Skip to main content
CVE-2026-5150 MEDIUM This Month

Remote SQL injection in code-projects Accounting System 1.0 allows unauthenticated attackers to execute arbitrary SQL queries via the cos_id parameter in the /viewin_costumer.php file. The vulnerability has a CVSS score of 6.9 with a public exploit available, enabling attackers to read sensitive data from the database with minimal attack complexity. This is a network-accessible PHP application flaw affecting confidentiality with confirmed public disclosure.

SQLi PHP
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-33995 MEDIUM PATCH This Month

FreeRDP prior to version 3.24.2 contains a double-free vulnerability in Kerberos authentication handling that crashes FreeRDP clients during NLA connection teardown following failed authentication attempts on systems with Kerberos configured. The vulnerability affects all versions before 3.24.2 across multiple Linux distributions (Debian, Ubuntu) and requires network access but no authentication credentials, presenting a denial-of-service vector against RDP clients in enterprise environments using Kerberos or Kerberos U2U authentication. No public exploit code has been identified, and the impact is limited to availability (denial of service) rather than confidentiality or integrity.

Denial Of Service Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-34372 MEDIUM PATCH GHSA This Month

Information disclosure in Sulu admin API allows users with any Sulu Admin role to access contact sub-entities without explicit contact permissions, bypassing authorization controls. Affects Sulu versions prior to 2.6.22 and 3.0.x prior to 3.0.5. No CVSS or EPSS data available; no active exploitation confirmed, but the vulnerability enables unauthorized data exposure through a widely-accessible admin interface.

Information Disclosure
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-34373 MEDIUM PATCH GHSA This Month

Parse Server's GraphQL API endpoint bypasses the configured allowOrigin CORS restriction, allowing cross-origin requests from any website while the REST API correctly enforces the policy. This authentication bypass affects Parse Server instances where operators have configured origin restrictions to limit API access, enabling attackers from arbitrary websites to interact with the GraphQL endpoint without respecting these security controls. The vulnerability has been patched in Parse Server 8 and 9 via upstream fixes, and no public exploit code or active exploitation has been confirmed.

Authentication Bypass
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-29909 MEDIUM This Month

Unauthenticated directory enumeration in MRCMS V3.1.2 allows remote attackers to list and discover directory contents through the /admin/file/list.do endpoint without credentials. The vulnerability stems from missing authentication controls and input validation in the file management module, enabling information disclosure that can facilitate reconnaissance for follow-on attacks.

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-3716 MEDIUM This Month

ESET Protect (on-premises) allows user enumeration through response timing analysis, enabling remote attackers to determine whether specific usernames exist in the system without authentication. This information disclosure vulnerability (CWE-204) exploits timing differences in authentication responses to distinguish valid users from invalid ones, potentially facilitating targeted attacks against known accounts.

Information Disclosure Eset Protect On Prem
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-21714 MEDIUM PATCH This Month

Memory leak in Node.js HTTP/2 servers allows remote unauthenticated attackers to exhaust server memory by sending crafted WINDOW_UPDATE frames on stream 0 that exceed the maximum flow control window value. Affected versions include Node.js 20, 22, 24, and 25. While the server correctly responds with a GOAWAY frame, the Http2Session object fails to be cleaned up, leading to denial of service through resource exhaustion. No public exploit code identified at time of analysis.

Node.js Information Disclosure Red Hat
NVD VulDB
CVSS 3.0
5.3
EPSS
0.0%
CVE-2026-21711 MEDIUM PATCH This Month

Unix Domain Socket operations in Node.js 25.x bypass permission model enforcement, allowing local processes to create IPC endpoints and communicate with other processes when run with --permission flag but without --allow-net. An authenticated local attacker can establish inter-process communication channels that circumvent the intended network isolation boundary, resulting in information disclosure and potential privilege escalation within the same host. No public exploit code identified at time of analysis, though the vulnerability affects an experimental permission enforcement feature.

Node.js Authentication Bypass Red Hat
NVD
CVSS 3.0
5.3
EPSS
0.0%
CVE-2026-27508 MEDIUM PATCH This Month

Reflected cross-site scripting (XSS) in Smoothwall Express versions before 3.1 Update 13 allows unauthenticated remote attackers to execute arbitrary JavaScript in users' browsers by crafting malicious URLs with javascript: schemes and delivering them through the unsanitized /redirect.cgi endpoint. The vulnerability requires user interaction (clicking a malicious link) and results in limited scope impact affecting user confidentiality and integrity. No public exploit code or active exploitation has been identified at time of analysis.

XSS Express
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-26352 MEDIUM PATCH This Month

Stored cross-site scripting in Smoothwall Express prior to version 3.1 Update 13 allows authenticated attackers to inject arbitrary JavaScript through the VPN_IP parameter in /cgi-bin/vpnmain.cgi, which executes when other users view affected VPN configuration pages. The vulnerability requires user interaction (page view) and authenticated access, limiting immediate risk but enabling persistent session hijacking or credential theft against administrative users. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Express
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34165 MEDIUM PATCH GHSA This Month

Maliciously crafted `.idx` files in go-git v5 cause asymmetric memory consumption leading to Denial of Service through integer overflow vulnerabilities. Exploitation requires local write access to the `.git` directory, limiting attack surface to scenarios where an attacker has already compromised repository access or can inject files into a shared repository. No public exploit code or active exploitation has been confirmed; however, the low CVSS complexity and requirement for only low-privilege local access make this a moderate operational concern for development environments and CI/CD systems that process untrusted repositories.

Denial Of Service Integer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-31799 MEDIUM PATCH This Month

SQL injection in Tautulli's /api/v2?cmd=get_home_stats endpoint allows authenticated administrators to exfiltrate sensitive data from the SQLite database via boolean-blind SQL inference. Affected versions include 2.14.2-2.16.x for the 'before' and 'after' parameters, and 2.1.0-beta-2.16.x for 'section_id' and 'user_id' parameters. The vulnerability requires possession of the admin API key and results in confidentiality compromise without code execution. Patch is available in version 2.17.0.

Python Code Injection
NVD GitHub
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-32794 MEDIUM PATCH This Month

Improper certificate validation in Apache Airflow Provider for Databricks versions 1.10.0 through 1.11.x allows unauthenticated attackers to intercept and manipulate traffic between Airflow and Databricks backends via man-in-the-middle attacks, potentially exfiltrating credentials and sensitive workflow data. The provider did not validate SSL/TLS certificates when establishing connections to Databricks, creating a critical trust boundary weakness. Vendor-released patch available in version 1.12.0; no public exploit code or active exploitation confirmed at time of analysis.

Information Disclosure Apache
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-27599 MEDIUM PATCH GHSA This Month

Stored DOM-based cross-site scripting (XSS) in CI4 CMS-ERP Mail Settings allows authenticated administrators to inject arbitrary JavaScript via unsanitized configuration fields (Mail Server, Port, Email Address, Password, Protocol, TLS settings), with payloads executing immediately on the same settings page upon save. Attack requires high-privilege access (PR:H) but enables full account takeover and platform compromise. Publicly available proof-of-concept video demonstrates attribute breakout technique.

XSS PHP Privilege Escalation CSRF
NVD GitHub
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-31804 MEDIUM PATCH This Month

Server-Side Request Forgery (SSRF) in Tautulli prior to version 2.17.0 allows remote attackers to forge outbound HTTP requests from the Plex Media Server process via the unauthenticated /pms_image_proxy endpoint, potentially exposing internal services on RFC-1918 address space and enabling reconnaissance or attacks against systems accessible from the Plex server's network context.

Python SSRF
NVD GitHub
CVSS 3.1
4.0
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy