Skip to main content
CVE-2026-5281 HIGH POC KEV PATCH THREAT NEWS Act Now

Remote code execution in Google Chrome prior to version 146.0.7680.178 via a use-after-free vulnerability in the Dawn graphics component allows attackers who have already compromised the renderer process to execute arbitrary code through a crafted HTML page. The vulnerability requires prior renderer compromise but results in full code execution with high severity per Chromium's security classification.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB GitHub
CVSS 3.1
8.8
EPSS
0.0%
Threat
4.8
CVE-2026-30573 HIGH POC This Week

Pharmacy Product Management System 1.0 accepts negative price and total cost values in sales transactions due to insufficient input validation in add-sales.php, enabling attackers to manipulate financial records, corrupt sales reports, and cause financial loss. The vulnerability allows unauthenticated or low-privilege users to submit arbitrary negative values that bypass business logic controls. Publicly available exploit code exists demonstrating this business logic flaw.

Information Disclosure PHP
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-20094 HIGH This Week

Command injection in Cisco Integrated Management Controller (IMC) web interface allows authenticated attackers with read-only privileges to execute arbitrary commands as root. The CVSS:3.1 vector (AV:N/AC:L/PR:L/UI:N) confirms network-accessible exploitation requiring only low-privilege authentication, with no public exploit identified at time of analysis. EPSS data not provided; CVE-2026 prefix suggests future disclosure.

Cisco Command Injection
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-34572 HIGH PATCH GHSA This Week

Session fixation vulnerability in CI4MS (CodeIgniter 4 CMS) allows deactivated user accounts to maintain indefinite access through active sessions. Authenticated attackers whose accounts have been administratively disabled retain full high-privilege access (confidentiality, integrity, availability impact) until manual logout, bypassing intended access controls. Affects all versions prior to 0.31.0.0. EPSS data not available; no public exploit identified at time of analysis. CVSS 8.8 (High) reflects significant post-compromise persistence risk in enterprise CMS deployments with role-based access control.

Authentication Bypass Ci4ms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-34570 HIGH PATCH GHSA This Week

Session persistence in CI4MS (CodeIgniter 4 CMS skeleton) allows deleted user accounts to retain full system access indefinitely through active sessions until manual logout. Affects all versions prior to 0.31.0.0. The authentication bypass enables unauthorized access to protected resources with high confidentiality, integrity, and availability impact across both vulnerable and subsequent systems (CVSS 10.0 Critical). No public exploit identified at time of analysis, though the vulnerability mechanism is straightforward to abuse by maintaining an active session before account deletion.

Authentication Bypass Ci4ms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-5287 HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 allows attackers to execute arbitrary code within the Chrome sandbox via a specially crafted PDF file. The vulnerability exists in Chrome's PDF handling component and is caused by a use-after-free memory corruption flaw. Patch availability has been confirmed via vendor release, and the Chromium security team has classified this as High severity.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5286 HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 via use-after-free vulnerability in the Dawn graphics library allows unauthenticated remote attackers to execute arbitrary code through a crafted HTML page. The vulnerability affects all Chrome versions below the patched release and carries high severity per Chromium's assessment.

Google Use After Free RCE Memory Corruption Denial Of Service +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5279 HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 exploits object corruption in the V8 JavaScript engine, allowing attackers to execute arbitrary code within the Chrome sandbox via a specially crafted HTML page. The vulnerability affects all Chrome versions below the patched release and carries a High Chromium security severity rating.

Google RCE Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-4374 HIGH PATCH This Week

XML External Entity (XXE) injection in RTI Connext Professional routing and service components allows remote unauthenticated attackers to exfiltrate sensitive data and trigger denial of service conditions. Affects multiple product families (Routing Service, Observability Collector, Recording Service, Queueing Service, Cloud Discovery Service) across versions 5.3.0 through 7.6.x. CVSS 8.8 (High) with network vector and no authentication required. EPSS probability remains low (0.04%, 11th percentile) with no confirmed active exploitation per CISA. Vendor patch available via RTI advisory.

XXE Connext Professional
NVD VulDB
CVSS 4.0
8.8
EPSS
0.0%
CVE-2026-5275 HIGH PATCH This Week

Remote code execution in ANGLE (Almost Native Graphics Layer Engine) within Google Chrome on macOS prior to version 146.0.7680.178 allows unauthenticated remote attackers to execute arbitrary code by crafting a malicious HTML page that triggers a heap buffer overflow. This vulnerability affects all Chrome versions below the patched release and poses an immediate risk to macOS users who visit compromised or malicious websites.

Google Heap Overflow RCE Buffer Overflow Debian +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5274 HIGH PATCH This Week

Integer overflow in Google Chrome's Codecs component prior to version 146.0.7680.178 enables remote code execution and arbitrary memory read/write operations when a user visits a malicious HTML page. The vulnerability affects all versions before the patch release and requires no user interaction beyond visiting a crafted webpage. Chromium security team classified this as High severity; no public exploit code or active exploitation has been confirmed at the time of analysis.

Google RCE Debian Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5285 HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 via use-after-free vulnerability in WebGL allows unauthenticated remote attackers to execute arbitrary code within the browser sandbox by delivering a crafted HTML page. The vulnerability is marked as High severity by Chromium security and a vendor-released patch is available.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5280 HIGH PATCH This Week

Remote code execution in Google Chrome prior to 146.0.7680.178 allows unauthenticated remote attackers to execute arbitrary code within the Chrome sandbox via a crafted HTML page exploiting a use-after-free vulnerability in the WebCodecs component. The vulnerability affects all versions before the patched release and has been addressed by Google with a vendor-released patch; no public exploit code or active exploitation has been confirmed at the time of analysis.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5278 HIGH PATCH This Week

Remote code execution in Google Chrome on Android via use-after-free vulnerability in Web MIDI allows unauthenticated remote attackers to execute arbitrary code through a crafted HTML page. The vulnerability affects Chrome versions prior to 146.0.7680.178 and carries high severity per Chromium's security classification. A vendor-released patch is available.

Google Use After Free RCE Memory Corruption Denial Of Service +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5292 HIGH PATCH This Week

Out-of-bounds read in WebCodecs component of Google Chrome prior to version 146.0.7680.178 allows remote attackers to read arbitrary memory contents via specially crafted HTML pages. The vulnerability affects all Chrome versions below the patched release and requires only HTML delivery (no authentication); exploitation could disclose sensitive data from the browser process memory, though the Chromium project assessed this as Medium severity.

Google Information Disclosure Buffer Overflow Debian Suse +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-28805 HIGH PATCH GHSA This Week

Time-based blind SQL injection in OpenSTAManager ≤2.10.1 allows authenticated users to extract complete database contents including credentials, financial records, and PII through multiple AJAX select handlers. The vulnerability affects three core modules (preventivi, ordini, contratti) where the `options[stato]` GET parameter is concatenated directly into SQL WHERE clauses without validation. Exploitation requires only low-privilege authentication (CVSS PR:L) and has been confirmed with working

PHP SQLi Denial Of Service Information Disclosure XSS
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-34955 HIGH PATCH GHSA This Week

Command injection in PraisonAI's SubprocessSandbox allows authenticated local users to bypass all sandbox modes (BASIC, STRICT, NETWORK_ISOLATED) and execute arbitrary OS commands. The vulnerability stems from shell=True usage combined with inadequate blocklist filtering that omits 'sh' and 'bash' executables, enabling trivial escape via 'sh -c' wrapper. CVSS 8.8 (High) reflects scope change and complete CIA triad compromise. No active exploitation confirmed (not in CISA KEV), but GitHub advisor

Command Injection Python
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-35093 HIGH PATCH This Week

Local privilege escalation in libinput allows authenticated users to execute arbitrary code within graphical compositor contexts by placing malicious Lua bytecode in system or user configuration directories. The vulnerability achieves scope change (CVSS:S:C) with high impact across confidentiality, integrity, and availability (8.8 CVSS), enabling attackers to monitor keyboard input including passwords and sensitive data. No public exploit identified at time of analysis, with EPSS data unavailable for this recently disclosed vulnerability.

RCE Code Injection Libinput Fedora
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5272 HIGH PATCH This Week

Remote code execution via heap buffer overflow in Google Chrome's GPU component affects all versions prior to 146.0.7680.178, allowing attackers to execute arbitrary code by crafting malicious HTML pages. The vulnerability requires only a remote attacker with no special privileges or user authentication; users need only visit a compromised or attacker-controlled website. No CVSS score was assigned by NVD, though Chromium classified it as High severity. Patch availability confirmed from vendor.

Google Heap Overflow RCE Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-34728 HIGH PATCH GHSA This Week

Path traversal and CSRF vulnerability in phpMyFAQ's MediaBrowserController enables remote deletion of critical server files. Authenticated admin accounts can be exploited via CSRF to delete arbitrary files including database configurations, .htaccess files, and application code. GitHub advisory confirms the vulnerability with POC demonstration. Attack requires low-privilege authentication (PR:L) but succeeds with minimal user interaction (UI:R), achieving high integrity and availability impact w

PHP Path Traversal CSRF Apache
NVD GitHub
CVSS 3.1
8.7
EPSS
0.2%
CVE-2026-34940 HIGH PATCH GHSA This Week

Command injection in KubeAI Ollama model controller allows Kubernetes users with Model CRD write permissions to execute arbitrary shell commands inside model server pods. The vulnerability stems from unsanitized URL components (model ref and query parameters) being interpolated into bash startup probe scripts. With CVSS 8.7 (AV:N/AC:L/PR:H/UI:N/S:C), this represents a significant privilege escalation risk in multi-tenant clusters where Model creation is delegated to non-admin users. No public exploit identified at time of analysis, though detailed proof-of-concept payloads are documented in the GitHub advisory.

Kubernetes Command Injection
NVD GitHub
CVSS 3.1
8.7
EPSS
0.0%
CVE-2025-71281 HIGH PATCH This Week

Remote code execution in XenForo versions before 2.3.7 allows authenticated users to invoke unauthorized methods through template callbacks and variable method calls. The vulnerability stems from a loose prefix matching mechanism that permits bypassing intended access restrictions, enabling attackers with low-privilege accounts to achieve high-severity impacts across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the technical details have been publicly disclosed by VulnCheck, increasing weaponization risk.

Code Injection RCE Xenforo
NVD
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-34752 HIGH PATCH GHSA This Week

Haraka email server crashes when processing emails with `__proto__` as a header name, enabling remote unauthenticated denial of service. Attackers can send a specially crafted email via SMTP to crash worker processes, disrupting email delivery. In single-process deployments, the entire server becomes unavailable; in cluster mode, all active sessions are terminated. No public exploit identified at time of analysis beyond the published proof-of-concept code, though exploitation requires only basic SMTP access.

Denial Of Service Python
NVD GitHub
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-34543 HIGH PATCH GHSA This Week

Heap memory disclosure in OpenEXR 3.4.0 through 3.4.7 allows remote attackers to extract sensitive information through decoded pixel data when processing malicious EXR image files. The vulnerability requires no authentication (PR:N) or user interaction (UI:N), triggering automatically during file parsing under default configurations. With CVSS 8.7 and high confidentiality impact (VC:H), this represents significant risk for applications processing untrusted EXR files. No public exploit identified at time of analysis, though the low attack complexity (AC:L) suggests straightforward exploitation once attack methods are documented.

Information Disclosure Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2025-71278 HIGH PATCH This Week

OAuth2 scope enforcement vulnerability in XenForo 2.3.x (prior to 2.3.5) allows authenticated client applications to request and obtain unauthorized scopes, escalating access beyond intended authorization levels. This authentication bypass flaw (CWE-863) enables malicious OAuth2 clients to gain elevated privileges to user data and platform functions. CVSS 8.7 (High) reflects the network-accessible attack vector with low complexity, though requires low-level privileges (authenticated OAuth client). No public exploit identified at time of analysis, with EPSS data unavailable for recent CVE.

Authentication Bypass Xenforo
NVD
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-34748 HIGH PATCH GHSA This Week

Stored Cross-Site Scripting (XSS) in Payload CMS versions prior to 3.78.0 allows authenticated users with write permissions to inject malicious scripts into content that execute in other users' browsers when viewed in the admin panel. The vulnerability requires low privilege access (PR:L) and user interaction (UI:R), enabling attackers to compromise admin accounts with high confidentiality and integrity impact due to scope change (S:C). CVSS score of 8.7 reflects the elevated risk from privileged position abuse. No public exploit identified at time of analysis, though the technical details are publicly documented in GitHub Security Advisory GHSA-mmxc-95ch-2j7c.

XSS Payload
NVD GitHub
CVSS 3.1
8.7
EPSS
0.0%
CVE-2025-71282 HIGH PATCH This Week

XenForo forum software versions prior to 2.3.7 disclose server filesystem paths through exception messages triggered by open_basedir PHP restrictions, enabling remote unauthenticated attackers to map internal directory structures. This information disclosure vulnerability (CWE-209) affects XenForo installations and has been addressed in version 2.3.7 with vendor-confirmed security fixes. No public exploit code or active exploitation is identified at time of analysis, though the unauthenticated remote attack vector and low complexity make reconnaissance straightforward for targeted attacks.

Information Disclosure Xenforo
NVD
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-34455 HIGH PATCH This Week

SQL injection in Hi.Events open-source event management platform (versions 0.8.0-beta.1 through 1.7.0-beta) allows remote unauthenticated attackers to execute arbitrary SQL queries via unsanitized sort_by parameters passed to Eloquent's orderBy() method. The PostgreSQL backend supports stacked queries, enabling multi-statement injection. While CVSS 8.7 reflects high confidentiality impact and no authentication requirement, no public exploit code or CISA KEV listing exists at time of analysis. Vendor-released patch available in version 1.7.1-beta.

SQLi PostgreSQL
NVD GitHub
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-3987 HIGH This Week

Remote code execution in WatchGuard Fireware OS versions 12.6.1 through 12.11.8 and 2025.1 through 2026.1.2 allows privileged authenticated attackers to execute arbitrary code with elevated system privileges via path traversal in the Web UI. The vulnerability requires high-level administrative access (CVSS PR:H) but presents a direct RCE path once authenticated. WatchGuard self-reported this issue with an official advisory available. EPSS and KEV data not provided; no public exploit identified at time of analysis.

Path Traversal RCE Fireware Os
NVD
CVSS 4.0
8.6
EPSS
0.4%
CVE-2026-35056 HIGH PATCH This Week

Remote code execution in XenForo versions prior to 2.3.9 and 2.2.18 allows authenticated administrators to execute arbitrary code on the server. Attack requires low-privilege admin panel access (PR:L) with network accessibility (AV:N) and low complexity (AC:L). No public exploit identified at time of analysis, though VulnCheck published technical analysis. This represents a supply-chain or insider-threat risk where compromised admin credentials or malicious insiders could achieve complete server compromise.

RCE Code Injection Xenforo
NVD
CVSS 4.0
8.6
EPSS
0.3%
CVE-2026-34430 HIGH PATCH This Week

Sandbox escape in ByteDance Deer-Flow (pre-commit 92c7a20) enables remote attackers to execute arbitrary commands on the host system by exploiting incomplete shell semantics validation in bash tool handling. Attackers bypass regex-based input filters using directory traversal and relative paths to break sandbox isolation, read/modify host files, and invoke subprocesses with shell interpretation. Authentication requirements not confirmed from available data. No public exploit identified at time of analysis, though detailed technical advisory exists.

Authentication Bypass Deerflow
NVD GitHub VulDB
CVSS 4.0
8.6
EPSS
0.1%
CVE-2026-23898 HIGH NEWS This Week

Arbitrary file deletion in Joomla! CMS com_joomlaupdate component via the autoupdate server mechanism allows remote attackers to delete files on affected servers due to insufficient input validation. The vulnerability affects all versions of Joomla! CMS through the update component and carries moderate-to-high real-world risk because file deletion can compromise system integrity, availability, and potentially enable privilege escalation or secondary attacks when combined with other weaknesses.

Information Disclosure Joomla Cms
NVD
CVSS 4.0
8.6
EPSS
0.1%
CVE-2026-34445 HIGH PATCH GHSA This Week

Arbitrary attribute injection in ONNX Python library (versions prior to 1.21.0) allows unauthenticated remote attackers to manipulate internal object properties by embedding malicious metadata in ONNX model files, resulting in potential information disclosure, data integrity violations, and high availability impact (CVSS 8.6). The vulnerability stems from unchecked use of Python's setattr() with externally-controlled keys during ExternalDataInfo deserialization. No public exploit code or CISA KEV listing identified at time of analysis, but proof-of-concept development is trivial given the straightforward nature of Python attribute manipulation. EPSS data not provided, but the unauthenticated network-accessible attack vector and low complexity suggest material risk for organizations processing untrusted ONNX models.

Python Microsoft Information Disclosure Red Hat Suse
NVD GitHub
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-34954 HIGH PATCH GHSA This Week

Server-Side Request Forgery (SSRF) in praisonaiagents allows unauthenticated remote attackers to access internal network resources and cloud metadata services. The FileTools.download_file() function passes user-controlled URLs directly to httpx.stream() with redirect following enabled, bypassing network boundaries. On AWS EC2 instances with IMDSv1, attackers can retrieve IAM credentials from the metadata service (169.254.169.254) and write them to disk. Exploitation requires no authentication (P

SSRF Python
NVD GitHub
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-23899 HIGH POC This Week

Improper access control in Joomla! CMS webservice endpoints allows unauthorized attackers to bypass authentication and access protected API functionality without valid credentials. Joomla! CMS versions prior to the patched release are affected. The vulnerability stems from inadequate validation of user permissions before processing webservice requests, enabling remote unauthenticated attackers to interact with restricted endpoints that should require administrative or elevated privileges.

Authentication Bypass Joomla Cms
NVD GitHub
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-34747 HIGH PATCH GHSA This Week

SQL injection in Payload CMS versions prior to 3.79.1 allows authenticated attackers to manipulate database queries and exfiltrate or modify collection data. The vulnerability stems from inadequate input validation on request parameters, enabling low-privilege users to craft malicious SQL queries with low attack complexity over the network. No public exploit identified at time of analysis. EPSS risk data not available, but the CVSS score of 8.5 with scope change (S:C) indicates potential for significant impact beyond the vulnerable component.

SQLi Payload
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-34825 HIGH PATCH GHSA This Week

{{$context.data.fieldName}}) directly into raw SQL statements, enabling attackers to break out of string literals and inject malicious SQL commands. Publicly available exploit code exists demonstrating UNION-based injection to extract database credentials and system information. With default Docker deployments granting superuser database privileges, attackers gain full read/write access to the database including credential extraction, data modification, and table deletion capabilities.

SQLi Docker Debian PostgreSQL
NVD GitHub
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-34545 HIGH PATCH This Week

Heap buffer overflow in OpenEXR 3.4.0 through 3.4.6 allows remote code execution when processing maliciously crafted EXR image files with HTJ2K compression and specific channel width configurations. The vulnerability enables controlled heap overwrites of 2-4 bytes per iteration beyond allocated buffer boundaries, exploitable through user interaction with weaponized .exr files. Attack vector is local (AV:L) requiring user action (UI:A) but no privileges (PR:N), with CVSS 8.4 severity. Vendor-released patch available in version 3.4.7. No public exploit identified at time of analysis, though the precise technical details in the security advisory lower exploitation complexity for capable adversaries.

Buffer Overflow RCE Heap Overflow Openexr
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.1%
CVE-2026-32928 HIGH This Week

Stack-based buffer overflow in Fuji Electric/Hakko Electronics V-SFT versions through 6.2.10.0 enables arbitrary code execution when processing malicious V7 project files. Local attackers can exploit this via social engineering to deliver weaponized files requiring user interaction to open. CVSS 8.4 reflects high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, with EPSS data unavailable for this newly-assigned CVE. Japanese vulnerability coordination (JPCERT/JVN) indicates regional industrial control system exposure.

Buffer Overflow RCE Stack Overflow V Sft
NVD VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-32925 HIGH This Week

Stack-based buffer overflow in Fuji Electric/HAKKO Electronics V-SFT automation software (versions ≤6.2.10.0) allows arbitrary code execution when opening a maliciously crafted V7 project file. An attacker must convince a user to open a weaponized file, requiring no authentication but user interaction. EPSS data not available; no public exploit identified at time of analysis, though the specific function (CV7BaseMap::WriteV7DataToRom) and vulnerability class (stack overflow) provide sufficient technical detail for skilled attackers to develop exploits.

RCE Buffer Overflow Stack Overflow V Sft
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-32929 HIGH This Week

Out-of-bounds read in Fuji Electric V-SFT 6.2.10.0 and earlier allows local attackers to disclose sensitive information and potentially achieve code execution when processing maliciously crafted V7 files. The vulnerability resides in the VS6ComFile!get_macro_mem_COM function and requires user interaction to open a weaponized file. No public exploit identified at time of analysis, though the local attack vector and file format parsing nature make this a realistic social engineering target for industrial control system environments.

Information Disclosure Buffer Overflow V Sft
NVD VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-32927 HIGH This Week

Out-of-bounds read in Fuji Electric V-SFT 6.2.10.0 and earlier allows local attackers to extract sensitive memory contents and potentially achieve code execution by opening a malicious V7 project file. The vulnerability requires user interaction (opening a crafted file) but no authentication, with an EPSS probability requiring assessment. No public exploit identified at time of analysis, though JPCERT coordination suggests industrial targeting potential.

Information Disclosure Buffer Overflow V Sft
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-32926 HIGH This Week

Out-of-bounds read in Fuji Electric V-SFT industrial HMI software (versions ≤6.2.10.0) enables local attackers to disclose sensitive information and potentially achieve code execution when victims open maliciously crafted V7 project files. The vulnerability resides in the VS6ComFile!load_link_inf function during V7 file parsing. CVSS 8.4 reflects high confidentiality and integrity impact with low attack complexity requiring user interaction. No public exploit identified at time of analysis, though JPCERT coordination suggests targeted industrial sector awareness.

Information Disclosure Buffer Overflow V Sft
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-34544 HIGH PATCH GHSA This Week

Out-of-bounds heap write in OpenEXR 3.4.0-3.4.7 allows local attackers to crash applications or corrupt memory when processing malicious B44/B44A compressed EXR files. Attack requires user interaction to open a crafted image file. Patched in version 3.4.8. CVSS 8.4 (High) reflects local attack vector with no privileges required but mandatory user action. No confirmed active exploitation or public POC identified at time of analysis, though proof-of-concept development is feasible given the detailed GitHub advisory and commit.

Buffer Overflow Integer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-30289 HIGH This Week

Tinybeans Private Family Album App v5.9.5-prod contains an arbitrary file overwrite vulnerability in its file import process that enables remote attackers to overwrite critical internal files, resulting in arbitrary code execution or information disclosure. No CVSS score, EPSS data, or KEV status is available for this vulnerability, and no public exploit code has been independently confirmed at the time of analysis.

RCE Information Disclosure Private Family Album
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-30287 HIGH This Week

Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 contains an arbitrary file overwrite vulnerability in its file import process that permits attackers to overwrite critical internal files, resulting in remote code execution or information disclosure. The vulnerability affects a mobile application distributed via Google Play Store. No CVSS score, active exploitation status, or patch information is currently available from vendor sources.

Information Disclosure RCE Ace Scanner
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-30292 HIGH This Week

Arbitrary file overwrite in Docudepot PDF Reader v1.0.34 enables attackers to overwrite critical internal files through the file import process, resulting in arbitrary code execution or information exposure. The vulnerability affects the mobile PDF viewer application across Android platforms. No public exploit code or active exploitation has been confirmed at time of analysis, though the severity of potential impact (RCE) warrants immediate investigation and patching.

RCE Information Disclosure
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-30291 HIGH This Week

Arbitrary file overwrite in Ora Tools PDF Reader & Editor APP v4.3.5 enables attackers to overwrite critical internal files through the file import process, resulting in arbitrary code execution or information exposure. The vulnerability affects the Android application and has been publicly disclosed; however, CVSS scoring, CISA KEV status, and vendor patch availability have not been independently confirmed at time of analysis.

Information Disclosure RCE
NVD GitHub VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-34524 HIGH PATCH GHSA This Week

Path traversal in SillyTavern's chat API allows authenticated attackers to read and delete sensitive configuration files (secrets.json, settings.json) outside the intended chats directory by exploiting insufficient input validation on the avatar_url parameter. The vulnerability (CVSS 8.3) permits traversal using '..' segments due to a regex validator that only blocks '/' and NUL bytes. Publicly available exploit code exists with working proof-of-concept commands provided in the GitHub advisory. EPSS data not available, but the straightforward exploitation path (AV:N/AC:L/PR:L) and availability of working POC code present significant risk for multi-user or internet-facing SillyTavern deployments. Vendor-released patch available in version 1.17.0.

Path Traversal CSRF
NVD GitHub
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-34072 HIGH This Week

Authentication bypass in CronMaster versions prior to 2.2.0 allows adjacent network attackers to gain unauthorized administrative access without credentials. When session validation requests fail, the middleware incorrectly treats invalid session cookies as authenticated, enabling execution of privileged Next.js Server Actions and access to protected administrative pages. EPSS data not available for this recent CVE; no public exploit identified at time of analysis, though exploitation complexity is low once network access is achieved.

Authentication Bypass Cronmaster
NVD GitHub VulDB
CVSS 3.1
8.3
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy