Skip to main content
CVE-2026-30523 MEDIUM POC This Month

SourceCodester Loan Management System v1.0 accepts negative integer values for loan plan duration due to insufficient input validation on the months parameter, allowing attackers to create loan plans with invalid negative durations that may cause unexpected system behavior or financial miscalculations. Publicly available exploit code exists, though real-world impact depends on downstream business logic that consumes these invalid loan plans.

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-30522 MEDIUM POC This Month

SourceCodester Loan Management System v1.0 allows authenticated administrators to submit negative penalty rates for loan overdue payments by bypassing client-side validation through direct HTTP POST manipulation, enabling financial fraud through reversed penalty calculations that benefit borrowers instead of lenders. The vulnerability requires authenticated access but no CVSS score, EPSS probability, or formal patch status is available; however, publicly available exploit code confirms the vulnerability's technical feasibility.

Authentication Bypass Loan Management System
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-30526 MEDIUM POC This Month

Reflected cross-site scripting in SourceCodester Zoo Management System v1.0 login page allows remote attackers to inject arbitrary JavaScript or HTML via the msg parameter without authentication. The vulnerable parameter reflects user input directly to the browser without HTML encoding, enabling credential theft, session hijacking, or malware distribution through crafted URLs. Publicly available proof-of-concept code exists, increasing real-world exploitation risk.

XSS
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-5258 MEDIUM POC This Month

Path traversal in Sanster IOPaint 1.5.3 File Manager allows unauthenticated remote attackers to read, write, or delete arbitrary files via manipulated filename parameters in the _get_file function. EPSS data unavailable, but publicly available exploit code exists. Attack requires no authentication or user interaction (CVSS AV:N/PR:N/UI:N). Vendor did not respond to coordinated disclosure; patch status unknown at time of analysis.

Path Traversal Iopaint
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-5312 MEDIUM POC This Month

Improper access controls in D-Link network-attached storage devices (DNS-120 through DNS-1550-04, firmware versions up to 20260205) allow remote unauthenticated attackers to manipulate disk management functions via the /cgi-bin/dsk_mgr.cgi endpoint, resulting in availability impact. Publicly available exploit code exists and the vulnerability has moderate real-world exploitability (CVSS 5.5, EPSS probability indicated by E:P vector), requiring no authentication or user interaction for remote attack.

D-Link Authentication Bypass
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-5261 MEDIUM POC This Month

Unrestricted file upload in Shandong Hoteam InforCenter PLM versions up to 8.3.8 allows remote unauthenticated attackers to upload arbitrary files via the uploadFileToIIS function in /Base/BaseHandler.ashx, with a CVSS score of 6.9 and publicly available exploit code. The vendor did not respond to early disclosure notification, leaving all affected versions unpatched and at active risk.

File Upload Inforcenter Plm
NVD VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-34973 MEDIUM PATCH GHSA This Month

Information disclosure in phpMyFAQ allows unauthenticated attackers to enumerate custom page content by injecting SQL LIKE wildcards (`%` and `_`) into the search term, bypassing intended search filters. The `searchCustomPages()` method in `Search.php` uses `real_escape_string()` which does not escape LIKE metacharacters, enabling an attacker to craft queries like `_%_` that match all records regardless of intended search scope. This vulnerability has no authentication requirement and affects the publicly accessible search functionality.

PHP Information Disclosure Nosql Injection
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-34999 MEDIUM PATCH This Month

OpenViking versions 0.2.5 through 0.2.13 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality via POST requests to /bot/v1/chat and /bot/v1/chat/stream endpoints, enabling direct interaction with the upstream bot backend without valid credentials. The vulnerability has a moderate CVSS score of 6.9 due to network accessibility and low confidentiality impact, with public fix availability as of version 0.2.14 reducing immediate risk for patched deployments.

Authentication Bypass Openviking
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-0932 MEDIUM PATCH This Month

Blind server-side request forgery in M-Files Server before version 26.3 allows unauthenticated remote attackers to force the server to send HTTP GET requests to arbitrary URLs through legacy connection methods in document co-authoring features. This vulnerability enables attackers to probe internal networks, access internal services, or trigger downstream attacks without requiring authentication, with a CVSS score of 6.9 reflecting moderate real-world impact.

SSRF M Files Server
NVD VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-34510 MEDIUM PATCH This Month

OpenClaw before version 2026.3.22 contains a path traversal vulnerability in Windows media loaders that accepts remote-host file URLs and UNC-style network paths without proper local-path validation, allowing unauthenticated remote attackers to bypass access restrictions and read local files. With a CVSS score of 6.9 and network-based attack vector requiring no user interaction, this vulnerability presents moderate risk to systems processing untrusted media content. No public exploit code or active exploitation has been confirmed at the time of analysis.

Path Traversal Microsoft
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-22815 MEDIUM PATCH GHSA This Month

Memory exhaustion in aiohttp's header and trailer handling allows remote attackers to cause denial of service by sending attacker-controlled HTTP requests or responses with uncapped header/trailer values. The vulnerability affects aiohttp Python library across affected versions, enabling attackers to exhaust application memory without authentication. A mitigation is available via reverse proxy configuration, and upstream patch has been released.

Denial Of Service Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-21630 MEDIUM This Month

SQL injection in Joomla CMS articles webservice endpoint allows remote attackers to execute arbitrary SQL queries through improperly constructed ORDER BY clauses, affecting all versions of Joomla CMS. The vulnerability exists in the com_content component's webservice endpoint and permits unauthenticated query manipulation. No CVSS score or patch version information is available at time of analysis, limiting severity quantification.

SQLi Joomla Cms
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-71280 MEDIUM PATCH This Month

XenForo before version 2.3.7 exposes sensitive user account information through improper browser caching of account pages on shared systems. Local users with access to a shared machine or browser can retrieve cached account data belonging to other users who previously accessed XenForo, enabling unauthorized information disclosure without authentication. No public exploit code or active exploitation has been identified; remediation requires upgrading to XenForo 2.3.7 or later.

Information Disclosure Xenforo
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-34871 MEDIUM PATCH This Month

Mbed TLS 3.x before 3.6.6, 4.x before 4.1.0, and TF-PSA-Crypto before 1.1.0 contain a predictable seed vulnerability in their pseudo-random number generator (PRNG) implementation that compromises the cryptographic strength of generated random values. Attackers with knowledge of the seed initialization mechanism can predict PRNG output, enabling them to forge cryptographic material, decrypt communications, or impersonate legitimate parties. No active exploitation has been confirmed, but the information disclosure nature of this vulnerability affects all applications relying on these libraries for cryptographic operations.

Information Disclosure
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-34515 MEDIUM PATCH GHSA This Month

AIOHTTP static resource handler on Windows exposes NTLMv2 remote path information to unauthenticated remote attackers, allowing information disclosure with high confidentiality impact. Versions prior to 3.13.4 are affected. The vulnerability has been patched and no active exploitation has been confirmed at this time.

Python Information Disclosure Microsoft Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
6.6
EPSS
0.1%
CVE-2026-34516 MEDIUM PATCH GHSA This Month

Memory exhaustion vulnerability in AIOHTTP prior to version 3.13.4 allows unauthenticated remote attackers to trigger denial of service via specially crafted HTTP responses containing excessive multipart headers. The vulnerability exploits insufficient memory limits during multipart header parsing, causing the server or client to consume more memory than intended. CVSS 6.6 (medium-high availability impact) with no public exploit code identified at time of analysis.

Python Denial Of Service Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
6.6
EPSS
0.0%
CVE-2026-20096 MEDIUM This Month

Command injection in Cisco IMC web management interface allows authenticated admin-level attackers to execute arbitrary commands as root through improper input validation. Affects Cisco Enterprise NFV Infrastructure Software, Unified Computing System (standalone), and UCS E-Series platforms. No public exploit code or active exploitation confirmed at time of analysis, but the high-privileged context and root-level impact necessitate swift patching.

Cisco Command Injection
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-20095 MEDIUM This Month

Command injection in Cisco IMC web-based management interface allows authenticated remote attackers with admin-level privileges to execute arbitrary commands as root. The vulnerability stems from improper input validation in the web interface, enabling attackers to inject crafted commands that execute on the underlying operating system with elevated privileges. While the CVSS score is 6.5 (Medium), Cisco assigned a High Security Impact Rating due to the root-level code execution capability and potential for post-compromise lateral movement or system takeover.

Cisco Command Injection
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-2265 MEDIUM This Month

Remote code execution in Replicator npm package version 1.0.5 allows unauthenticated attackers to execute arbitrary code by supplying malicious serialized objects that the library deserializes without validation. Applications using Replicator to process untrusted input are vulnerable to immediate compromise; no public exploit code availability or active exploitation status is confirmed at time of analysis, but the unauthenticated attack vector and ease of object deserialization attacks suggest practical exploitability.

Node.js RCE
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-20097 MEDIUM This Month

Cisco IMC web-based management interface allows authenticated administrators to execute arbitrary code as root through improper input validation in HTTP requests. The vulnerability affects Cisco Unified Computing System (standalone) and requires admin-level credentials and network access; successful exploitation grants attacker root-level code execution on the underlying operating system. No public exploit code or active exploitation has been identified at time of analysis.

Cisco RCE Memory Corruption Buffer Overflow
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-34750 MEDIUM PATCH GHSA This Month

Path traversal in Payload CMS storage adapter client-upload signed-URL endpoints (S3, GCS, Azure, R2) prior to version 3.78.0 allows authenticated attackers to escape intended storage locations via unsanitized filenames, enabling arbitrary file writes to cloud storage buckets. The vulnerability requires user authentication and affects all four cloud storage integrations across the Payload CMS ecosystem.

Path Traversal Microsoft
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-34939 MEDIUM PATCH GHSA This Month

Denial of service in PraisonAI's MCPToolIndex.search_tools() allows authenticated remote attackers to block the Python thread for hundreds of seconds via a crafted regular expression causing catastrophic backtracking. The vulnerable function compiles caller-supplied query strings directly as regex patterns without validation, timeout, or exception handling. A single malicious request can sustain complete service outage, and the MCP server HTTP transport runs without authentication by default, significantly lowering the practical barrier to exploitation despite the CVSS requiring PR:L.

Python Denial Of Service
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-5283 MEDIUM PATCH This Month

Information disclosure in ANGLE (graphics abstraction layer) within Google Chrome prior to version 146.0.7680.178 enables remote attackers to leak cross-origin data through crafted HTML pages. The vulnerability affects all Chrome versions before the patched release and requires only network access and user interaction (visiting a malicious page), posing a moderate real-world risk to users who may inadvertently access attacker-controlled content.

Google Authentication Bypass Debian Red Hat Suse +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34889 MEDIUM PATCH This Month

DOM-based cross-site scripting (XSS) in Ultimate Addons for WPBakery Page Builder versions before 3.21.4 allows authenticated attackers with low privileges to inject malicious scripts that execute in other users' browsers with user interaction. The vulnerability affects WordPress sites using this plugin and could enable session hijacking, credential theft, or malware distribution through page builder interfaces.

XSS
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-5291 MEDIUM PATCH This Month

Information disclosure in Google Chrome's WebGL implementation prior to version 146.0.7680.178 allows remote attackers to extract potentially sensitive data from process memory by serving a crafted HTML page. The vulnerability affects all Chrome versions before the patched release and requires only user interaction (visiting a malicious webpage) to trigger memory disclosure via WebGL rendering.

Google Information Disclosure Debian Red Hat Suse +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-5276 MEDIUM PATCH This Month

Information disclosure in Google Chrome's WebUSB implementation prior to version 146.0.7680.178 allows remote attackers to extract sensitive data from process memory by delivering a crafted HTML page, exploiting insufficient policy enforcement in the WebUSB API. The vulnerability affects all Chrome versions before 146.0.7680.178 across all platforms. No public exploit code or active exploitation has been confirmed at the time of this analysis.

Google Information Disclosure Debian Red Hat Suse +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-4927 MEDIUM This Month

Devolutions Server versions 2026.1.6 through 2026.1.11 expose sensitive one-time password (OTP) keys in the MFA feature, allowing authenticated users with user management privileges to retrieve other users' OTP secrets via API requests. This information disclosure vulnerability enables account takeover by attackers who obtain valid credentials with user management roles, as OTP keys are sufficient to generate valid authentication codes and bypass multi-factor authentication protections.

Information Disclosure Server
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25834 MEDIUM PATCH This Month

Mbed TLS versions 3.3.0 through 3.6.5 and 4.0.0 are vulnerable to algorithm downgrade attacks via signature algorithm injection, allowing attackers to force the use of weaker cryptographic algorithms during TLS handshakes. This information disclosure vulnerability affects all applications using the affected Mbed TLS library versions and could enable attackers to compromise the confidentiality of encrypted communications by downgrading to algorithms with known weaknesses.

Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20042 MEDIUM This Month

Cisco Nexus Dashboard configuration backup feature allows authenticated administrators to extract sensitive authentication credentials from encrypted backup files, enabling subsequent unauthorized access to internal APIs and arbitrary root-level command execution on the underlying operating system. The vulnerability requires possession of both a valid backup file and its encryption password, limiting exploitation to administrators or attackers with backup file access. CVSS 6.5 reflects the high-privilege requirement (PR:H) despite high confidentiality and integrity impact; no public exploit or active exploitation has been identified.

Cisco Information Disclosure Cisco Nexus Dashboard
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-36375 MEDIUM PATCH This Month

IBM DataPower Gateway versions 10.5.0.0-10.5.0.20, 10.6.0.0-10.6.0.8, and 10.6.1.0-10.6.5.0 are vulnerable to cross-site request forgery (CSRF) that allows unauthenticated remote attackers to execute unauthorized actions on behalf of trusted users with user interaction. The vulnerability carries a CVSS score of 6.5 with medium real-world risk due to the requirement for user interaction and the integrity-only impact.

IBM CSRF
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-4668 MEDIUM This Month

SQL injection in Booking for Appointments and Events Calendar - Amelia WordPress plugin (versions up to 2.1.2) allows authenticated Manager-level users to extract sensitive database information via the `sort` parameter in the payments listing endpoint. The vulnerability exists because the sort field is interpolated directly into an ORDER BY clause without sanitization, bypassing PDO prepared statement protections which do not cover column names. GET requests also bypass Amelia's nonce validation, enabling time-based blind SQL injection attacks by authenticated users with Manager access or higher.

WordPress PHP SQLi
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-13535 MEDIUM This Month

King Addons for Elementor plugin versions up to 51.1.38 contain multiple DOM-Based Stored Cross-Site Scripting vulnerabilities affecting authenticated Contributor+ users. The plugin improperly escapes user input in JavaScript inline event handlers and uses unsafe DOM manipulation methods in widget settings, allowing attackers with Contributor-level access to inject arbitrary JavaScript that executes when pages are accessed or previewed in the Elementor editor. A partial patch was released in version 5.1.51, though the version numbering discrepancy suggests incomplete remediation across all vulnerable code paths.

XSS WordPress Elementor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2026-25601 MEDIUM This Month

Hardcoded cryptographic key in Metronik MEPIS RM's Mx.Web.ComponentModel.dll component allows privileged database users to decrypt stored domain passwords and gain unauthorized access to ICS/OT environments. The vulnerability affects all versions of MEPIS RM where password storage is enabled; exploitation requires high-level privileges to access the application database, and no public exploit code has been identified at time of analysis.

Authentication Bypass Mepis Rm
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-34525 MEDIUM PATCH GHSA This Month

AIOHTTP prior to version 3.13.4 allows multiple Host headers in HTTP requests, enabling information disclosure through header injection attacks. An unauthenticated remote attacker can exploit this by crafting malicious requests with duplicate Host headers to potentially bypass security controls or extract sensitive information from affected applications. The vulnerability has been patched in version 3.13.4, and no public exploit code or active exploitation has been identified at the time of analysis.

Python Information Disclosure Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.1%
CVE-2026-21629 MEDIUM This Month

Joomla CMS fails to enforce authenticated user checks on the AJAX component in the administrative area, allowing potential authentication bypass and unauthorized access to sensitive functionality. Third-party developers expecting default access controls may expose administrative features to unauthenticated or unauthorized users. No CVSS score or public exploit code has been identified, but the vulnerability affects all Joomla CMS versions and requires immediate review of custom AJAX implementations that rely on implicit authentication enforcement.

Authentication Bypass Joomla Cms
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-5273 MEDIUM PATCH This Month

Remote code execution in Google Chrome's CSS engine prior to version 146.0.7680.178 allows unauthenticated remote attackers to execute arbitrary code within the Chrome sandbox via a crafted HTML page. The vulnerability stems from a use-after-free memory error in CSS processing, classified as high severity by the Chromium security team. Vendor-released patch available in Chrome 146.0.7680.178 and later.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-66483 MEDIUM PATCH This Month

IBM Aspera Shares versions 1.9.9 through 1.11.0 fail to invalidate user sessions following password reset operations, enabling authenticated users to maintain access to compromised accounts and impersonate other users. The vulnerability requires prior authentication and allows limited confidentiality and integrity impact through account takeover. IBM has released a patch to address this session management defect.

IBM Information Disclosure
NVD
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-2394 MEDIUM PATCH This Month

Buffer over-read vulnerability in RTI Connext Professional Core Libraries allows unauthenticated remote attackers to read beyond allocated buffer boundaries, potentially leaking sensitive data. Affected versions span multiple major release lines: 7.4.0-7.6.x, 7.0.0-7.3.0.x, 6.1.0-6.1.x, 6.0.0-6.0.x, 5.3.0-5.3.x, and 4.3x-5.2.x. The CVSS 6.3 score reflects low confidentiality impact with network-based attack surface; no public exploit has been identified at time of analysis, and this vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.

Buffer Overflow Connext Professional
NVD VulDB
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-34397 MEDIUM PATCH This Month

Local privilege escalation in Himmelblau versions 2.0.0-alpha through 2.3.8 and 3.0.0-alpha through 3.1.0 allows authenticated users to assume privileged group membership when their Azure Entra ID-mapped CN or short name collides with system group names (sudo, wheel, docker, adm, etc.). The NSS module resolves the collision to the attacker's fake primary group, potentially granting group-level privileges if the system uses NSS for authorization decisions. CVSS 6.3 (medium); no public exploit identified at time of analysis.

Microsoft Privilege Escalation Docker Suse
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-3778 MEDIUM This Month

Foxit PDF Editor and PDF Reader are vulnerable to denial of service via uncontrolled recursion in maliciously crafted PDF documents containing cyclic object references in pages and annotations. When such documents are processed by APIs performing deep object traversal (such as SOAP handlers), the applications exhaust stack memory and crash. The vulnerability requires only local access and no user interaction beyond opening a malicious PDF, making it a practical attack vector for local denial of service.

Denial Of Service Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-34729 MEDIUM PATCH GHSA This Month

Stored cross-site scripting (XSS) in phpMyFAQ allows authenticated administrators to inject unquoted or single-quoted event handler attributes that bypass the content sanitization pipeline, resulting in arbitrary JavaScript execution for all FAQ page visitors. The vulnerability exists in the removeAttributes() regex filter (line 174 of Filter.php) which only matches double-quoted HTML attributes, allowing payloads like <img src=x onerror=alert(1)> to persist and execute in the browser when the F

PHP XSS CSRF
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-20085 MEDIUM This Month

Reflected XSS in Cisco IMC web management interface allows unauthenticated remote attackers to execute arbitrary JavaScript in user browsers via crafted links. Affects Cisco Enterprise NFV Infrastructure Software, Cisco Unified Computing System (standalone), and UCS E-Series Software. Exploitation requires user interaction (clicking a malicious link) but could lead to session hijacking, credential theft, or malware delivery to privileged administrators managing critical infrastructure.

Cisco XSS
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-20041 MEDIUM This Month

Server-side request forgery in Cisco Nexus Dashboard and Nexus Dashboard Insights allows unauthenticated remote attackers to conduct SSRF attacks by tricking authenticated users into clicking malicious links, enabling arbitrary network requests from the affected device and potential execution of arbitrary script code or access to sensitive browser data. CVSS 6.1 with no public exploit or active exploitation confirmed at time of analysis.

Cisco SSRF
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-21631 MEDIUM This Month

Cross-site scripting (XSS) in Joomla CMS multilingual associations component allows unauthenticated remote attackers to inject malicious scripts via unescaped output in the comparison view. The vulnerability affects all versions of Joomla CMS and stems from improper output encoding in the com_associations component. No CVSS score is available; however, the CWE-79 classification confirms reflected or stored XSS capability.

XSS Joomla Cms
NVD GitHub
CVSS 4.0
5.9
EPSS
0.0%
CVE-2026-21632 MEDIUM This Month

Joomla CMS fails to properly escape article titles in output, enabling stored cross-site scripting (XSS) attacks across multiple locations. Attackers with article creation or editing privileges can inject malicious scripts into article titles that execute in the browsers of site visitors, potentially compromising user sessions, stealing credentials, or defacing content. The vulnerability affects all Joomla CMS versions and requires administrative action to remediate.

XSS Joomla Cms
NVD
CVSS 4.0
5.9
EPSS
0.0%
CVE-2025-67805 MEDIUM This Month

Unauthenticated access to diagnostic endpoints in Sage DPW 2025_06_004 Database Monitor feature discloses sensitive information including password hashes and database table names when non-default configuration is enabled. The vulnerability affects only installations with this feature explicitly enabled (disabled by default); Sage DPW Cloud is not vulnerable. This configuration was forcibly disabled in version 2025_06_003, indicating a prior history of this issue. EPSS score of 5.9 reflects moderate exploitation probability despite unauthenticated network accessibility.

Authentication Bypass
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-13916 MEDIUM PATCH This Month

IBM Aspera Shares versions 1.9.9 through 1.11.0 implements insufficient cryptographic strength that permits remote attackers without authentication to decrypt sensitive information. The vulnerability stems from use of weaker-than-expected cryptographic algorithms, allowing confidentiality breach of data protected by the application. A vendor patch is available.

Information Disclosure IBM
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-34761 MEDIUM PATCH GHSA This Month

Ella Core panics and crashes when processing malformed NGAP handover failure messages from a gNodeB, causing a denial of service for all connected mobile subscribers. An authenticated attacker with high privileges on the radio network can force a gNodeB to send crafted NGAP handover failure messages that trigger a null pointer dereference in Ella Core's handover handler, terminating the core network process. No public exploit code or active exploitation has been identified.

Denial Of Service Null Pointer Dereference
NVD GitHub
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-5271 MEDIUM PATCH NEWS This Month

pymanager allows local attackers to shadow legitimate Python modules by placing malicious modules in the current working directory, leading to arbitrary code execution when the application imports standard library or third-party modules. The vulnerability affects pymanager due to insecure sys.path manipulation that includes the current working directory with high priority, enabling privilege escalation or information disclosure depending on the affected module and execution context. No public exploit code has been identified, but the local attack vector with low complexity makes this a practical risk in shared or untrusted execution environments.

Information Disclosure Pymanager
NVD GitHub
CVSS 4.0
5.6
EPSS
0.0%
CVE-2026-5311 MEDIUM This Month

Improper access controls in D-Link DNS and DNR series NAS devices allow unauthenticated remote attackers to manipulate the cmd argument in the Webdav_Access_List function via /cgi-bin/file_center.cgi, resulting in information disclosure with CVSS 5.5. Public exploit code is available, placing affected devices at immediate risk of unauthorized data access.

D-Link Information Disclosure
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy