform unauthorized actions by bypassing intended endpoint controls. The vulnerability, classified as CWE-923 (Improper Restriction of Communication Channel to Intended Endpoints), has a CVSS score of 5.1 with medium integrity impact and is not currently listed in CISA's Known Exploited Vulnerabilities catalog, though a vendor patch is available.

IBM Authentication Bypass
NVD VulDB
CVSS 3.1
5.1
EPSS
0.0%
CVE-2025-36440 MEDIUM PATCH This Month

IBM Concert versions 1.0.0 through 2.2.0 contain a missing function-level access control vulnerability that allows local users to obtain sensitive information without authentication. An attacker with local system access can bypass authorization checks to read confidential data stored within the application. While the CVSS score of 5.1 indicates moderate severity, the lack of authentication requirements and local attack vector present a meaningful risk in multi-tenant or shared system environments.

IBM Information Disclosure
NVD VulDB
CVSS 3.1
5.1
EPSS
0.0%
CVE-2026-3216 MEDIUM PATCH This Month

A Server-Side Request Forgery (SSRF) vulnerability exists in Drupal Canvas versions prior to 1.1.1, allowing attackers to manipulate the server into making unauthorized requests to internal or external resources. This vulnerability affects all Drupal Canvas installations from version 0.0.0 through 1.1.0, enabling attackers to access sensitive internal services, bypass network segmentation, or exfiltrate data. No CVSS score, EPSS data, or public proof-of-concept information is currently available, though the vulnerability has been formally documented by the Drupal security team.

SSRF Drupal Canvas
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-29092 MEDIUM PATCH This Month

A session management vulnerability in Kiteworks Email Protection Gateway versions prior to 9.2.1 allows disabled user accounts to maintain active sessions indefinitely until natural session expiration. An attacker with a disabled account could continue accessing the platform and potentially modify data or system settings without re-authentication. While this vulnerability has not been reported as actively exploited (KEV status not listed as in-the-wild), it represents a direct bypass of account suspension controls and warrants prompt patching.

Authentication Bypass Kiteworks Email Protection Gateway
NVD GitHub VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-28823 MEDIUM PATCH This Month

Root-privileged applications on Apple macOS can bypass path validation to delete protected system files due to insufficient input sanitization. This affects macOS Tahoe 26.4 and requires the attacker to already have root-level access, limiting the attack surface to local privilege escalation scenarios. No patch is currently available.

Apple Authentication Bypass macOS
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-20693 MEDIUM PATCH This Month

Protected system files on macOS (Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4) can be deleted by attackers with root privileges due to improper state management. This integrity-impacting vulnerability affects administrators and privileged users who could leverage elevated access to remove critical system components. No patch is currently available for this medium-severity issue.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-4816 MEDIUM PATCH This Month

A Reflected Cross-Site Scripting (XSS) vulnerability exists in Support Board v3.7.7 that allows unauthenticated attackers to inject malicious JavaScript code via the 'search' parameter in the '/supportboard/include/articles.php' endpoint. Successful exploitation enables attackers to steal session cookies, perform unauthorized actions on behalf of victims, or harvest sensitive user data through victim browsers. A vendor patch is available, and the vulnerability has been officially reported by INCIBE, indicating moderate real-world attention.

XSS PHP
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-20112 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability exists in the web-based Cisco IOx application hosting environment management interface within Cisco IOS XE Software, allowing authenticated remote attackers with administrative credentials to inject malicious scripts that execute in the context of other users' browser sessions. Successful exploitation enables arbitrary script execution and access to sensitive browser-based information affecting a wide range of Cisco IOS XE versions from 16.6.1 through 17.18.1a. This vulnerability requires valid administrative credentials and user interaction but poses a significant risk in multi-administrator environments where privilege escalation or lateral movement could occur.

Cisco XSS Apple
NVD VulDB
CVSS 3.1
4.8
EPSS
0.0%
Prev Page 5 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy