Skip to main content
CVE-2026-2745 MEDIUM POC PATCH This Month

GitLab CE/EE versions 7.11 through 18.10 contain an authentication bypass vulnerability in the WebAuthn two-factor authentication implementation due to inconsistent input validation, allowing unauthenticated attackers to gain unauthorized access to user accounts. The vulnerability affects a wide version range spanning multiple releases (7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1). A proof-of-concept exploit is publicly available, and while the CVSS score of 6.8 indicates moderate severity, the authentication bypass nature and active exploit availability represent a significant real-world threat to GitLab deployments.

Gitlab Authentication Bypass
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-1724 MEDIUM POC PATCH This Month

GitLab EE contains an improper access control vulnerability that allows unauthenticated users to retrieve API tokens for self-hosted AI models without authentication. The vulnerability affects GitLab versions 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1, impacting any organization running these versions with AI model integrations. With a CVSS score of 6.8 and publicly available proof-of-concept code, this represents a significant credential exposure risk requiring immediate patching.

Gitlab Authentication Bypass
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-13436 MEDIUM POC PATCH This Month

GitLab CE/EE contains a denial of service vulnerability in CI-related input handling that allows authenticated users to consume excessive server resources, potentially rendering the service unavailable. Versions 13.7 through 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 are affected across all GitLab installations. A publicly available proof-of-concept exists from HackerOne (report 3418149), though CISA has not flagged this for active exploitation in the wild, and the SSVC framework indicates no evidence of current weaponization despite automatable characteristics being unavailable.

Gitlab Denial Of Service
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-13078 MEDIUM POC PATCH This Month

GitLab CE/EE contains a denial of service vulnerability in webhook configuration processing that allows authenticated users to consume excessive server resources, affecting versions 16.10 through 18.10.0. An attacker with valid GitLab credentials can trigger this issue by submitting specially crafted webhook configuration inputs, resulting in application unavailability. A proof-of-concept exploit is publicly available via HackerOne, and patches are available for affected versions.

Gitlab Denial Of Service
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-4822 MEDIUM POC PATCH This Month

Iperius Backup 8.7.3 creates temporary files with insecure permissions in the Backup Service component, allowing local authenticated attackers to potentially escalate privileges or access sensitive data. The vulnerability requires local access and high attack complexity, but public exploit code exists. Upgrading to version 8.7.4 resolves the issue.

Information Disclosure Iperius Backup
NVD VulDB GitHub
CVSS 4.0
6.4
EPSS
0.0%
CVE-2026-4824 MEDIUM POC PATCH This Month

Improper privilege management in Iperius Backup through version 8.7.3 allows local authenticated attackers to escalate privileges via manipulation of the Backup Job Configuration File Handler, with public exploit code available. The vulnerability requires local access and high attack complexity but grants full confidentiality and integrity impacts to affected systems. Upgrade to version 8.7.4 or later to remediate.

Privilege Escalation Iperius Backup
NVD VulDB GitHub
CVSS 4.0
6.4
EPSS
0.0%
CVE-2026-33724 MEDIUM POC PATCH This Month

n8n versions prior to 2.5.0 contain a critical SSH host key verification bypass in the Source Control feature that allows network-positioned attackers to perform man-in-the-middle attacks against Git operations. Affected users who have explicitly enabled and configured SSH-based source control can have their workflows injected with malicious content or have repository data intercepted without authentication. While the feature is non-default and requires explicit configuration, the vulnerability enables complete compromise of workflow integrity and potential lateral movement within automation pipelines.

Authentication Bypass N8n
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-33720 MEDIUM POC PATCH This Month

This vulnerability in n8n (an open-source workflow automation platform) is an authentication bypass in the OAuth callback handler that occurs when the N8N_SKIP_AUTH_ON_OAUTH_CALLBACK environment variable is explicitly set to true. An attacker can manipulate the OAuth state parameter verification to trick a victim into completing an OAuth flow that stores the victim's OAuth tokens in an attacker-controlled credential object, allowing the attacker to execute workflows using the victim's delegated permissions. The vulnerability affects n8n versions prior to 2.8.0 and requires non-default configuration to be exploitable, limiting its widespread impact but creating significant risk for affected deployments.

Authentication Bypass N8n
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-4784 MEDIUM POC This Month

SQL injection in Simple Laundry System 1.0 PHP application allows unauthenticated remote attackers to execute arbitrary database queries through the serviceId parameter in /checkcheckout.php. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-23338 MEDIUM POC PATCH This Month

This vulnerability allows userspace applications to trivially trigger kernel warning backtraces in the AMD GPU (amdgpu) driver's user queue (userq) implementation by passing intentionally small num_fences values or exploiting legitimate growth between successive ioctl calls. While not a traditional security vulnerability enabling code execution or data theft, it constitutes an information disclosure issue through kernel log pollution and denial-of-service potential via warning spam. The Linux kernel across all versions utilizing the affected amdgpu userq code path is impacted, though the actual attack surface is limited to systems with AMD GPUs and unprivileged users with access to the amdgpu device interface.

Linux Information Disclosure Red Hat
NVD VulDB GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-2973 MEDIUM POC PATCH This Month

This vulnerability is a stored cross-site scripting (XSS) flaw in GitLab's Mermaid diagram rendering that allows authenticated users to inject arbitrary JavaScript code into other users' browsers through improperly sanitized entity-encoded content. The vulnerability affects GitLab CE/EE versions 17.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1, with a CVSS score of 5.4 (medium severity). A public proof-of-concept exploit is available on HackerOne, indicating active awareness in the security community.

Gitlab XSS
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2343 MEDIUM POC This Month

The PeproDev Ultimate Invoice WordPress plugin through version 2.2.5 contains an information disclosure vulnerability in its bulk download invoices feature, which generates ZIP archives with predictably named files containing exported invoice PDFs. An unauthenticated or low-privileged attacker can brute force the predictable ZIP file naming scheme to retrieve and download archives containing sensitive personally identifiable information (PII) from invoices. A public proof-of-concept exploit is available via WPScan, making this vulnerability actively exploitable in the wild.

WordPress Information Disclosure
NVD WPScan VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1001 MEDIUM POC PATCH This Month

Domoticz versions prior to 2026.1 contain a stored cross-site scripting (XSS) vulnerability in the web interface's Add Hardware and device rename functionality that allows authenticated administrators to inject arbitrary JavaScript or HTML markup. The injected malicious code is stored persistently and executed in the browsers of any users viewing the affected pages, potentially enabling unauthorized session hijacking or malicious actions performed under the victim's privileges. A patch is available from the vendor, and while this requires administrator-level access to exploit, the persistent nature of the vulnerability and user interaction requirement represent moderate real-world risk within administrative environments.

XSS Domoticz
NVD VulDB GitHub
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-14595 MEDIUM POC PATCH This Month

An improper access control vulnerability in GitLab EE allows authenticated users with the Planner role to view sensitive security category metadata and attributes in group security configurations they should not have access to. Affected versions include GitLab 18.6 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1. While the CVSS score is moderate at 4.3 (low confidentiality impact), a publicly available proof-of-concept exists and the vulnerability represents a straightforward privilege escalation through role-based access control bypass.

Gitlab Authentication Bypass
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-2726 MEDIUM POC PATCH This Month

GitLab CE/EE contains an improper access control vulnerability in cross-repository merge request operations that allows authenticated users to perform unauthorized actions on merge requests in projects they should not have access to. Affected versions span from 11.10 through 18.10.1, with patches available in 18.8.7, 18.9.3, and 18.10.1. A public proof-of-concept exploit exists (referenced via HackerOne report 3543886), though CISA has not listed this in the Known Exploited Vulnerabilities catalog, indicating limited active exploitation despite public availability of exploit code.

Gitlab Authentication Bypass
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-33268 MEDIUM PATCH This Month

Nanoleaf Lines firmware versions prior to 12.3.6 lack authentication controls on firmware file upload endpoints, allowing remote unauthenticated attackers to upload arbitrary files to the device. This vulnerability enables denial-of-service attacks through storage resource exhaustion and potential firmware tampering without requiring valid credentials or user interaction. The vulnerability has a CVSS score of 6.5 (Medium) with network-based attack vector and low complexity, and is tagged with denial-of-service impact indicators in CISA reporting.

Denial Of Service Lines
NVD VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-32326 MEDIUM This Month

CVE-2026-32326 is a security vulnerability (CVSS 6.9). Remediation should follow standard vulnerability management procedures.

Authentication Bypass Home 5G Hr01 Home 5G Hr02 Wi Fi Station Sh 52A Wi Fi Station Sh 52B +4
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-32567 MEDIUM PATCH This Month

YML for Yandex Market versions prior to 5.3.0 contain a path traversal vulnerability that allows high-privileged attackers to access files outside restricted directories without user interaction. This vulnerability could enable unauthorized disclosure of sensitive information across the system. Currently, no patch is available and exploitation appears unlikely in the wild.

Path Traversal Yml For Yandex Market
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-25328 MEDIUM This Month

A remote code execution vulnerability in add-ons (CVSS 6.8). Remediation should follow standard vulnerability management procedures.

WordPress Path Traversal File Upload
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-43534 MEDIUM PATCH This Month

A path handling vulnerability in iOS and iPadOS allows users with physical access to an iOS device to bypass Activation Lock through improved validation gaps in path handling logic. This authentication bypass affects iOS versions prior to 18.7.7 and 26.2, as well as corresponding iPadOS releases. While no CVSS score or EPSS data is publicly available, the physical access requirement and authentication bypass nature indicate a meaningful risk to device security and stolen device protection.

Apple Authentication Bypass iOS
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-32496 MEDIUM This Month

Path traversal in NYSL Spam Protect for Contact Form 7 up to version 1.2.9 enables authenticated attackers with high privileges to access files outside intended directories. The vulnerability requires administrator-level access and does not allow code execution or service disruption, but could expose sensitive configuration files or other restricted data. No patch is currently available.

Path Traversal Spam Protect For Contact Form 7
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-14917 MEDIUM PATCH This Month

IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 contain a vulnerability in security settings administration that could allow authenticated attackers with high privileges to bypass expected security controls and gain unauthorized access to sensitive information. The vulnerability affects a critical administrative interface and, while it requires local access and high privileges to exploit, could enable lateral privilege escalation or information disclosure within enterprise environments. No evidence of active exploitation or public proof-of-concept has been reported, but a vendor patch is available.

IBM Information Disclosure
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-33182 MEDIUM PATCH This Month

Saloon versions prior to v4 contain a Server-Side Request Forgery (SSRF) vulnerability in the resolveEndpoint method that allows attackers to redirect authenticated requests to arbitrary hosts. When user-controlled input is passed as an endpoint parameter containing an absolute URL (e.g., https://attacker.example.com), Saloon ignores the connector's base URL and sends the request directly to the attacker-controlled destination, potentially leaking authentication headers, cookies, and tokens. This vulnerability affects the Saloon PHP HTTP client library (composer package saloonphp/saloon) and requires immediate upgrade to v4 or later to remediate.

SSRF
NVD GitHub
CVSS 4.0
6.6
EPSS
0.0%
CVE-2026-33693 MEDIUM PATCH This Month

A SSRF vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

SSRF Microsoft Apple
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-14807 MEDIUM PATCH This Month

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain an HTTP header injection vulnerability caused by improper validation of the HOST header, allowing unauthenticated remote attackers to conduct cross-site scripting (XSS), cache poisoning, and session hijacking attacks. A vendor patch is available, and while this vulnerability is not currently listed as actively exploited in CISA's Known Exploited Vulnerabilities catalog, the CVSS score of 6.5 with network accessibility and low attack complexity indicates moderate real-world risk.

XSS IBM
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32521 MEDIUM This Month

A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the Northern Beaches Websites WP Custom Admin Interface WordPress plugin through version 7.42, allowing attackers to inject and execute arbitrary JavaScript code in users' browsers. This vulnerability affects all installations of the plugin up to and including version 7.42, enabling attackers to steal session cookies, perform unauthorized actions on behalf of authenticated administrators, or redirect users to malicious sites. While no CVSS score or EPSS probability has been published, the DOM-based XSS classification (CWE-79) combined with the plugin's administrative scope indicates a high-severity risk requiring immediate patching.

XSS Wp Custom Admin Interface
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32491 MEDIUM This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in the WP Review Slider plugin (also known as wp-facebook-reviews) versions 13.9 and earlier, allowing attackers to inject malicious scripts that persist in the application and execute in users' browsers. This vulnerability affects WordPress site administrators and users who interact with review content. An attacker can exploit this to steal session tokens, deface content, redirect users to malicious sites, or perform actions on behalf of compromised users.

XSS Wp Review Slider
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32490 MEDIUM This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in the WP TripAdvisor Review Slider WordPress plugin through version 14.1, allowing attackers to inject malicious scripts that persist in the database and execute in the browsers of site visitors. The vulnerability affects all versions up to and including 14.1, and an attacker with sufficient privileges to inject content can compromise user sessions, steal credentials, or perform arbitrary actions on behalf of site administrators. No CVSS score or EPSS data is currently available, and active exploitation status via KEV is unknown, but Patchstack has documented this as a confirmed vulnerability with a reference implementation.

XSS Wp Tripadvisor Review Slider
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-31914 MEDIUM This Month

A DOM-Based Cross-Site Scripting (XSS) vulnerability exists in the hookandhook WP Courses LMS WordPress plugin through version 3.2.26, allowing attackers to inject malicious scripts that execute in users' browsers. The vulnerability affects all installations of WP Courses LMS up to and including version 3.2.26, enabling attackers to steal session tokens, redirect users, or perform actions on behalf of authenticated users. No CVSS score, EPSS data, or active KEV/POC information is currently available in public sources, though the vulnerability has been documented by Patchstack and assigned EUVD ID EUVD-2026-15815.

XSS Wp Courses Lms
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25465 MEDIUM This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in the CodePeople CP Multi View Event Calendar WordPress plugin through version 1.4.35, allowing authenticated or unauthenticated attackers to inject malicious JavaScript that persists in the database and executes in the browsers of site visitors. This CWE-79 vulnerability enables attackers to steal session cookies, redirect users to malicious sites, or perform actions on behalf of administrators. While no CVSS score or EPSS data are currently published and the vulnerability has not been designated as actively exploited in CISA's KEV catalog, the nature of stored XSS combined with the plugin's event calendar functionality-which typically accepts user input for event creation and editing-indicates a credible attack surface.

XSS Cp Multi View Event Calendar
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25417 MEDIUM This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in the Metagauss ProfileGrid WordPress plugin through version 5.9.8.1, allowing attackers to inject malicious scripts that persist in the database and execute in the browsers of other users. The vulnerability affects all versions of ProfileGrid up to and including 5.9.8.1, enabling attackers with appropriate access to compromise user sessions, steal credentials, or perform actions on behalf of victims. While no CVSS score or EPSS data is currently available, the Stored XSS classification (CWE-79) combined with active reporting from security researchers indicates this is a legitimate and actionable threat.

XSS Profilegrid
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25355 MEDIUM PATCH This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in the Sanzo theme by skygroup, allowing authenticated or unauthenticated attackers to inject malicious scripts that are permanently stored and executed in the context of other users' browsers. This vulnerability affects Sanzo versions prior to 2.4.3 and has been documented by Patchstack as a high-risk input validation failure. Attackers can leverage this to steal session cookies, perform actions on behalf of users, or redirect victims to malicious sites.

XSS Sanzo
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24370 MEDIUM PATCH This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in Theme-one's The Grid WordPress plugin versions prior to 2.8.0, allowing attackers to inject and persist malicious scripts that execute in the browsers of other users viewing affected pages. An authenticated or unauthenticated attacker can exploit improper input neutralization during web page generation to inject arbitrary JavaScript code. While no CVSS score, EPSS probability, or KEV status has been assigned, the vulnerability is confirmed by Patchstack and carries significant risk given the stored nature of the XSS and the plugin's widespread WordPress ecosystem adoption.

XSS The Grid
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20665 MEDIUM PATCH This Month

This vulnerability allows attackers to bypass Content Security Policy (CSP) enforcement in Apple's WebKit engine through maliciously crafted web content, affecting Safari and all Apple platforms including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. The vulnerability stems from improper state management during web content processing, enabling attackers to circumvent a critical security control that prevents injection attacks and unauthorized script execution. While no CVSS score or EPSS data is currently available, the broad platform impact across Apple's entire ecosystem and the fundamental nature of CSP bypass as an information disclosure vector indicate significant real-world risk.

Apple Information Disclosure Safari macOS iOS +2
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28879 MEDIUM PATCH This Month

Apple's iOS, iPadOS, macOS, tvOS, visionOS, and watchOS contain a use-after-free vulnerability that could allow remote attackers to crash affected applications by processing maliciously crafted web content. The vulnerability stems from improper memory management and requires user interaction to exploit. No patch is currently available, leaving users vulnerable until official updates are released.

Apple Use After Free Denial Of Service Memory Corruption macOS +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23635 MEDIUM PATCH This Month

Kiteworks Secure Data Forms prior to version 9.2.1 contains a misconfiguration of security attributes that allows unprotected transport of credentials over the network. This vulnerability affects all versions below 9.2.1 and enables attackers to intercept sensitive authentication material in transit, potentially leading to account compromise and unauthorized access to the private data network. No active exploitation in the wild (KEV) or public proof-of-concept has been reported, though the CVSS 6.5 score and high confidentiality impact indicate meaningful risk.

Information Disclosure Secure Data Forms
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-33931 MEDIUM This Month

OpenEMR portal payment pages prior to version 8.0.0.3 expose other patients' protected health information (PHI) and payment card metadata through an Insecure Direct Object Reference vulnerability. Authenticated portal patients can manipulate the `recid` query parameter in `portal/portal_payment.php` to access arbitrary patient payment records and billing data without authorization. The vulnerability affects all versions before 8.0.0.3 and carries a CVSS score of 6.5 (high confidentiality impact); however, the 0.03% EPSS score indicates low real-world exploitation probability, and no public exploit code or active exploitation has been identified.

Openemr PHP Information Disclosure
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32120 MEDIUM This Month

An Insecure Direct Object Reference (IDOR) vulnerability exists in OpenEMR versions prior to 8.0.0.3 within the fee sheet product save logic that allows authenticated users with fee sheet ACL permissions to arbitrarily read, modify, or delete drug_sales records belonging to any patient by manipulating the hidden prod[][sale_id] form field. The vulnerability stems from insufficient authorization checks in the FeeSheet.class.php library, where user-supplied sale_id values are used directly in SQL queries without verifying ownership of the record to the current patient and encounter. With a CVSS score of 6.5 and confirmed patch availability in version 8.0.0.3, this represents a moderate-severity data integrity and confidentiality risk affecting healthcare data.

PHP Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-14915 MEDIUM PATCH This Month

IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 are vulnerable to privilege escalation due to improper access control (CWE-200: Information Exposure). A privileged user with existing authenticated access to the application server can exploit this vulnerability to gain additional unauthorized access to sensitive resources, potentially leading to information disclosure and integrity violations. While a CVSS score of 6.5 indicates moderate severity, the vulnerability requires high privileges to trigger (PR:H) and has no user interaction requirement, making it exploitable by insiders or compromised administrative accounts.

IBM Privilege Escalation Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-14790 MEDIUM PATCH This Month

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a credential protection vulnerability that allows authenticated attackers to extract sensitive information without requiring user interaction. An attacker with valid login credentials can exploit insufficiently protected credential storage mechanisms to obtain additional sensitive data, compromising confidentiality. A patch is available from IBM, and this vulnerability affects enterprise data integration infrastructure used by organizations managing information governance and metadata.

IBM Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-3214 MEDIUM PATCH This Month

The Drupal CAPTCHA module contains an authentication bypass vulnerability (CWE-288) that allows attackers to circumvent CAPTCHA protection through an alternate path or channel, enabling functionality bypass. This vulnerability affects CAPTCHA versions 0.0.0 through 1.16.x and 2.0.0 through 2.0.9, allowing attackers to bypass CAPTCHA challenges intended to prevent automated abuse. While no CVSS score or EPSS data is currently available, the presence of an official Drupal security advisory and specific patched versions indicates active remediation efforts by the vendor.

Authentication Bypass Captcha
NVD VulDB HeroDevs
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20690 MEDIUM PATCH This Month

Maliciously crafted media files containing out-of-bounds memory access in Apple's audio processing can crash affected applications across iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. An attacker can trigger a denial of service by triggering the vulnerability through a specially crafted audio stream, though no patch is currently available. This impacts multiple recent OS versions where an out-of-bounds read occurs during media file processing.

Apple Buffer Overflow Information Disclosure macOS iOS
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28878 MEDIUM PATCH This Month

A privacy vulnerability in Apple's operating systems allows third-party applications to enumerate a user's installed applications, resulting in unauthorized information disclosure about device software inventory. The vulnerability affects iOS and iPadOS versions prior to 18.7.7 and 26.4, macOS Sonoma prior to 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4 across all affected product lines. An attacker can exploit this vulnerability by crafting a malicious application that leverages the enumeration capability to profile a user's installed software, potentially enabling further targeted attacks or privacy inference attacks based on application usage patterns.

Apple Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20083 MEDIUM This Month

Improper validation of malformed SCP requests in Cisco IOS XE Software allows authenticated local attackers to trigger unexpected device reloads and cause service disruption. An attacker with low privileges can exploit this vulnerability by sending a crafted SSH command to the SCP server component. No patch is currently available for this denial of service vulnerability.

Cisco Denial Of Service Apple
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1014 MEDIUM PATCH This Month

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain an information disclosure vulnerability caused by improper handling of JSON server responses, allowing authenticated attackers to expose sensitive data. The vulnerability requires low-complexity network access with valid credentials but does not require user interaction, making it accessible to any authenticated user with network connectivity. No evidence of active exploitation in the wild has been identified, though a patch is available from the vendor.

IBM Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28880 MEDIUM PATCH This Month

A permissions enforcement vulnerability in Apple operating systems allows unauthorized enumeration of installed applications on a user's device. This information disclosure issue affects iOS 18.7.7 and earlier, iPadOS 18.7.7 and earlier, iOS 26.4 and earlier, iPadOS 26.4 and earlier, macOS Sequoia 15.7.5 and earlier, macOS Sonoma 14.8.5 and earlier, macOS Tahoe 26.4 and earlier, and visionOS 26.4 and earlier. An attacker with the ability to execute code as an installed application could enumerate the complete list of user-installed applications without explicit user permission, enabling targeted attacks, privacy violations, and device profiling.

Apple Authentication Bypass macOS iOS
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20657 MEDIUM PATCH This Month

Improper memory handling in Apple iOS, iPadOS, and macOS allows remote denial of service when processing maliciously crafted files, potentially causing unexpected application crashes. An attacker can trigger this vulnerability by delivering a specially crafted file to a victim, resulting in app termination without requiring user privileges or interaction beyond opening the file. No patch is currently available for this medium-severity vulnerability affecting multiple Apple platforms.

Apple Buffer Overflow
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25344 MEDIUM This Month

The RadiusTheme Review Schema WordPress plugin versions up to and including 2.2.6 contains an information disclosure vulnerability (CWE-497) that allows unauthorized attackers to retrieve embedded sensitive data through the plugin's schema implementation. An attacker can exploit this vulnerability to access system information that should not be exposed, potentially leveraging the data for reconnaissance or further attacks. No CVSS score, EPSS data, or confirmed KEV/POC status is currently available, but the vulnerability has been documented by Patchstack and assigned EUVD-2026-15657.

Information Disclosure Review Schema
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25339 MEDIUM This Month

Contact Form by WPForms versions up to 1.9.8.7 contain an Insertion of Sensitive Information Into Sent Data vulnerability (CWE-201) that allows attackers to retrieve embedded sensitive data from contact form submissions. This information disclosure flaw affects the popular WordPress plugin maintained by Syed Balkhi, potentially exposing user data submitted through contact forms. While CVSS and EPSS scores are not yet published and KEV/POC status is unknown, the vulnerability was reported through Patchstack and tracked under ENISA EUVD-2026-15649.

Information Disclosure Contact Form By Wpforms
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28844 MEDIUM PATCH This Month

A file access control vulnerability in macOS Tahoe allows attackers to bypass input validation mechanisms and gain unauthorized access to protected portions of the file system. The vulnerability affects macOS versions prior to Tahoe 26.4, and has been classified as an Information Disclosure issue by Apple. An attacker exploiting this vulnerability can read or access files and directories that should be restricted from their privilege level, potentially exposing sensitive user data, system configuration files, or other protected resources.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
Page 1 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy