Skip to main content
CVE-2026-33613 HIGH This Week

Remote code execution in MB Connect Line mbCONNECT24 and mymbCONNECT24 allows high-privileged authenticated attackers to achieve full system compromise through command injection in the generateSrpArray function. Exploitation requires the attacker to first write arbitrary data to the user table via another vulnerability, establishing a chained attack scenario. No public exploit identified at time of analysis, though the low attack complexity (AC:L) indicates straightforward exploitation once database write access is obtained.

Command Injection Mbconnect24 Mymbconnect24
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-0686 HIGH This Week

Server-Side Request Forgery (SSRF) in WordPress Webmention plugin versions ≤5.6.2 allows unauthenticated remote attackers to force the web server to make arbitrary HTTP requests to internal or external systems. The vulnerability exists in the MF2::parse_authorpage function called through Receiver::post, enabling attackers to probe internal network services, exfiltrate data from cloud metadata endpoints, or modify internal resources. EPSS data not provided; no CISA KEV status indicating confirmed active exploitation at time of analysis. Public exploit code exists (proof-of-concept references available via Wordfence and WordPress plugin repository).

WordPress SSRF
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-34790 HIGH This Week

Directory traversal in Endian Firewall 3.3.25 and earlier allows authenticated users to delete arbitrary files through the /cgi-bin/backup.cgi remove ARCHIVE parameter. Attackers with low-privileged network access can leverage unsanitized path construction passed to unlink() to achieve high-integrity impact by removing critical system files. EPSS data not available; no public exploit identified at time of analysis, though the technical details disclosed by VulnCheck increase weaponization risk for authenticated threat actors.

Path Traversal Firewall Community
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-40858 HIGH PATCH This Week

A permissions issue was addressed with additional restrictions. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Apple Authentication Bypass
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2026-34124 HIGH PATCH This Week

Denial-of-service vulnerability in TP-Link Tapo C520WS v2.6 camera allows adjacent network attackers to trigger buffer overflow through crafted HTTP requests with excessively long paths that bypass initial length validation during path normalization, resulting in memory corruption and device reboot without requiring authentication. Vendor has released a patch; no public exploit code identified at time of analysis.

TP-Link Buffer Overflow
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-5429 HIGH PATCH This Week

Arbitrary code execution in AWS Kiro IDE versions prior to 0.8.140 occurs when a local user opens a maliciously crafted workspace containing an unsanitized color theme name, exploiting improper neutralization of input during webview generation. The attack requires user interaction (trusting the workspace when prompted) and can deliver full system compromise with high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, though SSVC framework rates technical impact as total with manual (non-automatable) exploitation potential.

XSS RCE Kiro Ide
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-34120 HIGH PATCH This Week

Heap-based buffer overflow in TP-Link Tapo C520WS v2.6 allows local network attackers to cause denial of service by sending crafted payloads during asynchronous video stream processing, triggering memory corruption and process crashes. The vulnerability stems from insufficient buffer boundary validation in streaming input handling. A vendor patch is available.

TP-Link Heap Overflow Buffer Overflow
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-34119 HIGH PATCH This Week

Heap-based buffer overflow in TP-Link Tapo C520WS v2.6 allows unauthenticated network attackers to trigger denial-of-service by sending crafted HTTP payloads that bypass boundary validation during segmented request body parsing. The vulnerability exploits insufficient write-boundary verification in the HTTP parsing loop, causing heap memory corruption that crashes or hangs the device process. Patch is available from the vendor.

TP-Link Heap Overflow Buffer Overflow
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-34118 HIGH PATCH This Week

Heap-based buffer overflow in TP-Link Tapo C520WS v2.6 allows remote attackers on the same network segment to trigger denial-of-service by sending crafted HTTP POST payloads that exceed allocated buffer boundaries. The vulnerability stems from missing validation in HTTP body parsing logic, causing process crashes or unresponsiveness. No CVSS score or vector data is available, limiting precise severity quantification, but the practical attack vector is network-adjacent and does not require authentication.

TP-Link Heap Overflow Buffer Overflow
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-34122 HIGH PATCH This Week

Stack-based buffer overflow in TP-Link Tapo C520WS v2.6 allows remote attackers to trigger denial-of-service by sending oversized configuration parameters to a vulnerable configuration handling component. Successful exploitation causes device crash or reboot, impacting camera availability. Vendor has released a patch.

TP-Link Buffer Overflow Stack Overflow
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-33951 MEDIUM PATCH GHSA This Month

SignalK Server prior to version 2.24.0-beta.1 allows unauthenticated remote attackers to modify navigation data source priorities through an unprotected PUT endpoint (/signalk/v1/api/sourcePriorities), enabling manipulation of which GPS, AIS, and sensor data sources are trusted by the maritime navigation system. The malicious configuration changes are immediately applied and persisted to disk, surviving server restarts and potentially causing the vessel to rely on attacker-controlled or spoofed navigation data. No public exploit code or active exploitation has been confirmed at this time.

Authentication Bypass Signalk Server
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2026-5245 LOW POC PATCH Monitor

Stack-based buffer overflow in Cesanta Mongoose mDNS Record Handler (versions up to 7.20) allows remote attackers to trigger memory corruption via malformed mDNS record data in the handle_mdns_record function. The vulnerability requires high attack complexity and network-level access but results in limited confidentiality, integrity, and availability impact. Publicly available exploit code exists; vendor released patched version 7.21 with immediate availability.

Buffer Overflow Stack Overflow Mongoose
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.1%
CVE-2026-34606 MEDIUM PATCH This Month

Stored cross-site scripting (XSS) in Frappe Learning Management System versions 2.27.0 through 2.47.x allows unauthenticated remote attackers to inject and persist malicious scripts that execute in the browsers of other users. The vulnerability affects content structure functionality and has been patched in version 2.48.0. No public exploit code or active exploitation has been confirmed at time of analysis.

XSS Lms
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-34426 MEDIUM PATCH This Month

OpenClaw prior to commit b57b680 allows authenticated users to bypass the approval system by exploiting inconsistent environment variable normalization between approval validation and execution paths. An attacker with low privileges can inject non-portable environment variable keys that are filtered during operator review but accepted at runtime, potentially enabling execution of attacker-controlled binaries. This vulnerability has a CVSS score of 6.9 (medium-high impact) and requires user interaction but affects the integrity of the approval workflow.

Authentication Bypass Openclaw
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-35383 MEDIUM PATCH This Month

Bentley Systems iTwin Platform exposed a Cesium ion access token in web page source code, allowing unauthenticated attackers to enumerate or delete assets managed through Cesium ion services. The token was present in all versions prior to 2026-03-27 and has since been removed and revoked; no further enumeration or deletion is possible with the exposed token. This is a credential disclosure vulnerability affecting iTwin Platform users who relied on the compromised token for asset management.

Information Disclosure Itwin Platform
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-5413 LOW POC Monitor

Information disclosure in Newgen OmniDocs up to version 12.0.00 allows remote attackers without authentication to extract sensitive data by manipulating the connectionDetails parameter in the /omnidocs/GetWebApiConfiguration endpoint. The vulnerability has a CVSS score of 6.3 with high attack complexity, and publicly available exploit code exists; however, no confirmed active exploitation has been reported. The vendor did not respond to early disclosure notification.

Information Disclosure Omnidocs
NVD VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-33691 MEDIUM PATCH This Month

OWASP Core Rule Set (CRS) versions prior to 3.3.9 and 4.25.0 allow bypass of file upload restrictions through whitespace-padded filenames, enabling upload of dangerous executable file extensions (.php, .phar, .jsp, .jspx) that should be blocked. Remote attackers can exploit this vulnerability to upload malicious files with high confidence due to the simple nature of the bypass technique (inserting spaces before the file extension), potentially leading to remote code execution depending on web application firewall configuration and application behavior.

PHP Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-30603 MEDIUM This Month

Qianniao QN-L23PA0904 firmware v20250721.1640 contains an insecure firmware update mechanism that allows local attackers with SD card access to execute arbitrary code as root by supplying a crafted iu.sh script, enabling complete device compromise including backdoor installation and data exfiltration. No CVSS score is available; exploitation requires physical or logical access to the device's SD card interface. Public research documentation exists detailing the vulnerability.

Information Disclosure N A
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-27774 MEDIUM PATCH This Month

Local privilege escalation in Acronis True Image (Windows) before build 42902 allows authenticated users with low privileges to gain high-integrity access through DLL hijacking. An attacker with local user access can exploit unsafe DLL loading to execute arbitrary code with elevated permissions, requiring user interaction (e.g., triggering a specific application action). No public exploit code or active exploitation has been confirmed at the time of analysis.

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.0
6.7
EPSS
0.0%
CVE-2026-28728 MEDIUM PATCH This Month

Local privilege escalation in Acronis True Image for Windows before build 42902 exploits DLL hijacking to allow authenticated users to escalate privileges. An attacker with local access and valid credentials can manipulate DLL load paths during application execution, requiring user interaction (such as opening a file or launching a feature), to gain elevated system privileges. This vulnerability has a CVSS score of 6.7 and affects all versions prior to the patched build.

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.0
6.7
EPSS
0.0%
CVE-2026-33271 MEDIUM PATCH This Month

Local privilege escalation in Acronis True Image for Windows before build 42902 allows authenticated users with low privileges to escalate to higher privileges through insecure folder permissions. An attacker with local access and user-level privileges can exploit improper permission settings on critical directories to achieve full system compromise, requiring user interaction (file execution or folder navigation). This vulnerability has a CVSS score of 6.7 reflecting high confidentiality, integrity, and availability impact despite the elevated barriers to exploitation.

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.0
6.7
EPSS
0.0%
CVE-2026-34832 MEDIUM PATCH This Month

Scoold versions prior to 1.66.1 allow authenticated low-privilege users to delete any other user's feedback posts via an authorization flaw in the POST /feedback/{id}/delete endpoint. The vulnerability requires login but lacks object ownership verification, enabling lateral privilege escalation where any team member can destroy feedback created by colleagues or administrators. No public exploit code or active exploitation has been identified; the issue was discovered during code review and patched in version 1.66.1.

Authentication Bypass Scoold
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34890 MEDIUM This Month

DOM-based cross-site scripting (XSS) in MSTW League Manager WordPress plugin through version 2.10 allows authenticated attackers to inject malicious scripts that execute in the context of other users' browsers, potentially stealing session tokens, modifying league data, or performing actions on behalf of victims. The vulnerability requires user interaction (UI:R) and affects the plugin across all versions up to 2.10.

XSS Mstw League Manager
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-0688 MEDIUM This Month

Server-Side Request Forgery in Webmention plugin for WordPress (versions up to 5.6.2) allows authenticated attackers with Subscriber-level access to make arbitrary web requests from the affected server via the Tools::read function, enabling reconnaissance and potential modification of internal services. EPSS score of 6.4 reflects moderate real-world exploitability risk given the low privilege requirement and network-accessible attack vector, though exploitation requires valid WordPress authentication.

WordPress SSRF
NVD GitHub
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-29138 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to impersonate other users by claiming their PGP signatures through a specially crafted email address, enabling signature forgery and identity spoofing in encrypted email communications. The vulnerability exploits LDAP injection mechanisms to manipulate signature verification, affecting all versions prior to 15.0.3. No CVSS score is available, and exploitation status remains unconfirmed from provided data.

Information Disclosure LDAP Code Injection
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-29132 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows authenticated attackers with access to a victim's GINA account to bypass secondary password verification and directly access protected emails, circumventing a multi-factor authentication mechanism intended to protect sensitive correspondence.

Authentication Bypass Secure Email Gateway
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-29142 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to forge GINA-encrypted emails, compromising email authenticity and potentially enabling spoofing attacks. The vulnerability affects all versions prior to 15.0.3 and was reported by NCSC.ch. No CVSS score is available, and exploitation status has not been independently confirmed at time of analysis.

Information Disclosure Secure Email Gateway
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2025-43210 MEDIUM PATCH This Month

Out-of-bounds memory access in Apple media processing affects iOS, iPadOS, macOS, tvOS, visionOS, and watchOS, allowing remote attackers to trigger unexpected application termination or memory corruption through maliciously crafted media files. The vulnerability requires user interaction (opening/playing the malicious file) but no authentication. Apple has released patched versions for all affected platforms with CVSS 6.3 (moderate severity) and no public exploitation identified at time of analysis.

Apple Memory Corruption Buffer Overflow
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-5327 LOW POC Monitor

Command injection in efforthye fast-filesystem-mcp up to version 3.5.1 allows authenticated remote attackers to execute arbitrary system commands via the handleGetDiskUsage function in src/index.ts. The vulnerability has a CVSS score of 6.3 (medium) with publicly available exploit code and no vendor patch released despite early notification through issue tracking. Exploitation requires valid authentication credentials but carries low attack complexity.

Command Injection Fast Filesystem Mcp
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.9%
CVE-2026-5354 LOW POC Monitor

Remote authenticated command injection in TrendNet TEW-657BRM 1.00.1 allows manipulation of the policy_name parameter in /setup.cgi vpn_connect function to achieve operating system command execution with limited impact. The affected router has been end-of-life since June 2011 and is no longer supported by the vendor; however, publicly available exploit code exists and the vulnerability demonstrates real command injection capability despite the legacy product status.

Command Injection Tew 657Brm
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.8%
CVE-2026-5353 LOW POC Monitor

OS command injection in Trendnet TEW-657BRM 1.00.1 ping_test function allows authenticated remote attackers to execute arbitrary commands via manipulation of the c4_IPAddr parameter in /setup.cgi. Publicly available exploit code exists. The device has been end-of-life since June 2011 and is no longer supported by the vendor, making patching infeasible for affected users.

Command Injection Tew 657Brm
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.8%
CVE-2026-5352 LOW POC Monitor

Remote code execution via OS command injection in TrendNet TEW-657BRM 1.00.1 allows authenticated attackers to execute arbitrary commands through the pcdb_list parameter in /setup.cgi. The affected device has been end-of-life since June 2011 with no vendor support; publicly available exploit code exists but real-world impact is limited to legacy, unsupported hardware.

Command Injection Tew 657Brm
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.8%
CVE-2026-5351 LOW POC Monitor

OS command injection in TrendNet TEW-657BRM 1.00.1 router allows authenticated remote attackers to execute arbitrary commands via manipulation of the wl_enrolee_pin parameter in the /setup.cgi add_wps_client function. The vendor discontinued this product in June 2011 and provides no support; publicly available exploit code exists but real-world risk is minimal given the product's 14+ year obsolescence and the authentication requirement.

Command Injection Tew 657Brm
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.8%
CVE-2025-43238 MEDIUM PATCH This Month

Integer overflow in macOS kernel allows local applications to trigger unexpected system termination (denial of service) on Sequoia, Sonoma, and Ventura systems. The vulnerability requires local execution (AV:L) with no authentication or user interaction, enabling any installed application to crash the system. Apple has released patches addressing this issue in macOS Sequoia 15.6, Sonoma 14.7.7, and Ventura 13.7.7. No public exploit code or active exploitation has been reported at the time of analysis.

Apple Integer Overflow Buffer Overflow
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-5328 LOW POC PATCH Monitor

SQL injection in shsuishang modulithshop allows authenticated remote attackers to execute arbitrary SQL queries via manipulation of the sidx/sort parameter in the ProductItemDao Interface listItem function, potentially leading to unauthorized data access, modification, or denial of service. The vulnerability affects the rolling-release product across an unspecified version range; publicly available exploit code exists. CVSS 6.3 with exploitation probability noted (E:P), and a patch is available via upstream commit 42bcb9463425d1be906c3b290cf29885eb5a2324.

Java SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5317 LOW POC PATCH Monitor

Out-of-bounds write in Nothings stb library up to version 1.22 allows remote attackers to corrupt memory and potentially execute code by crafting malicious Vorbis audio files that trigger improper bounds checking in the start_decoder function. Publicly available exploit code exists for this vulnerability, which affects all applications statically linking vulnerable stb_vorbis.c code. The vendor has not responded to disclosure attempts, leaving deployed instances without an official patch.

Buffer Overflow Memory Corruption Stb
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5316 LOW POC PATCH Monitor

Resource exhaustion in Nothings stb library versions up to 1.22 allows unauthenticated remote attackers to cause denial of service through the setup_free function in stb_vorbis.c when processing malformed audio data. The vulnerability has publicly available exploit code and a low CVSS score of 4.3 reflecting limited impact, but represents a real availability risk in applications embedding this widely-used header-only graphics and audio library.

Denial Of Service Stb
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-35466 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in CERT/CC cveClient cveInterface.js prior to version 1.0.24 allows injection of arbitrary HTML through untrusted CVE API service input. The vulnerability stems from insufficient input validation, enabling attackers to inject malicious scripts that execute in the context of users viewing CVE data. No CVSS score or exploitation data is available, limiting quantitative risk assessment; however, the attack vector is network-based and requires no authentication.

XSS Cveclient Cveinterface Js
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-30251 MEDIUM This Month

Reflected XSS in Interzen Consulting ZenShare Suite v17.0 login_newpwd.php endpoint allows unauthenticated remote attackers to execute arbitrary JavaScript in users' browsers by injecting malicious code into the codice_azienda parameter via a crafted URL. No public exploit code or active exploitation has been confirmed at the time of this analysis, though the vulnerability is straightforward to demonstrate and likely poses a practical risk to organizations using this product.

XSS PHP
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-30252 MEDIUM This Month

Reflected cross-site scripting (XSS) vulnerabilities in Interzen Consulting ZenShare Suite v17.0 login.php endpoint allow remote unauthenticated attackers to execute arbitrary JavaScript in a user's browser by injecting malicious payloads into the codice_azienda and red_url parameters. Attack requires user interaction (clicking a crafted link) and affects the authentication process; no public exploit code or active exploitation has been confirmed at time of analysis.

XSS PHP
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-5318 LOW POC PATCH Monitor

Out-of-bounds write in LibRaw's JPEG DHT parser (HuffTable::initval function) allows unauthenticated remote attackers to trigger a denial of service via malformed JPEG image files. LibRaw versions up to 0.22.0 are affected; publicly available exploit code exists. CVSS 4.3 (low severity) reflects denial-of-service impact only, with low attack complexity and no authentication required. Vendor-released patch available in version 0.22.1.

Buffer Overflow Memory Corruption Libraw
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-34083 MEDIUM PATCH GHSA This Month

SignalK Server versions prior to 2.24.0 allow unauthenticated attackers to hijack OAuth2 sessions and steal authorization codes by spoofing the HTTP Host header in OIDC login and logout handlers. The vulnerability exploits the default-unset redirectUri configuration, causing the OIDC provider to send authorization codes to an attacker-controlled domain. EPSS score of 6.1 reflects moderate real-world risk despite the requirement for user interaction (UI:R) to initiate login.

Code Injection Signalk Server
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-5319 LOW POC Monitor

Reflected cross-site scripting (XSS) in itsourcecode Payroll Management System up to version 1.0 allows remote attackers to inject malicious scripts via the 'page' parameter in /navbar.php. The vulnerability requires user interaction (UI:R per CVSS vector) but carries a low CVSS score of 4.3 due to limited confidentiality impact. Publicly available exploit code exists, increasing real-world risk despite the moderate base score.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5321 LOW POC Monitor

Cross-Origin Resource Sharing (CORS) misconfiguration in vanna-ai vanna up to version 2.0.2 allows authenticated remote attackers to establish permissive cross-domain policies with untrusted domains, leading to information disclosure. The vulnerability affects the FastAPI/Flask Server component and has publicly available exploit code; however, the vendor has not responded to early disclosure attempts. With a CVSS score of 5.3 and confirmed public exploit availability, this represents a moderate-risk authentication-gated information exposure issue.

Cors Misconfiguration Information Disclosure Python
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5339 LOW POC Monitor

Command injection in Tenda G103 1.0.0.5 setting handler allows high-privilege remote attackers to execute arbitrary commands via manipulation of multiple GPON authentication parameters (authLoid, authLoidPassword, authPassword, authSerialNo, authType, oltType, usVlanId, usVlanPriority) in the gpon.lua component. Publicly available exploit code exists, though the CVSS:3.1/AV:N/AC:L/PR:H vector indicates attacks require high administrative privileges and deliver limited impact (confidentiality, integrity, availability each L). This is a realistic but constrained threat: exploitation requires authenticated admin-level access to a device already on the network.

Tenda Command Injection
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.5%
CVE-2026-5331 LOW POC Monitor

Path traversal in OpenCart 4.1.0.3 Extension Installer Page allows high-privileged remote attackers to manipulate the installer.php file and traverse the filesystem, potentially accessing or modifying sensitive files outside the intended directory. The vulnerability has publicly available exploit code and affects the extension installation mechanism; vendor has not responded to early disclosure attempts, leaving installations unpatched.

Path Traversal PHP
NVD VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2026-5417 LOW POC PATCH Monitor

Server-side request forgery (SSRF) in Dataease SQLBot up to version 1.6.0 allows high-privileged remote attackers to manipulate the 'address' argument in the Elasticsearch Handler component (get_es_data_by_http function), enabling unauthorized HTTP requests to internal or external systems. The vulnerability has publicly available exploit code and vendor-released patch version 1.7.0 addresses the issue.

SSRF Elastic
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-5370 LOW POC PATCH Monitor

Stored cross-site scripting (XSS) in Krayin Laravel-CRM up to version 2.2 allows authenticated users with low privileges to inject malicious scripts via the composeMail function in the Activities/Notes Module, which are then executed when other users view the content. The vulnerability requires user interaction (UI:P) but has confirmed publicly available exploit code and a vendor-released patch (commit 73ed28d466bf14787fdb86a120c656a4af270153), making it a moderate priority for deployments where multiple users interact with notes and mail features.

XSS Laravel Crm
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-5325 LOW POC Monitor

Stored cross-site scripting (XSS) in SourceCodester Simple Customer Relationship Management System 1.0 allows authenticated remote attackers to inject malicious scripts via the Description parameter in the /create-ticket.php Create Ticket component. The vulnerability requires user interaction (UI:R) to trigger payload execution and has limited impact (integrity only, no confidentiality or availability loss), but publicly available exploit code exists and the issue has been publicly disclosed.

XSS PHP
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-5332 LOW POC Monitor

Stored cross-site scripting (XSS) in Xiaopi Panel 1.0.0 via the param argument in /demo.php allows authenticated remote attackers to inject malicious scripts that execute in users' browsers. The vulnerability affects the WAF Firewall component, has publicly available exploit code, and carries a low CVSS score (3.5) due to requirement for user interaction and limited impact scope, though the vendor has not responded to disclosure.

XSS PHP
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy